www.file-upload.com/5ofjywr4l4ll
188.114.96.1200 OK 5.7 kB URL HTTP/1.1 www.file-upload.com/5ofjywr4l4ll
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (842)
Hash e26a86ae102c8e258cc6748fecba36ee
5f9bec006294fa475b6e699b1fbc6f8bd38b8e64
b375890498858cfa39abbaa04845db1f6742cfbea72e66a43c3a8d9c5db327b9
GET /5ofjywr4l4ll HTTP/1.1
Host: www.file-upload.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 16:45:19 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0;includeSubDomains;
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Expires: Wed, 01 Feb 2023 16:45:19 GMT
Set-Cookie: lang=english; domain=.file-upload.com; path=/
aff=509377; domain=.file-upload.com; path=/; expires=Thu, 16-Feb-2023 16:45:19 GMT
X-Cache: HIT from Backend
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qamblX%2BXCU3F1nos5FmIZeRk61k3U9vsV76bfno6lhB%2F2hn3f8KLTziyQJm0wQVOZ9GhtnlTJn7MoXqmtdo%2FvcZwbayWWFOL1XIlqR7v54Pcc261hKAg1GsWWYDAt78DoM7F1a3C"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 793465827a56b4f9-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7e05c8461bd2dc5a149f71e2c465ea29
705983959c887e243cb55a8a1796757b579ee977
4d9ea085d5dda9dabed11af9847c2b0aa6182358673b356a4e2bd631e22a9922
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D9EA085D5DDA9DABED11AF9847C2B0AA6182358673B356A4E2BD631E22A9922"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3928
Expires: Thu, 02 Feb 2023 17:50:47 GMT
Date: Thu, 02 Feb 2023 16:45:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 62de35a6c8e4efd7633fc5236b5b086f
6a92912a86dfcd0330d040cef06bef36889c76ab
ebb8ca05df5ba73b92174105d54d192a8d9e3e10fba48bf96161b0cb759220ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBB8CA05DF5BA73B92174105D54D192A8D9E3E10FBA48BF96161B0CB759220EC"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9257
Expires: Thu, 02 Feb 2023 19:19:36 GMT
Date: Thu, 02 Feb 2023 16:45:19 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 02 Feb 2023 16:36:06 GMT
content-type: application/json
age: 553
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9a76feabb767086ae0fa54e0ffbf763f
3655d78994a1e9838340669462728b67c8c12e54
bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2794
Expires: Thu, 02 Feb 2023 17:31:53 GMT
Date: Thu, 02 Feb 2023 16:45:19 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Xl0wN8PtkesLqUqiD27hxQihl+AZ8YgnHZ46aOhjpdx2zuhWjGMewmnF9HnyQKjGNrcBs3Zxjp4=
x-amz-request-id: KT57VGRN8B8R8ADR
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 02 Feb 2023 16:23:10 GMT
age: 1329
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:45:19 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.file-upload.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
188.114.96.1200 OK 3.9 kB URL HTTP/1.1 www.file-upload.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP 188.114.96.1:0
File type ASCII text, with very long lines (12331)
Hash 54c87b7a9007d256c837e382cab4170d
6c8f44204021f68596af9ae5a742c3ad1b76a6ec
3a09f98b09786cd8fbe71cc17d07660e767fc1c8d2ea467f912bc328766a54a1
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: www.file-upload.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.file-upload.com/5ofjywr4l4ll
Cookie: lang=english; aff=509377
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 16:45:19 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 30 Jan 2023 14:59:41 GMT
ETag: W/"63d7db5d-302c"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kny08vL7hSw0%2BMEIL5Gj5iwbKrE4SV9CMWh3fmQD%2BqaL9t%2FEX5WB6y6UHUWqmj5uNcAaPw74d6pAjZa1bEtaN2rXz7hGwoBYa%2BGIZhaJjdTxG1cJog2exD18on%2FhlLf3DxLWN2SL"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793465853dcfb4f9-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Sat, 04 Feb 2023 16:45:19 GMT
Cache-Control: max-age=172800, public
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 9149ab6c1785e726beba057d3145037f
ae1c8f7ff79cd69563e5edc8bd4bc43e4b157361
b1051706016bdd32c3c72a89d2df0e514c0654905bd1336b3d041092720c2761
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2
Cache-Control: max-age=126556
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:45:19 GMT
Etag: "63db33f9-118"
Expires: Sat, 04 Feb 2023 03:54:35 GMT
Last-Modified: Thu, 02 Feb 2023 03:54:33 GMT
Server: ECS (amb/6BB9)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 9149ab6c1785e726beba057d3145037f
ae1c8f7ff79cd69563e5edc8bd4bc43e4b157361
b1051706016bdd32c3c72a89d2df0e514c0654905bd1336b3d041092720c2761
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5224
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:45:19 GMT
Last-Modified: Thu, 02 Feb 2023 15:18:15 GMT
Server: ECS (amb/6B7B)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 9149ab6c1785e726beba057d3145037f
ae1c8f7ff79cd69563e5edc8bd4bc43e4b157361
b1051706016bdd32c3c72a89d2df0e514c0654905bd1336b3d041092720c2761
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2685
Cache-Control: max-age=129239
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:45:19 GMT
Etag: "63db33f9-118"
Expires: Sat, 04 Feb 2023 04:39:18 GMT
Last-Modified: Thu, 02 Feb 2023 03:54:33 GMT
Server: ECS (amb/6B9A)
X-Cache: HIT
Content-Length: 280
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash acf892e6b3e5c698864b9bff72c5df1d
0da5d835a391a7ddd10ef47f3e18783893d6f425
f4ff80c8023349ad36bc69fbd5ea7eebce348485be891f80c740e6194081d388
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F4FF80C8023349AD36BC69FBD5EA7EEBCE348485BE891F80C740E6194081D388"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6465
Expires: Thu, 02 Feb 2023 18:33:04 GMT
Date: Thu, 02 Feb 2023 16:45:19 GMT
Connection: keep-alive
www.file-upload.com/mngez/images/anti2.png
188.114.96.1200 OK 641 B URL HTTP/2 www.file-upload.com/mngez/images/anti2.png
IP 188.114.96.1:0
File type PNG image data, 100 x 89, 8-bit/color RGBA, non-interlaced\012- data
Hash 722859ca75e68c14f4d803e76f846b92
0a00fa9439d602f40e3acd72dfb08b2f89c3fa2f
fe894077580a26a7bb0005cc423f8c9b22041593ec03bce3e9061dca7d7b5f1f
GET /mngez/images/anti2.png HTTP/1.1
Host: www.file-upload.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:45:19 GMT
content-type: image/png
content-length: 641
cache-control: max-age=315360000
cf-bgj: csam-hash
etag: "5c26aa0b-281"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 28 Dec 2018 22:56:11 GMT
cf-cache-status: HIT
age: 55109011
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BVrVUBB0K9U54LEYRuBmrKMBOq6F%2F%2F6bn9SE5bSMJ%2FLht7RUQt9zPYkWsCgq14KoUhUeqXkcx1r4vpIN4v3Q9H%2F9jC4Rhd24i9cpzVDswYRY0NkTCJjLZiK%2Bxwc578jxYKiG4VvC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79346585dc22b4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.file-upload.com/assets/images/logo_new.png
188.114.96.1200 OK 3.5 kB URL HTTP/2 www.file-upload.com/assets/images/logo_new.png
IP 188.114.96.1:0
File type PNG image data, 388 x 100, 8-bit colormap, non-interlaced\012- data
Hash 450527cc96d43309cdf6590353461d2d
9ed211afd953ec34313a5d5ebe0c85cc96cd4993
4517f5df1e59f911470a3cb0e66588bef8d10ab10fdeb9548ac1f2010cfb187a
GET /assets/images/logo_new.png HTTP/1.1
Host: www.file-upload.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:45:19 GMT
content-type: image/png
vary: Accept-Encoding
last-modified: Fri, 09 Nov 2018 12:00:31 GMT
etag: W/"c8f-57a3a191435c0"
cache-control: public, max-age=31536000
expires: Mon, 13 Jun 2022 22:20:06 GMT
x-cache: HIT from Backend
cf-cache-status: HIT
age: 20802313
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TtXwlQTRmYBoMLkuegstqAfuSdPn0YBTyMhoecBhD17HlVeUbI2U6Uht7%2BUBvT7w%2B4OJPQvpMqJC0Hs2JQZNPAa4swqno59IzFi2tDhz3kljwMMzvWY0uFoqy0GoXDB1A2ANf8ia"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79346585bc06b4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
babup.com/page.js
51.15.15.22301 Moved Permanently 237 B IP 51.15.15.22:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 3c38132a11f8bae735ac184c8c7e8a76
e4713e27c3e6821809559c87e75794e25e0c9e28
e2bf44c13b9b4f7d9482501f4b184b954f021aaaeb8e4439bde8b12069bc0fe2
GET /page.js HTTP/1.1
Host: babup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Thu, 02 Feb 2023 16:45:19 GMT
Server: Apache/2.4.54 (Unix) OpenSSL/1.0.2o-fips
Location: https://www.babup.com/page.js
Content-Length: 237
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
galanasorra.com/r7GAfpgOogQq3/61001
23.109.87.53200 OK 25 B URL HTTP/1.1 galanasorra.com/r7GAfpgOogQq3/61001
IP 23.109.87.53:0
File type ASCII text, with no line terminators
Hash 2339750dbbbcbd8fe83612a65b72e03d
672074d493c051cffcc96bce7d15f77ec6ef1889
1fa220e7725025343d910d83e9f0e663b82419a3422e5465dc73c092b0853ccd
GET /r7GAfpgOogQq3/61001 HTTP/1.1
Host: galanasorra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.file-upload.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 16:45:19 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://www.file-upload.com
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Fri, 03-Feb-2023 16:45:19 GMT; Max-Age=86400; path=/
GL_GI10=eJw9i7sOgkAURAENEQXMJH6APyA%2BgoWtWhoojPUG8Wo2wl7Crg%2F8elETq5mcOWNZljMK4cgK%2FmoerWZRvIjmyxidCzGcJIWf802ZuhEqKwluwvUja%2BDWdJGsAgx%2BReR8IvSTdHJQV8UP9R8%2BtwDdXJomgPeJrxv20JG6Qrgu5HO85%2BJmWlvDU2SErohO8DbZsaDpdr9D%2BKffs2ujJ7Woan42bR8aWdKLFQk%2BnzWZFtl313kDsc5BIg%3D%3D; expires=Fri, 03-Feb-2023 16:45:19 GMT; Max-Age=86400; path=/
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
d26adrx9c3n0mq.cloudfront.net/?xrdad=888399
54.230.245.45200 OK 52 kB URL HTTP/1.1 d26adrx9c3n0mq.cloudfront.net/?xrdad=888399
IP 54.230.245.45:0
File type Unicode text, UTF-8 text, with very long lines (15955)
Hash 92ded67c2b9d7535de8b76815917f206
ef9ba7b241d01b6f6fdd06b87a0dd72731205f48
90e1f51d74660a144ef5213588caebaf241aeb137a44795cf35fc26622469adf
GET /?xrdad=888399 HTTP/1.1
Host: d26adrx9c3n0mq.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.file-upload.com/
HTTP/1.1 200 OK
Content-Length: 51516
Connection: keep-alive
Date: Thu, 02 Feb 2023 16:45:19 GMT
access-control-allow-origin: *
Cache-Control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Content-Encoding: gzip
Pragma: no-cache
X-Cache: Miss from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: cEOHdZxuIpN97L6o97B2y59M0P7WeGXHOpx7FmM2lCOo1xsRN__c0Q==
images.dmca.com/Badges/_dmca_premi_badge_4.png?ID=ff6622a1-89c3-492e-8fab-02994910b766
151.139.128.10200 OK 4.5 kB URL HTTP/1.1 images.dmca.com/Badges/_dmca_premi_badge_4.png?ID=ff6622a1-89c3-492e-8fab-02994910b766
IP 151.139.128.10:0
File type PNG image data, 135 x 28, 8-bit/color RGBA, non-interlaced\012- data
Hash b0e239fa4ddfbcdf08cbcb34a13b2a0f
957fdb58c09d85e41cc6a6ea134a9365adee4ec9
0186abebc0f1ba6689a8f534f796843fb1f96c07402cebeb9f171a1eaba89994
GET /Badges/_dmca_premi_badge_4.png?ID=ff6622a1-89c3-492e-8fab-02994910b766 HTTP/1.1
Host: images.dmca.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.file-upload.com/
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 16:45:19 GMT
Content-Type: image/png
Last-Modified: Thu, 02 Jun 2011 03:26:26 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/10.0
Cache-Control: public,max-age=31536000
ETag: "0abbdbd420cc1:0"
X-Powered-By: ASP.NET
X-HW: 1675356319.cds205.sk1.h2,1675356319.cds246.sk1.c
Link: <http://www.dmca.com/Badges/_dmca_premi_badge_4.png>; rel="canonical"
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 4535
www.babup.com/page.js
51.15.15.22200 OK 12 kB IP 51.15.15.22:0
File type ASCII text, with very long lines (22552)
Hash 6960e7e17e53491d27538e8b2e60439f
4b3d03009dc69d1898651f50da5418f4536fbdaa
53181be5ae9b6317f9d1801fa181492be68dbfed57ad174695b25a5e79d55162
GET /page.js HTTP/1.1
Host: www.babup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.file-upload.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 16:45:19 GMT
Server: Apache/2.4.54 (Unix) OpenSSL/1.0.2o-fips
Last-Modified: Tue, 10 Jan 2023 19:06:58 GMT
ETag: "59c0-5f1ed967f5080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 11769
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
d26adrx9c3n0mq.cloudfront.net/?xrdad=888398
54.230.245.45200 OK 163 kB URL HTTP/1.1 d26adrx9c3n0mq.cloudfront.net/?xrdad=888398
IP 54.230.245.45:0
File type Unicode text, UTF-8 text, with very long lines (15948)
Size 163 kB (163379 bytes)
Hash f60caa83f245e4b385fc31f6e11d8a9c
339f6e0b06607f15f9e45e5aeafbee3fee34554f
0ea9ff51982bdc388a16b0bfa0e3f9fd9ee9edebdba49c23316e63d0ad57c300
GET /?xrdad=888398 HTTP/1.1
Host: d26adrx9c3n0mq.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.file-upload.com/
HTTP/1.1 200 OK
Content-Length: 163379
Connection: keep-alive
Date: Thu, 02 Feb 2023 16:45:19 GMT
access-control-allow-origin: *
Cache-Control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Content-Encoding: gzip
Pragma: no-cache
X-Cache: Miss from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: XVLu-dPQ_C4ypazcnFC5tzGf6LPM0XsEVH8PPiJiGpeuu-hE9GZkgw==
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 68a3606a3e151f5316fd8df4c1ce29ae
9eaacb0da3b1ba0797a6507249a63848ef153966
2b499079f996fc4d73001bf1bad09005310385205dedd4aec3f4cffc74a838e9
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "2B499079F996FC4D73001BF1BAD09005310385205DEDD4AEC3F4CFFC74A838E9"
Last-Modified: Wed, 01 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13516
Expires: Thu, 02 Feb 2023 20:30:36 GMT
Date: Thu, 02 Feb 2023 16:45:20 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 68a3606a3e151f5316fd8df4c1ce29ae
9eaacb0da3b1ba0797a6507249a63848ef153966
2b499079f996fc4d73001bf1bad09005310385205dedd4aec3f4cffc74a838e9
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "2B499079F996FC4D73001BF1BAD09005310385205DEDD4AEC3F4CFFC74A838E9"
Last-Modified: Wed, 01 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13516
Expires: Thu, 02 Feb 2023 20:30:36 GMT
Date: Thu, 02 Feb 2023 16:45:20 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 02 Feb 2023 16:07:19 GMT
age: 2281
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 68a3606a3e151f5316fd8df4c1ce29ae
9eaacb0da3b1ba0797a6507249a63848ef153966
2b499079f996fc4d73001bf1bad09005310385205dedd4aec3f4cffc74a838e9
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "2B499079F996FC4D73001BF1BAD09005310385205DEDD4AEC3F4CFFC74A838E9"
Last-Modified: Wed, 01 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13516
Expires: Thu, 02 Feb 2023 20:30:36 GMT
Date: Thu, 02 Feb 2023 16:45:20 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 68a3606a3e151f5316fd8df4c1ce29ae
9eaacb0da3b1ba0797a6507249a63848ef153966
2b499079f996fc4d73001bf1bad09005310385205dedd4aec3f4cffc74a838e9
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "2B499079F996FC4D73001BF1BAD09005310385205DEDD4AEC3F4CFFC74A838E9"
Last-Modified: Wed, 01 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13516
Expires: Thu, 02 Feb 2023 20:30:36 GMT
Date: Thu, 02 Feb 2023 16:45:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13590
Expires: Thu, 02 Feb 2023 20:31:50 GMT
Date: Thu, 02 Feb 2023 16:45:20 GMT
Connection: keep-alive
racterdeet.com/aEhFRTUJKiYoCgl1J2NAGiR4YAcubXcDUVp+JCFHEHEmdltYJTRrVgQnMCFTGicrMRsGLTFgBy4sIRNvJAcAAGInGxMgUw8NYHdzJD8TcWdaGnABbSIcFQFdMAQyE0cpEHQycSl8HxJNOSUndwQlBz0DRw0wcTFzLC82B2ILGQoGUi4rAwgGJHk1fWQwCWB3czsLcSBUESwJC2cPJAp0XhAOBhdBPBsHDHoRGgYOdwN+Di0EEgV3C1krDxcNbwUGFQ53GzEPAA0RHQIXAj4iExRvIDsPJmMcJSciRiwdAhcCPDEiJ2wgcCEmXwwyIBRSXRl3D0ArPwsUbyBlMQ57WQopBlIEMBQNXV8NEhd9MiE9IXwAfHAnUgcAF3dvXgsNA3AyJiohVlgdMgxeByMAP14SAB0ITzJ7NgtXWB4yFVI+P2MvRgcmNXh/LXk8HWcLHRZ8
54.192.99.24200 OK 1.2 kB URL HTTP/1.1 racterdeet.com/aEhFRTUJKiYoCgl1J2NAGiR4YAcubXcDUVp+JCFHEHEmdltYJTRrVgQnMCFTGicrMRsGLTFgBy4sIRNvJAcAAGInGxMgUw8NYHdzJD8TcWdaGnABbSIcFQFdMAQyE0cpEHQycSl8HxJNOSUndwQlBz0DRw0wcTFzLC82B2ILGQoGUi4rAwgGJHk1fWQwCWB3czsLcSBUESwJC2cPJAp0XhAOBhdBPBsHDHoRGgYOdwN+Di0EEgV3C1krDxcNbwUGFQ53GzEPAA0RHQIXAj4iExRvIDsPJmMcJSciRiwdAhcCPDEiJ2wgcCEmXwwyIBRSXRl3D0ArPwsUbyBlMQ57WQopBlIEMBQNXV8NEhd9MiE9IXwAfHAnUgcAF3dvXgsNA3AyJiohVlgdMgxeByMAP14SAB0ITzJ7NgtXWB4yFVI+P2MvRgcmNXh/LXk8HWcLHRZ8
IP 54.192.99.24:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3037), with no line terminators
Hash 323060d569c14a25c756e3e657ecb882
2f14c714c12c909f341a3b6568df955b3c60a280
5d9904e3228e85f1f80bb526fdab5a8bf7d3eb3c9c9bc7a50f563695c36f93cd
GET /aEhFRTUJKiYoCgl1J2NAGiR4YAcubXcDUVp+JCFHEHEmdltYJTRrVgQnMCFTGicrMRsGLTFgBy4sIRNvJAcAAGInGxMgUw8NYHdzJD8TcWdaGnABbSIcFQFdMAQyE0cpEHQycSl8HxJNOSUndwQlBz0DRw0wcTFzLC82B2ILGQoGUi4rAwgGJHk1fWQwCWB3czsLcSBUESwJC2cPJAp0XhAOBhdBPBsHDHoRGgYOdwN+Di0EEgV3C1krDxcNbwUGFQ53GzEPAA0RHQIXAj4iExRvIDsPJmMcJSciRiwdAhcCPDEiJ2wgcCEmXwwyIBRSXRl3D0ArPwsUbyBlMQ57WQopBlIEMBQNXV8NEhd9MiE9IXwAfHAnUgcAF3dvXgsNA3AyJiohVlgdMgxeByMAP14SAB0ITzJ7NgtXWB4yFVI+P2MvRgcmNXh/LXk8HWcLHRZ8 HTTP/1.1
Host: racterdeet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.file-upload.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 1189
Connection: keep-alive
Date: Thu, 02 Feb 2023 16:45:20 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
Accept-CH: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
X-Cache: Miss from cloudfront
Via: 1.1 b475a5f7d95ff68ca0dc588e3c9a3230.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN1-C1
X-Amz-Cf-Id: G8F40KmZ1vN2kMJgDveJvPZJGkq8X3uMDCecrOlZUprMkyVp8nKJKA==
racterdeet.com/aVM1bVIIMVYAbQhuV0snGz8ISGAvdgcrNltlVAkgEWpWXjxZPkRDMQU8QAk0GzxbGXwHNkFIYC8VeihnJAZgATAgAHxeNgIkWyYVESt0JQhMYXMMGiw2fylqTGF3J2IBKXoHIQwCdgo4IRd7XRYtJBBfEAtjQl0ZLisAJTsgJ2UUZi8ydgZ3WxV+CgRMYXMMOCgnYgMcXTdPXBsgAFEeGDwgAyQBIGZiOWYdGgdUHCVgcFUYAhpbJBZZPH01JSIJcg4bCGAABQs8a1skODw+YRdjGQoGAQUmPlkHNzg/EF8QMD5zHhEeK0U0YQUDfxQYBzVnXGstPWdaES0JAzcFHh9xKn8FOVA4PV0yYiQbKgsAWDRaOGcMYVw7eQFiHRlPWCEqNF1IYCsKbQobDz0EBTcrYg0LFgo0ZgQhGANfKDYPEkUKNzhiUgsaCmt3NWpPOUYCPBluQwcFETVaICglEUUC
54.192.99.24200 OK 1.2 kB URL HTTP/1.1 racterdeet.com/aVM1bVIIMVYAbQhuV0snGz8ISGAvdgcrNltlVAkgEWpWXjxZPkRDMQU8QAk0GzxbGXwHNkFIYC8VeihnJAZgATAgAHxeNgIkWyYVESt0JQhMYXMMGiw2fylqTGF3J2IBKXoHIQwCdgo4IRd7XRYtJBBfEAtjQl0ZLisAJTsgJ2UUZi8ydgZ3WxV+CgRMYXMMOCgnYgMcXTdPXBsgAFEeGDwgAyQBIGZiOWYdGgdUHCVgcFUYAhpbJBZZPH01JSIJcg4bCGAABQs8a1skODw+YRdjGQoGAQUmPlkHNzg/EF8QMD5zHhEeK0U0YQUDfxQYBzVnXGstPWdaES0JAzcFHh9xKn8FOVA4PV0yYiQbKgsAWDRaOGcMYVw7eQFiHRlPWCEqNF1IYCsKbQobDz0EBTcrYg0LFgo0ZgQhGANfKDYPEkUKNzhiUgsaCmt3NWpPOUYCPBluQwcFETVaICglEUUC
IP 54.192.99.24:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3042), with no line terminators
Hash 327c59833b9fd30d41bf848c5381b4ee
485d663014dc1c4d3a5050dd1f9ee32d91542237
eda4294db211487d423bdb246e756cb7129d9a7d1275bf0db3f1d0caef8c7388
GET /aVM1bVIIMVYAbQhuV0snGz8ISGAvdgcrNltlVAkgEWpWXjxZPkRDMQU8QAk0GzxbGXwHNkFIYC8VeihnJAZgATAgAHxeNgIkWyYVESt0JQhMYXMMGiw2fylqTGF3J2IBKXoHIQwCdgo4IRd7XRYtJBBfEAtjQl0ZLisAJTsgJ2UUZi8ydgZ3WxV+CgRMYXMMOCgnYgMcXTdPXBsgAFEeGDwgAyQBIGZiOWYdGgdUHCVgcFUYAhpbJBZZPH01JSIJcg4bCGAABQs8a1skODw+YRdjGQoGAQUmPlkHNzg/EF8QMD5zHhEeK0U0YQUDfxQYBzVnXGstPWdaES0JAzcFHh9xKn8FOVA4PV0yYiQbKgsAWDRaOGcMYVw7eQFiHRlPWCEqNF1IYCsKbQobDz0EBTcrYg0LFgo0ZgQhGANfKDYPEkUKNzhiUgsaCmt3NWpPOUYCPBluQwcFETVaICglEUUC HTTP/1.1
Host: racterdeet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.file-upload.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 1189
Connection: keep-alive
Date: Thu, 02 Feb 2023 16:45:20 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
Accept-CH: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
X-Cache: Miss from cloudfront
Via: 1.1 feed293e4f35224252786d4d48fa601e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN1-C1
X-Amz-Cf-Id: Akov5gZC3nbf-49XrZ9B61i8NvZQ5FV-fXM2PktMuxCc73tVmR1o-A==
racterdeet.com/aVRpVGgINgo5VwhpC3IdGzhUcVovcVsSDFtiCDAaEW0KZwZZORh6CwU7HDAOGzsHIEYHMR1xWi8OOy4iIQFbPwMxBwJlPgMaCx1aXAYPIxweDj9tAD4QOGwqEzc5HykgJQ05PTkOLSwSDAMsOi0QGTkwWzwSIzgfDjYCbAExFzshPy4SPR0SLwEKLDkTHR4NGy0tGjMgOiQrGhIgDiM/KgEeDjxeMS0OJCkqIAweBjM2KAUMGQ1ZLFkoOVE/KSo4Ph8rODUwMypaBDtlASgcDT0/Pj8qDQUoJjAzKloeKBUYKxwnZj8OATEwPyQGCgUyAA0qIAEoHEQ3ACFmIBYqBB4zNwARZww/EFgVABVaKj0RMDEEER8wOSNmMGUEWxUHDlo+Zw0BJAARJB0+WXFbEgwFJysVWw05O2cLPBkEYTFPPho7BhlpBgUrWAMhYz1dHw
54.192.99.24200 OK 1.2 kB URL HTTP/1.1 racterdeet.com/aVRpVGgINgo5VwhpC3IdGzhUcVovcVsSDFtiCDAaEW0KZwZZORh6CwU7HDAOGzsHIEYHMR1xWi8OOy4iIQFbPwMxBwJlPgMaCx1aXAYPIxweDj9tAD4QOGwqEzc5HykgJQ05PTkOLSwSDAMsOi0QGTkwWzwSIzgfDjYCbAExFzshPy4SPR0SLwEKLDkTHR4NGy0tGjMgOiQrGhIgDiM/KgEeDjxeMS0OJCkqIAweBjM2KAUMGQ1ZLFkoOVE/KSo4Ph8rODUwMypaBDtlASgcDT0/Pj8qDQUoJjAzKloeKBUYKxwnZj8OATEwPyQGCgUyAA0qIAEoHEQ3ACFmIBYqBB4zNwARZww/EFgVABVaKj0RMDEEER8wOSNmMGUEWxUHDlo+Zw0BJAARJB0+WXFbEgwFJysVWw05O2cLPBkEYTFPPho7BhlpBgUrWAMhYz1dHw
IP 54.192.99.24:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3037), with no line terminators
Hash a0af81e6d8d03cb4b9acbe73ad547b25
2f2909af46c6127a799dbf6cf59e9b3698a3d330
25bd2ae4a24a05d30ab97ea6c8c6a8c939be13a04e3a6d3a5e962071724e334b
GET /aVRpVGgINgo5VwhpC3IdGzhUcVovcVsSDFtiCDAaEW0KZwZZORh6CwU7HDAOGzsHIEYHMR1xWi8OOy4iIQFbPwMxBwJlPgMaCx1aXAYPIxweDj9tAD4QOGwqEzc5HykgJQ05PTkOLSwSDAMsOi0QGTkwWzwSIzgfDjYCbAExFzshPy4SPR0SLwEKLDkTHR4NGy0tGjMgOiQrGhIgDiM/KgEeDjxeMS0OJCkqIAweBjM2KAUMGQ1ZLFkoOVE/KSo4Ph8rODUwMypaBDtlASgcDT0/Pj8qDQUoJjAzKloeKBUYKxwnZj8OATEwPyQGCgUyAA0qIAEoHEQ3ACFmIBYqBB4zNwARZww/EFgVABVaKj0RMDEEER8wOSNmMGUEWxUHDlo+Zw0BJAARJB0+WXFbEgwFJysVWw05O2cLPBkEYTFPPho7BhlpBgUrWAMhYz1dHw HTTP/1.1
Host: racterdeet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.file-upload.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 1187
Connection: keep-alive
Date: Thu, 02 Feb 2023 16:45:20 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
Accept-CH: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
X-Cache: Miss from cloudfront
Via: 1.1 350f2b5d7e6ee985da330b123098fd88.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN1-C1
X-Amz-Cf-Id: aMUE-XNkJUjGB7uWYgl47F-r57_wiKKt8bbV2OBeAbgeQ-0bOG9a4A==
racterdeet.com/RVNyU1MkMRE+bCRuEHUmNz9PdmEDdkAVN3dlEzchPWoRYD11PgN9MCk8Bzc1NzwcJ30rNgZ2YQNiET8RMwZCHgEVJDdiNQQKRxBhcGQhYQkgMhwnBgo7BWsfFBkGEDkqJDg0HggSMWs/BDQdFBY9ZxoZPRBgMRcBFgpABjYIAjdjNSkCQxIHB3ZAEQJ2Cj0dKgMDKBY4KBoZa2oEEBkiGy8kPTc9AGMoBhUvCRkRNBcqIyIbAQIzGRcHCys/a3wdQzc6HWE4KQsCETkKEgMLKz9rLhgaKz4SYCgkHg0FFgopMRYoFiMiEiQ3Oh0qN2IFdx4HCj0LGxQ/fnxlKDgRIhA2CjQCB0sYChQFMwoVcDkRYx0iCxwJKxQ5KxQaFgonAyshYREHAS0LQAknFD0rMjErGlQ5ICo9Am42LCAmADAWPyUBNhADHiIa
54.192.99.24200 OK 1.2 kB URL HTTP/1.1 racterdeet.com/RVNyU1MkMRE+bCRuEHUmNz9PdmEDdkAVN3dlEzchPWoRYD11PgN9MCk8Bzc1NzwcJ30rNgZ2YQNiET8RMwZCHgEVJDdiNQQKRxBhcGQhYQkgMhwnBgo7BWsfFBkGEDkqJDg0HggSMWs/BDQdFBY9ZxoZPRBgMRcBFgpABjYIAjdjNSkCQxIHB3ZAEQJ2Cj0dKgMDKBY4KBoZa2oEEBkiGy8kPTc9AGMoBhUvCRkRNBcqIyIbAQIzGRcHCys/a3wdQzc6HWE4KQsCETkKEgMLKz9rLhgaKz4SYCgkHg0FFgopMRYoFiMiEiQ3Oh0qN2IFdx4HCj0LGxQ/fnxlKDgRIhA2CjQCB0sYChQFMwoVcDkRYx0iCxwJKxQ5KxQaFgonAyshYREHAS0LQAknFD0rMjErGlQ5ICo9Am42LCAmADAWPyUBNhADHiIa
IP 54.192.99.24:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3030), with no line terminators
Hash 8fae6a9aa36927f740dfde2006c6a057
945960ba3e05824486da984faed3ee94e79e7979
028a68fcd6ab9cac00d02d5713f78769c10389f0a138f82cffb44d2f3b88f80d
GET /RVNyU1MkMRE+bCRuEHUmNz9PdmEDdkAVN3dlEzchPWoRYD11PgN9MCk8Bzc1NzwcJ30rNgZ2YQNiET8RMwZCHgEVJDdiNQQKRxBhcGQhYQkgMhwnBgo7BWsfFBkGEDkqJDg0HggSMWs/BDQdFBY9ZxoZPRBgMRcBFgpABjYIAjdjNSkCQxIHB3ZAEQJ2Cj0dKgMDKBY4KBoZa2oEEBkiGy8kPTc9AGMoBhUvCRkRNBcqIyIbAQIzGRcHCys/a3wdQzc6HWE4KQsCETkKEgMLKz9rLhgaKz4SYCgkHg0FFgopMRYoFiMiEiQ3Oh0qN2IFdx4HCj0LGxQ/fnxlKDgRIhA2CjQCB0sYChQFMwoVcDkRYx0iCxwJKxQ5KxQaFgonAyshYREHAS0LQAknFD0rMjErGlQ5ICo9Am42LCAmADAWPyUBNhADHiIa HTTP/1.1
Host: racterdeet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.file-upload.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 1181
Connection: keep-alive
Date: Thu, 02 Feb 2023 16:45:20 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
Accept-CH: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
X-Cache: Miss from cloudfront
Via: 1.1 9b9ff06545217fe747384bd8b8509aa4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN1-C1
X-Amz-Cf-Id: y7Ys1rtNQ09uIm7b2hnd9bxXs7aE1r2TLEIUCKKljSXWQC_CXzrmEw==
racterdeet.com/SExJV1QpLio6aylxK3EhOiB0cmYOaXsRMHp6KDMmMHUqZDp4ITh5NyQjPDMyOiMnI3omKT1yZg44EA8wDC4eMBcPD3kbAjAZLB1lCh0eAm0/Gg8RHAAYCBQWIAoCHBUFPwQuDTEcIzwQBg8fGxwKPx0xOHkDDQUNPA8lARwNJXkYAh4OGx4zIwcREhokCxswGwAEfQ4WLxkaHQUZCwsVGiQLCDs3DyU+DxUZfCsePyAtA2cePBQcZgAafjo2FRl0HRsWJy4bEgIyDTEvERoUBzQDDXUBDTh8PRsSAjILLhIEGRQtHgMxAho0AngdH2caJRQgJxEaFGQaMgAnGxIVJDQQARIkNhsSZRweMAYdCzsmDg4kdDwCZCw1EQE8GR56HR0fIAwFHyB0BxUsL3saETsmHicZDRogDwUaJA4TcT47IycnaSMiDQUFOR8YNRcu
54.192.99.24200 OK 1.2 kB URL HTTP/1.1 racterdeet.com/SExJV1QpLio6aylxK3EhOiB0cmYOaXsRMHp6KDMmMHUqZDp4ITh5NyQjPDMyOiMnI3omKT1yZg44EA8wDC4eMBcPD3kbAjAZLB1lCh0eAm0/Gg8RHAAYCBQWIAoCHBUFPwQuDTEcIzwQBg8fGxwKPx0xOHkDDQUNPA8lARwNJXkYAh4OGx4zIwcREhokCxswGwAEfQ4WLxkaHQUZCwsVGiQLCDs3DyU+DxUZfCsePyAtA2cePBQcZgAafjo2FRl0HRsWJy4bEgIyDTEvERoUBzQDDXUBDTh8PRsSAjILLhIEGRQtHgMxAho0AngdH2caJRQgJxEaFGQaMgAnGxIVJDQQARIkNhsSZRweMAYdCzsmDg4kdDwCZCw1EQE8GR56HR0fIAwFHyB0BxUsL3saETsmHicZDRogDwUaJA4TcT47IycnaSMiDQUFOR8YNRcu
IP 54.192.99.24:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3038), with no line terminators
Hash 841f2280190fb51ee3b33875b72fdefa
c06bdc0b48ac0aa333466f2549f2543d33ff05c2
b56ed807c4f721ca87be3ff847b6e4457cb28d0b84c758294172847bcc501a6a
GET /SExJV1QpLio6aylxK3EhOiB0cmYOaXsRMHp6KDMmMHUqZDp4ITh5NyQjPDMyOiMnI3omKT1yZg44EA8wDC4eMBcPD3kbAjAZLB1lCh0eAm0/Gg8RHAAYCBQWIAoCHBUFPwQuDTEcIzwQBg8fGxwKPx0xOHkDDQUNPA8lARwNJXkYAh4OGx4zIwcREhokCxswGwAEfQ4WLxkaHQUZCwsVGiQLCDs3DyU+DxUZfCsePyAtA2cePBQcZgAafjo2FRl0HRsWJy4bEgIyDTEvERoUBzQDDXUBDTh8PRsSAjILLhIEGRQtHgMxAho0AngdH2caJRQgJxEaFGQaMgAnGxIVJDQQARIkNhsSZRweMAYdCzsmDg4kdDwCZCw1EQE8GR56HR0fIAwFHyB0BxUsL3saETsmHicZDRogDwUaJA4TcT47IycnaSMiDQUFOR8YNRcu HTTP/1.1
Host: racterdeet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.file-upload.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 1189
Connection: keep-alive
Date: Thu, 02 Feb 2023 16:45:20 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
Accept-CH: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
X-Cache: Miss from cloudfront
Via: 1.1 c7b77c915dff1aaf04e31040a3e9f3ec.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN1-C1
X-Amz-Cf-Id: DejuaTxuwDCqeyqlp_MK9vqZyIYzIiVzEy24WsBhvXCz3nSpGSZtSQ==
pyoungstersofto.xyz/NHBQenQbTzMJSWdAFg8QYDZpGUVcNBJJDAQnBRk9USgKGSZDPXYOHVBNaEJMB0loXARdFG1LUkcEMQ4BR01hXB1aFj9HUkJNYVRHAF5jS1oGViVHRRIEIBsTCUF2CgBAHG1LQgNFY09CB0RnSkUH
172.67.207.205204 No Content 0 B URL HTTP/2 pyoungstersofto.xyz/NHBQenQbTzMJSWdAFg8QYDZpGUVcNBJJDAQnBRk9USgKGSZDPXYOHVBNaEJMB0loXARdFG1LUkcEMQ4BR01hXB1aFj9HUkJNYVRHAF5jS1oGViVHRRIEIBsTCUF2CgBAHG1LQgNFY09CB0RnSkUH
IP 172.67.207.205:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /NHBQenQbTzMJSWdAFg8QYDZpGUVcNBJJDAQnBRk9USgKGSZDPXYOHVBNaEJMB0loXARdFG1LUkcEMQ4BR01hXB1aFj9HUkJNYVRHAF5jS1oGViVHRRIEIBsTCUF2CgBAHG1LQgNFY09CB0RnSkUH HTTP/1.1
Host: pyoungstersofto.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 02 Feb 2023 16:45:20 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QxgJ3PHanfUZjl8r9MsvPvTvHygQRZ9FKms%2Br5J0LJjoV%2F9nVk67TUyqmRGhI7HJDBlw0P8j3KEIgtBCd58xc8oXyUy9mxwFRvPYTu9v4M6YxlYmW1iuh8tx66F9sycWBaUeScoM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793465898e59b524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pyoungstersofto.xyz/Zlk5VExJZloncTIBfyMoMWgBBwkwHWEMfSIICTAWA2l7EB0KCB8gJQJkAWx0VWAAcjwPPQRnfkAqTTU4EyoEZnxWbh89IgA2BGZqEGQJenVIaBdkahNkCHI4FjheaX1AKU0gIFtoD2N5VWwPZ3hRaQ5h
172.67.207.205204 No Content 0 B URL HTTP/2 pyoungstersofto.xyz/Zlk5VExJZloncTIBfyMoMWgBBwkwHWEMfSIICTAWA2l7EB0KCB8gJQJkAWx0VWAAcjwPPQRnfkAqTTU4EyoEZnxWbh89IgA2BGZqEGQJenVIaBdkahNkCHI4FjheaX1AKU0gIFtoD2N5VWwPZ3hRaQ5h
IP 172.67.207.205:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Zlk5VExJZloncTIBfyMoMWgBBwkwHWEMfSIICTAWA2l7EB0KCB8gJQJkAWx0VWAAcjwPPQRnfkAqTTU4EyoEZnxWbh89IgA2BGZqEGQJenVIaBdkahNkCHI4FjheaX1AKU0gIFtoD2N5VWwPZ3hRaQ5h HTTP/1.1
Host: pyoungstersofto.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 02 Feb 2023 16:45:20 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GLrGLI30r6WfOCOzhrD3ov5LGqXCC9k73zNxmhVJOAjzthw8nfzPTs%2BcUA3xwpj3sF7BA6x3%2FKDQiddNwizQg1UPT%2F5s5kfFhPghJoquZZPJPFd78SiC9KbQ4YOq%2Fz9Gl1BMrjZQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793465899e5ab524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pyoungstersofto.xyz/UGRtMmN/Ww5BXgYeN1sAYAAHcCUSJw5lIh8yXWhQCTUvZTIIMUtGCjRZVABRYlFeFBM5AFADRSMQDEYWI1lcFAo+AgIPRSZZXBxQZEpeA01iQhgPUnYQHVMEbVVLQhckCFADVWdRXgdVY1BaAldn
172.67.207.205204 No Content 0 B URL HTTP/2 pyoungstersofto.xyz/UGRtMmN/Ww5BXgYeN1sAYAAHcCUSJw5lIh8yXWhQCTUvZTIIMUtGCjRZVABRYlFeFBM5AFADRSMQDEYWI1lcFAo+AgIPRSZZXBxQZEpeA01iQhgPUnYQHVMEbVVLQhckCFADVWdRXgdVY1BaAldn
IP 172.67.207.205:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /UGRtMmN/Ww5BXgYeN1sAYAAHcCUSJw5lIh8yXWhQCTUvZTIIMUtGCjRZVABRYlFeFBM5AFADRSMQDEYWI1lcFAo+AgIPRSZZXBxQZEpeA01iQhgPUnYQHVMEbVVLQhckCFADVWdRXgdVY1BaAldn HTTP/1.1
Host: pyoungstersofto.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 02 Feb 2023 16:45:20 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KNurhEJHZyXnkog9vcoaiP44LEV0%2F4lZ6tb814g9yGSiYlv%2FKhaKJceoc5petNDkB0itY6bmjWq%2FF0fVeMSydnyJVeUbIO%2FYCllgYfe8cgg%2BdS3tMN3UY7oGm5Me9CLNFw2P48GM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79346589ae8fb524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pyoungstersofto.xyz/aG14ZTJHUhsWDzwqLR9lPCddV3Q+CjYVcQYFHCdlLSscI1ErDDkkFBwEHFgKUFRPUwROHREBD1lLCxFTHBgLWANOBBYDXVVLDlgDRl5MSwFZQ0pDR1VcXhFCCQpFVBQYGQwJD1lbT1ABXVtLUQVYXkA
172.67.207.205204 No Content 0 B URL HTTP/2 pyoungstersofto.xyz/aG14ZTJHUhsWDzwqLR9lPCddV3Q+CjYVcQYFHCdlLSscI1ErDDkkFBwEHFgKUFRPUwROHREBD1lLCxFTHBgLWANOBBYDXVVLDlgDRl5MSwFZQ0pDR1VcXhFCCQpFVBQYGQwJD1lbT1ABXVtLUQVYXkA
IP 172.67.207.205:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /aG14ZTJHUhsWDzwqLR9lPCddV3Q+CjYVcQYFHCdlLSscI1ErDDkkFBwEHFgKUFRPUwROHREBD1lLCxFTHBgLWANOBBYDXVVLDlgDRl5MSwFZQ0pDR1VcXhFCCQpFVBQYGQwJD1lbT1ABXVtLUQVYXkA HTTP/1.1
Host: pyoungstersofto.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 02 Feb 2023 16:45:20 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2BMfB5rAZ%2BTGaRuXShgRu8Injf1olRTYsOlsd%2FqtSgkQM%2F7hh3%2Fb58CZfTXSamjRwqQ316FYtiY3Hpfyma1rhvvSNS8G5anybbUsSyzBVdR%2Bdf1IE2iqeQsiOyBsQHMvaaOLUJU9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79346589ae8ab524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 68a3606a3e151f5316fd8df4c1ce29ae
9eaacb0da3b1ba0797a6507249a63848ef153966
2b499079f996fc4d73001bf1bad09005310385205dedd4aec3f4cffc74a838e9
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "2B499079F996FC4D73001BF1BAD09005310385205DEDD4AEC3F4CFFC74A838E9"
Last-Modified: Wed, 01 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13516
Expires: Thu, 02 Feb 2023 20:30:36 GMT
Date: Thu, 02 Feb 2023 16:45:20 GMT
Connection: keep-alive
d26adrx9c3n0mq.cloudfront.net/ddVZLOEEWOSVefgE/LwV4R2R5DXJTPDhXLwVrAX1wDA4ZWxQmb21MOxFrex4tFDgsBWcQOCgFcFM3L1p8QXA/SC4eaydLNRglO1kxFCRtTSBIOyRCKBk6Kh1zM2NlCGRHZmNPKBsyJE8yUGR7VjVQZHsJcVtmbgsDUGR7TygbYH8dcjdzeQg5Q2JuCwNQZH-tKN1BlCglxQHh7EWRHZixdIh45bgoHR2Z6CHFEZnodc0UwIkokEzkzHXMzZ3sNb0VwPgVw
54.230.245.45200 OK 456 B URL HTTP/1.1 d26adrx9c3n0mq.cloudfront.net/ddVZLOEEWOSVefgE/LwV4R2R5DXJTPDhXLwVrAX1wDA4ZWxQmb21MOxFrex4tFDgsBWcQOCgFcFM3L1p8QXA/SC4eaydLNRglO1kxFCRtTSBIOyRCKBk6Kh1zM2NlCGRHZmNPKBsyJE8yUGR7VjVQZHsJcVtmbgsDUGR7TygbYH8dcjdzeQg5Q2JuCwNQZH-tKN1BlCglxQHh7EWRHZixdIh45bgoHR2Z6CHFEZnodc0UwIkokEzkzHXMzZ3sNb0VwPgVw
IP 54.230.245.45:0
File type ASCII text, with very long lines (646), with no line terminators
Hash 092ab3388eac65e19c149635b6c82b9c
1a8f1bdbf32d60da1b9f38eaff2955cb1120d700
fed28dacf93e425a3035b63fb15d95a3309b0734084d1408bc555f7140692f8c
GET /ddVZLOEEWOSVefgE/LwV4R2R5DXJTPDhXLwVrAX1wDA4ZWxQmb21MOxFrex4tFDgsBWcQOCgFcFM3L1p8QXA/SC4eaydLNRglO1kxFCRtTSBIOyRCKBk6Kh1zM2NlCGRHZmNPKBsyJE8yUGR7VjVQZHsJcVtmbgsDUGR7TygbYH8dcjdzeQg5Q2JuCwNQZH-tKN1BlCglxQHh7EWRHZixdIh45bgoHR2Z6CHFEZnodc0UwIkokEzkzHXMzZ3sNb0VwPgVw HTTP/1.1
Host: d26adrx9c3n0mq.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://racterdeet.com/
HTTP/1.1 200 OK
Content-Length: 456
Connection: keep-alive
Date: Thu, 02 Feb 2023 16:45:20 GMT
access-control-allow-origin: *
Cache-Control: max-age=31556926
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: njL8sXDbXoM3eKfIYozt88AvrKhzhNwrzyIIzYq9xwmWCBKaAvFTbQ==
pyoungstersofto.xyz/UmY0bWV9WVceWAQceiAyBx5CLz0iF1EqXRoDBi9SCBFiWQcKERIZDDZbDFRTY18MSxU7AglcXXQVQAwRJxUJXEM7CFICWHQQCVxLYkgGQ1d0EwlcQyYWVQpYY0BEGRE+WwVbUmdVAVtWZlEEWFI
172.67.207.205204 No Content 0 B URL HTTP/2 pyoungstersofto.xyz/UmY0bWV9WVceWAQceiAyBx5CLz0iF1EqXRoDBi9SCBFiWQcKERIZDDZbDFRTY18MSxU7AglcXXQVQAwRJxUJXEM7CFICWHQQCVxLYkgGQ1d0EwlcQyYWVQpYY0BEGRE+WwVbUmdVAVtWZlEEWFI
IP 172.67.207.205:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /UmY0bWV9WVceWAQceiAyBx5CLz0iF1EqXRoDBi9SCBFiWQcKERIZDDZbDFRTY18MSxU7AglcXXQVQAwRJxUJXEM7CFICWHQQCVxLYkgGQ1d0EwlcQyYWVQpYY0BEGRE+WwVbUmdVAVtWZlEEWFI HTTP/1.1
Host: pyoungstersofto.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 02 Feb 2023 16:45:20 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JTl%2FaFIfipUJe3kjUkSYeDT6VDM0mGasJIss1oZKUYgr7mBxXapZkxWw8ODxT9cMZt946UZuP7gXiGtYLFZZNGLKIIEOCD8VRq9O0Cx5bAn2J4N9uqzVQ5y7Hp3lmbB%2BMq%2BhKmDr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79346589ae9eb524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
d26adrx9c3n0mq.cloudfront.net/ZRzJHU2kkXSk1VjNbI25RfwtwZV9hWDQ8BzcPKAIqdmUPZDxzeWEnEyMPd3UFJlwgbk8iXCRuWGFTIzFUcxQzIwYsDysgHSpBNzIZJkBhJgh6XygpACteJnZbAQdpY0x1Am8kAClWKCQaYgB3PR1iAHdiWWkCYmArYgB3JAApBHN2WgUXdWMRcQZiYCtiAH-chH2IBBmJZchx3ekx1AiA2CixdYmEvdQJ2Y1l2AnZ2W3dULiEMIV0/dlsBA3dmR3cUMm5Y
54.230.245.45200 OK 611 B URL HTTP/1.1 d26adrx9c3n0mq.cloudfront.net/ZRzJHU2kkXSk1VjNbI25RfwtwZV9hWDQ8BzcPKAIqdmUPZDxzeWEnEyMPd3UFJlwgbk8iXCRuWGFTIzFUcxQzIwYsDysgHSpBNzIZJkBhJgh6XygpACteJnZbAQdpY0x1Am8kAClWKCQaYgB3PR1iAHdiWWkCYmArYgB3JAApBHN2WgUXdWMRcQZiYCtiAH-chH2IBBmJZchx3ekx1AiA2CixdYmEvdQJ2Y1l2AnZ2W3dULiEMIV0/dlsBA3dmR3cUMm5Y
IP 54.230.245.45:0
File type ASCII text, with very long lines (850), with no line terminators
Hash c6b89af76029a2380104c814c2ca0663
d9ad75cc94bd18aaf0e6a8b3de40d1ba9dac6169
8b518e13dad7b6963cd6c197072b4ff9bfce8fdac8b68965f7102431a3ef0d1e
GET /ZRzJHU2kkXSk1VjNbI25RfwtwZV9hWDQ8BzcPKAIqdmUPZDxzeWEnEyMPd3UFJlwgbk8iXCRuWGFTIzFUcxQzIwYsDysgHSpBNzIZJkBhJgh6XygpACteJnZbAQdpY0x1Am8kAClWKCQaYgB3PR1iAHdiWWkCYmArYgB3JAApBHN2WgUXdWMRcQZiYCtiAH-chH2IBBmJZchx3ekx1AiA2CixdYmEvdQJ2Y1l2AnZ2W3dULiEMIV0/dlsBA3dmR3cUMm5Y HTTP/1.1
Host: d26adrx9c3n0mq.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://racterdeet.com/
HTTP/1.1 200 OK
Content-Length: 611
Connection: keep-alive
Date: Thu, 02 Feb 2023 16:45:20 GMT
access-control-allow-origin: *
Cache-Control: max-age=31556926
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: zRsMy2g5j3ItTQty2I8aHKfJRE6r-T_gC908_EKX3TFKgYKF1fLyOQ==
d26adrx9c3n0mq.cloudfront.net/FOE5MUUlbISI3dkwnKGxxAHZ/aHEeJD8+J0hzOjseQCgjHDN0DDw+b0w0KGx5HiItPy4FaCk/KgV/ajAtWnN4dz1IISdsJUs6ISI5WT4tI29NL3E8JkInID0oHXwKZGcIa35hYU8nIjUmTz1pY3lWOmljeQl+YmFsCwxpY3lPJyJnfR19DnR7CDZ6ZWwLDG-ljeUo4aWIICX55f3kRa35hLl0tJz5sCgh+YXgIfn1heB18fDcgSisqPjEdfApgeQ1gfHc8BX8
54.230.245.45200 OK 608 B URL HTTP/1.1 d26adrx9c3n0mq.cloudfront.net/FOE5MUUlbISI3dkwnKGxxAHZ/aHEeJD8+J0hzOjseQCgjHDN0DDw+b0w0KGx5HiItPy4FaCk/KgV/ajAtWnN4dz1IISdsJUs6ISI5WT4tI29NL3E8JkInID0oHXwKZGcIa35hYU8nIjUmTz1pY3lWOmljeQl+YmFsCwxpY3lPJyJnfR19DnR7CDZ6ZWwLDG-ljeUo4aWIICX55f3kRa35hLl0tJz5sCgh+YXgIfn1heB18fDcgSisqPjEdfApgeQ1gfHc8BX8
IP 54.230.245.45:0
File type ASCII text, with very long lines (848), with no line terminators
Hash f2f227067e4d0a1b0fd6e57f143c55cf
940212890797d873dd0c2b19d2b80cc9b661fc07
02354d3760afa0df921772cfc05c34262be4c48b2a157316f30e03655d068210
GET /FOE5MUUlbISI3dkwnKGxxAHZ/aHEeJD8+J0hzOjseQCgjHDN0DDw+b0w0KGx5HiItPy4FaCk/KgV/ajAtWnN4dz1IISdsJUs6ISI5WT4tI29NL3E8JkInID0oHXwKZGcIa35hYU8nIjUmTz1pY3lWOmljeQl+YmFsCwxpY3lPJyJnfR19DnR7CDZ6ZWwLDG-ljeUo4aWIICX55f3kRa35hLl0tJz5sCgh+YXgIfn1heB18fDcgSisqPjEdfApgeQ1gfHc8BX8 HTTP/1.1
Host: d26adrx9c3n0mq.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://racterdeet.com/
HTTP/1.1 200 OK
Content-Length: 608
Connection: keep-alive
Date: Thu, 02 Feb 2023 16:45:20 GMT
access-control-allow-origin: *
Cache-Control: max-age=31556926
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: L6PS9wgAw_Q2cZuxd9WY2De8YZ19d2eir9E57lxDEb2NnP8GgaahZQ==
d26adrx9c3n0mq.cloudfront.net/1clBvU0MRPwE1fAY5C257S2ZeantUOhw8LQJtCjowJgMMAC8lAgoGEx4hJnU3CDRSY2UeMQE0flQ1ATB+Q3YONyFPZEkmIk89ACkqHjwOdnE0ZUFjZkBgRyQqHDQAJDBXYl89N1diX2JzXGBKYAFXYl8kKhxmW3ZwMHVdYztEZEpgAVdiXyE1V2MuYnNHfl-96ZkBgCDYgGT9KYQVAYF5jc0NgXnZxQjYGISYUPxd2cTRhX2ZtQnYabnI
54.230.245.45200 OK 187 B URL HTTP/1.1 d26adrx9c3n0mq.cloudfront.net/1clBvU0MRPwE1fAY5C257S2ZeantUOhw8LQJtCjowJgMMAC8lAgoGEx4hJnU3CDRSY2UeMQE0flQ1ATB+Q3YONyFPZEkmIk89ACkqHjwOdnE0ZUFjZkBgRyQqHDQAJDBXYl89N1diX2JzXGBKYAFXYl8kKhxmW3ZwMHVdYztEZEpgAVdiXyE1V2MuYnNHfl-96ZkBgCDYgGT9KYQVAYF5jc0NgXnZxQjYGISYUPxd2cTRhX2ZtQnYabnI
IP 54.230.245.45:0
File type ASCII text, with no line terminators
Hash 6b713868a6f8635c98894b737ebcd2b6
3b7751c42d0871523b2322800eaafcf0afb6f324
12238d3c242a5830062288bcad31f29b287b17899ecded05b14ad3aeeedf3d6c
GET /1clBvU0MRPwE1fAY5C257S2ZeantUOhw8LQJtCjowJgMMAC8lAgoGEx4hJnU3CDRSY2UeMQE0flQ1ATB+Q3YONyFPZEkmIk89ACkqHjwOdnE0ZUFjZkBgRyQqHDQAJDBXYl89N1diX2JzXGBKYAFXYl8kKhxmW3ZwMHVdYztEZEpgAVdiXyE1V2MuYnNHfl-96ZkBgCDYgGT9KYQVAYF5jc0NgXnZxQjYGISYUPxd2cTRhX2ZtQnYabnI HTTP/1.1
Host: d26adrx9c3n0mq.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://racterdeet.com/
HTTP/1.1 200 OK
Content-Length: 187
Connection: keep-alive
Date: Thu, 02 Feb 2023 16:45:20 GMT
access-control-allow-origin: *
Cache-Control: max-age=31556926
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 1IJqlgsZxL_Q7VK5MS1ZW7ScgVAiU0N6SLhfd_WIwG2oArst5T_2Qw==
pyoungstersofto.xyz/bXhDVlRCRyAlaTkvcgE2OT57ABMjGgIOZQsiFW4SCEk7OgMKH2UiPQlFe25sXkF6cCQEHH5lZksLNzcgGAt+Z3IEFiU5aUsOfmZ6VFZyeGRLDX5nchkIIjFpXF4zIiABRXJgY1hLdmBnWU9zYWU
172.67.207.205204 No Content 0 B URL HTTP/2 pyoungstersofto.xyz/bXhDVlRCRyAlaTkvcgE2OT57ABMjGgIOZQsiFW4SCEk7OgMKH2UiPQlFe25sXkF6cCQEHH5lZksLNzcgGAt+Z3IEFiU5aUsOfmZ6VFZyeGRLDX5nchkIIjFpXF4zIiABRXJgY1hLdmBnWU9zYWU
IP 172.67.207.205:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bXhDVlRCRyAlaTkvcgE2OT57ABMjGgIOZQsiFW4SCEk7OgMKH2UiPQlFe25sXkF6cCQEHH5lZksLNzcgGAt+Z3IEFiU5aUsOfmZ6VFZyeGRLDX5nchkIIjFpXF4zIiABRXJgY1hLdmBnWU9zYWU HTTP/1.1
Host: pyoungstersofto.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 02 Feb 2023 16:45:20 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=30OG79UzH0a5viK7sxkfJcpNeDgr1BuXUlgmXouMIDel4wjwuM116wRLprOtnuNThPJoBNwrPUB02tbgM7EUb06a0GkTaER6RpmKGhq%2FeNrc7GmLToqQF2P4Yha9KMo4Q8YkWqLO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79346589beb2b524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
d26adrx9c3n0mq.cloudfront.net/tYXdDbWgCGC0LVxUeJ1BQWU9wVFFHHTACBhFKKAMsMyYyPjkDNCVLHBsTfl1ODRYtClVHEi0OVVBRIgkKXENlGRgOHH4YBgUSJQQGBBNlGAlcGiwXAQ0bIkhaJ0JtXU1TR2saAQ8TLBobREVzAxxERXNcWE9HZl4qREVzGgEPQXdIWyNScV0QV0NmXipERX-MfHkREAlxYVFlzRE1TRyQICwoYZl8uU0dyXVhQR3JIWlERKh8NBxg7SFonRnNYRlFRNlBZ
54.230.245.45200 OK 357 B URL HTTP/1.1 d26adrx9c3n0mq.cloudfront.net/tYXdDbWgCGC0LVxUeJ1BQWU9wVFFHHTACBhFKKAMsMyYyPjkDNCVLHBsTfl1ODRYtClVHEi0OVVBRIgkKXENlGRgOHH4YBgUSJQQGBBNlGAlcGiwXAQ0bIkhaJ0JtXU1TR2saAQ8TLBobREVzAxxERXNcWE9HZl4qREVzGgEPQXdIWyNScV0QV0NmXipERX-MfHkREAlxYVFlzRE1TRyQICwoYZl8uU0dyXVhQR3JIWlERKh8NBxg7SFonRnNYRlFRNlBZ
IP 54.230.245.45:0
File type ASCII text, with very long lines (455), with no line terminators
Hash b1dd9bc25c8ff9bf2a77efb482aa8faf
25a0545fd92f7ba61205f69501ab7997a731286b
04bd693f166e98fc267c7dd75989c7a25963507d3b35bbe516e8cd09ae46dea7
GET /tYXdDbWgCGC0LVxUeJ1BQWU9wVFFHHTACBhFKKAMsMyYyPjkDNCVLHBsTfl1ODRYtClVHEi0OVVBRIgkKXENlGRgOHH4YBgUSJQQGBBNlGAlcGiwXAQ0bIkhaJ0JtXU1TR2saAQ8TLBobREVzAxxERXNcWE9HZl4qREVzGgEPQXdIWyNScV0QV0NmXipERX-MfHkREAlxYVFlzRE1TRyQICwoYZl8uU0dyXVhQR3JIWlERKh8NBxg7SFonRnNYRlFRNlBZ HTTP/1.1
Host: d26adrx9c3n0mq.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://racterdeet.com/
HTTP/1.1 200 OK
Content-Length: 357
Connection: keep-alive
Date: Thu, 02 Feb 2023 16:45:20 GMT
access-control-allow-origin: *
Cache-Control: max-age=31556926
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: TwaLWhRvFY4EZsyDW_evDEHn0sdCF0FctAvkt1j5LrNX-9tbjVCO8w==
push.services.mozilla.com/
54.186.169.128101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.186.169.128:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: XIMKQLUFRIkg8NKHrpF/0w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Wfu2aZvHW1h78it4ZWiuGR/0Sgc=
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bae868356becb6470806e213f97e8aa6
1a3c7ffdce0f4e9c1f59aa0cd7715f22bade5117
c9930f2471f9a8a87fddfe3989391d65e1c41b3457a3f0fbf2e2357566f81a1b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2100
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:45:20 GMT
Last-Modified: Thu, 02 Feb 2023 16:10:20 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d5aa8840f812da83fc823da528a74c1a
9e7bad3462506164bd4bdb87a761352ef8131ba9
abaa07021a967e89f7786ac14efa3ce48f24e4c032376a36421cca12f5ecaeeb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:45:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d5aa8840f812da83fc823da528a74c1a
9e7bad3462506164bd4bdb87a761352ef8131ba9
abaa07021a967e89f7786ac14efa3ce48f24e4c032376a36421cca12f5ecaeeb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:45:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dfac8e75ce3a7274894c1f4215714ec1
3af98f892a055dc1e76d603cd0be26791cec7a5a
d71a3ab89665ed999c87ef950fa828e0621fc0c80e20e2596a30ec5e26f53733
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D71A3AB89665ED999C87EF950FA828E0621FC0C80E20E2596A30EC5E26F53733"
Last-Modified: Tue, 31 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20542
Expires: Thu, 02 Feb 2023 22:27:42 GMT
Date: Thu, 02 Feb 2023 16:45:20 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dfac8e75ce3a7274894c1f4215714ec1
3af98f892a055dc1e76d603cd0be26791cec7a5a
d71a3ab89665ed999c87ef950fa828e0621fc0c80e20e2596a30ec5e26f53733
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D71A3AB89665ED999C87EF950FA828E0621FC0C80E20E2596A30EC5E26F53733"
Last-Modified: Tue, 31 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20542
Expires: Thu, 02 Feb 2023 22:27:42 GMT
Date: Thu, 02 Feb 2023 16:45:20 GMT
Connection: keep-alive
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
216.58.207.237302 Found 391 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (380)
Hash 0fe0c7c95bce6691b3f00d655ba24411
006cb6e3a745f7b277e3f541c6545c5aa2babac4
5d90e0ca218a977df4aa6e1b73ade72bad15aea0b2b8f142725a18fb867cca2c
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 02 Feb 2023 16:45:20 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-603253844%3A1675356320727100&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHevEBph3Y8YRSdZ-9expydqxdKeF24jSo9NkESYyVVoEJURtqENdE-Te-I_uKcBR3gEEF3duA
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-7ks2l9nuuTdCoIM2DpM1ZQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 391
server: GSE
set-cookie: __Host-GAPS=1:enm9N0_6yzzyShamjhVr-gNwOrOuoQ:uygWjf1YA9M__h7K;Path=/;Expires=Sat, 01-Feb-2025 16:45:20 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
racterdeet.com/utx?cb=yjcLmE2RtgcV&top=www.file-upload.com&tid=888398
54.192.99.24204 No Content 82 kB URL HTTP/2 racterdeet.com/utx?cb=yjcLmE2RtgcV&top=www.file-upload.com&tid=888398
IP 54.192.99.24:0
Hash 0d5e55d06fd34123be874ac34eab1c5d
0eaa6d9ad6e44d92530464e8bb5142d020c6a3b7
3d8381ff57153fc075ab4f0c0a9aba61f381873c4d3802d221de5ab66dc4bab2
GET /utx?cb=yjcLmE2RtgcV&top=www.file-upload.com&tid=888398 HTTP/1.1
Host: racterdeet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.file-upload.com
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 02 Feb 2023 16:45:20 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://www.file-upload.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Thu, 02 Feb 2023 16:46:20 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 d975c23165964b20999503339a61d1ae.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: ODWSzauWL7Se7Lj1A5eLrVfnwdebEiPkR28mSwWDcR26E-A_Y2vIiw==
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
216.58.207.237302 Found 395 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (383)
Hash f0f9a907e6588f72723b8677974bffd1
cc2a2e234593685880a42140098148f0aa2f7ecb
7d771bb8005e468751b213576ea6df9705b588e89bf1e7a6dde90b9d5db47e67
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 02 Feb 2023 16:45:20 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S521125855%3A1675356320779487&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHdZ_mHX3W4GDwnqX1yKwf_wkU_TP1ELMo4Qk0pRoWI8vQvPwWiyx6HhW5K9GJAQ9CIfDvAw-w
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-2UU2tTK9xp_9Q79YEp4Mfg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 395
server: GSE
set-cookie: __Host-GAPS=1:rBcZVKnWqkdCxlXW4EG0hp3j3dlcCw:iw-JdWPSyw9mNEdr;Path=/;Expires=Sat, 01-Feb-2025 16:45:20 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
racterdeet.com/utx?cb=IXwFaBaQSNzs&top=www.file-upload.com&tid=889766
54.192.99.24204 No Content 0 B URL HTTP/2 racterdeet.com/utx?cb=IXwFaBaQSNzs&top=www.file-upload.com&tid=889766
IP 54.192.99.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=IXwFaBaQSNzs&top=www.file-upload.com&tid=889766 HTTP/1.1
Host: racterdeet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.file-upload.com
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 02 Feb 2023 16:45:20 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://www.file-upload.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Thu, 02 Feb 2023 16:46:20 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 d975c23165964b20999503339a61d1ae.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: XRCgTtRGmflPK_Yco5Tn7BKr7qtfxlwrd_PGvlY_4sFaVYNJ88usmA==
X-Firefox-Spdy: h2
racterdeet.com/utx?cb=PLwD8qzqKJ52&top=www.file-upload.com&tid=922253
54.192.99.24204 No Content 0 B URL HTTP/2 racterdeet.com/utx?cb=PLwD8qzqKJ52&top=www.file-upload.com&tid=922253
IP 54.192.99.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=PLwD8qzqKJ52&top=www.file-upload.com&tid=922253 HTTP/1.1
Host: racterdeet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.file-upload.com
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 02 Feb 2023 16:45:20 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://www.file-upload.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Thu, 02 Feb 2023 16:46:20 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 d975c23165964b20999503339a61d1ae.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: 9y3tU3gkBq377porc6lmZnHBbTmEGmI5C6vnx-bMHGC3XSom3r21Kw==
X-Firefox-Spdy: h2
racterdeet.com/utx?cb=ZXXlmxZSUPLF&top=www.file-upload.com&tid=888399
54.192.99.24204 No Content 0 B URL HTTP/2 racterdeet.com/utx?cb=ZXXlmxZSUPLF&top=www.file-upload.com&tid=888399
IP 54.192.99.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=ZXXlmxZSUPLF&top=www.file-upload.com&tid=888399 HTTP/1.1
Host: racterdeet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.file-upload.com
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 02 Feb 2023 16:45:20 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://www.file-upload.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Thu, 02 Feb 2023 16:46:20 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 d975c23165964b20999503339a61d1ae.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: AjaFF1eVSvoWIb0fanO5zFsULWYdTGnEM4NKhJQNlyv5bPmgVAWH5A==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d06fd066caf4dfa1e21a722a5c468158
acb765577662906ae8e11242bed487ce1051db28
4b45760de269e60345d43ff2da6c5803722f7c052edd0a9f5258ce69b2ffa32f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:45:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bae868356becb6470806e213f97e8aa6
1a3c7ffdce0f4e9c1f59aa0cd7715f22bade5117
c9930f2471f9a8a87fddfe3989391d65e1c41b3457a3f0fbf2e2357566f81a1b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2100
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:45:20 GMT
Last-Modified: Thu, 02 Feb 2023 16:10:20 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
outbursttones.com/01/10/5f/01105f188a1c32226733edcb09dd3870.js
173.233.137.44200 OK 21 kB URL HTTP/1.1 outbursttones.com/01/10/5f/01105f188a1c32226733edcb09dd3870.js
IP 173.233.137.44:0
File type HTML document, ASCII text, with very long lines (60168), with no line terminators
Hash 6509c5f4a6e7abb9b71d01ca4f7f8b55
9f3f622093bda9224313d524c1855c5197fba09a
d48a5f4d8d50c09332b99b1923755f5ea6347b989431863e5373efa50cca9318
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /01/10/5f/01105f188a1c32226733edcb09dd3870.js HTTP/1.1
Host: outbursttones.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.file-upload.com/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 02 Feb 2023 16:45:20 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8b5812f69a8240679a15a1beaa3685b0
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
pyoungstersofto.xyz/popunder.gif
172.67.207.205301 Moved Permanently 0 B URL HTTP/1.1 pyoungstersofto.xyz/popunder.gif
IP 172.67.207.205:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /popunder.gif HTTP/1.1
Host: pyoungstersofto.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.file-upload.com/
HTTP/1.1 301 Moved Permanently
Date: Thu, 02 Feb 2023 16:45:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 02 Feb 2023 17:45:20 GMT
Location: https://pyoungstersofto.xyz/popunder.gif
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ucz35KLiSYG8NvtPbiJwBaUf3t5oeXuztVIUEyaCXcclFdSV51TI2mN8DB91k%2BQMgix50vST8oDzaApVg2NYtuN3Id4PgP1ycWbOe%2BRDugzXIeRhYTln%2FMulQFH4pN5DNjMz%2BMDp"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7934658d9acab527-OSL
alt-svc: h2=":443"; ma=60
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dfac8e75ce3a7274894c1f4215714ec1
3af98f892a055dc1e76d603cd0be26791cec7a5a
d71a3ab89665ed999c87ef950fa828e0621fc0c80e20e2596a30ec5e26f53733
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D71A3AB89665ED999C87EF950FA828E0621FC0C80E20E2596A30EC5E26F53733"
Last-Modified: Tue, 31 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20542
Expires: Thu, 02 Feb 2023 22:27:42 GMT
Date: Thu, 02 Feb 2023 16:45:20 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 3f11c62617c2bee07a8ed3cf82151243
ba58aa99e6fda4e73216a5b6a382dfd4f1f5b33a
a0b39826bd54ed8244e2c90f71d51146feaba0b9100446256479344837c50228
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 02 Feb 2023 16:45:21 GMT
Last-Modified: Thu, 02 Feb 2023 15:03:15 GMT
Server: ECS (nyb/1D25)
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: O-3jcjZas8RTFQFG8ddntimkNjod1tjW_uH70fsP7fKPlPq0FYnwVA==
Age: 6127
simplewebanalysis.com/stats
3.120.47.42200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.120.47.42:0
File type ASCII text, with no line terminators
Hash 5d5069b97e53db51ca6f35102d4f7034
a8094ce0a8c79257398aec0791964155977e8b00
7bf4f928b77b696ade51ef4bcee1498fadc3f1377ddc50b90bb5223f4c941c00
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.file-upload.com
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:45:21 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://www.file-upload.com
access-control-allow-credentials: true
set-cookie: uid_id2=a437c3e4-a681-4b45-8b23-55eb8ad15bf1:2:1; expires=Sun, 30 Jan 2033 16:45:21 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
www.google-analytics.com/ga.js
142.250.74.110200 OK 17 kB URL HTTP/1.1 www.google-analytics.com/ga.js
IP 142.250.74.110:0
Hash f68d5b828e5c89dbb3f9bf6ba53cc777
0e2e01c9429aca28b530750de4c927fa5d42a117
f84fb7544f20ddad22836cb37a8df4cd1207a0dd5943ff3da885d8d010400654
GET /ga.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.file-upload.com/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 17168
Date: Thu, 02 Feb 2023 15:07:57 GMT
Expires: Thu, 02 Feb 2023 17:07:57 GMT
Cache-Control: public, max-age=7200
Age: 5844
Last-Modified: Tue, 10 Jan 2023 21:29:14 GMT
Content-Type: text/javascript
connect.facebook.net/en_US/sdk.js
157.240.205.11301 Moved Permanently 0 B URL HTTP/1.1 connect.facebook.net/en_US/sdk.js
IP 157.240.205.11:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.file-upload.com/
HTTP/1.1 301 Moved Permanently
Location: https://connect.facebook.net/en_US/sdk.js
Content-Type: text/plain
Server: proxygen-bolt
Date: Thu, 02 Feb 2023 16:45:21 GMT
Connection: keep-alive
Content-Length: 0
racterdeet.com/floater?cs=b3lRSFpeQGR%2Bal9LYnpuWUhif2M&abt=0&red=1&sm=83&k=download%20anime%20uploader%20gray%20hallow&v=0.9.1.0&sts=0&prn=0&emb=0&tid=888399&rxy=1280_1024&u=1515130291653768&agec=1675356320&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&ref=http%3A%2F%2Fwww.file-upload.com%2F5ofjywr4l4ll&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&aa=oi1_&_zJeX=1675356347876&crc=1
54.192.99.24200 OK 1.2 kB URL HTTP/2 racterdeet.com/floater?cs=b3lRSFpeQGR%2Bal9LYnpuWUhif2M&abt=0&red=1&sm=83&k=download%20anime%20uploader%20gray%20hallow&v=0.9.1.0&sts=0&prn=0&emb=0&tid=888399&rxy=1280_1024&u=1515130291653768&agec=1675356320&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&ref=http%3A%2F%2Fwww.file-upload.com%2F5ofjywr4l4ll&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&aa=oi1_&_zJeX=1675356347876&crc=1
IP 54.192.99.24:0
File type ASCII text, with very long lines (1759), with no line terminators
Hash b7947c4475a7b06c6a7c79eb94942bd5
c6047bf3dda94b168739dc39556acf13f926ad8b
18cc23641eda0744844f005e4cd28f6798578ae42c594be61c71689e38be05c5
GET /floater?cs=b3lRSFpeQGR%2Bal9LYnpuWUhif2M&abt=0&red=1&sm=83&k=download%20anime%20uploader%20gray%20hallow&v=0.9.1.0&sts=0&prn=0&emb=0&tid=888399&rxy=1280_1024&u=1515130291653768&agec=1675356320&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&ref=http%3A%2F%2Fwww.file-upload.com%2F5ofjywr4l4ll&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&aa=oi1_&_zJeX=1675356347876&crc=1 HTTP/1.1
Host: racterdeet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.file-upload.com
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 1178
date: Thu, 02 Feb 2023 16:45:21 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://www.file-upload.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=4b604879-f1de-4b9d-bbbe-64f7bf451965
csu=1515130291653768
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 d975c23165964b20999503339a61d1ae.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: G6W1WwR5VCu9fQmVPjY_EOu_uNzPMwtQFluN8yT79DBMWsJzDm53Hg==
X-Firefox-Spdy: h2
www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1254978700&utmhn=www.file-upload.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Download%20%5BAnime%20Uploader%20com%5D%20Gray%20man%20Hallow%20rar&utmhid=500464182&utmr=-&utmp=%2F5ofjywr4l4ll&utmht=1675356348293&utmac=UA-42931250-7&utmcc=__utma%3D184767038.46337930.1675356348.1675356348.1675356348.1%3B%2B__utmz%3D184767038.1675356348.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=325257204&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
142.250.74.110302 Found 368 B URL HTTP/1.1 www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1254978700&utmhn=www.file-upload.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Download%20%5BAnime%20Uploader%20com%5D%20Gray%20man%20Hallow%20rar&utmhid=500464182&utmr=-&utmp=%2F5ofjywr4l4ll&utmht=1675356348293&utmac=UA-42931250-7&utmcc=__utma%3D184767038.46337930.1675356348.1675356348.1675356348.1%3B%2B__utmz%3D184767038.1675356348.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=325257204&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
IP 142.250.74.110:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash a3706f71b9f2be104d8768aa7683ba9a
d215f88f3c10687d0106a672ab753d42bd6b29c2
61fc7e55e9afa80c7f4d87bdbeda1ed1e32e8ba1d3452850d787a2af497babc6
GET /r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1254978700&utmhn=www.file-upload.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Download%20%5BAnime%20Uploader%20com%5D%20Gray%20man%20Hallow%20rar&utmhid=500464182&utmr=-&utmp=%2F5ofjywr4l4ll&utmht=1675356348293&utmac=UA-42931250-7&utmcc=__utma%3D184767038.46337930.1675356348.1675356348.1675356348.1%3B%2B__utmz%3D184767038.1675356348.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=325257204&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.file-upload.com/
HTTP/1.1 302 Found
Location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-42931250-7&cid=46337930.1675356348&jid=325257204&_v=5.7.2&z=1254978700
Access-Control-Allow-Origin: *
Date: Thu, 02 Feb 2023 16:45:21 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/html; charset=UTF-8
Server: Golfe2
Content-Length: 368
connect.facebook.net/en_US/sdk.js
157.240.205.11200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP 157.240.205.11:0
File type ASCII text, with very long lines (1957)
Hash 31f16c2d1d5d3e8abf2a569ad228a277
8623952850f13b24e4351b509cb84d16766d28b0
ef24fc930493d82e9c3a2369ce956905c538ec74a9904ec94f30ce66a195a151
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.file-upload.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 4e505c2920cdbceebed70b70fbbcbd9d
etag: "fc84678f2cb8f57c76fb2783b7a65c64"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Thu, 02 Feb 2023 17:00:55 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: MfFsLR1dPoq/Klaa0iiidw==
x-fb-debug: JGSMPl7ZOplJBOrma/xFr40wPvT09BoK+nCA04OpoH2TbciFZI9dG3PXuBFjiFU8juU1U2g1ApnMkf54afXKlA==
priority: u=3,i
content-length: 1688
x-fb-trip-id: 1679558926
date: Thu, 02 Feb 2023 16:45:21 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.132.29200 OK 103 kB IP 172.64.132.29:0
Size 103 kB (102872 bytes)
Hash 344808911b19c25774bcbabcbf9abaf1
0bb51d3dce072b58cf16891f719aa4ab40b2d2b9
1919920e5cdcee9fdae6ba21f686bb013de9565d42bbf9c3b79b93a4d866c956
Analyzer Verdict Alert quad9 Sinkholed
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.file-upload.com/
Origin: http://www.file-upload.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:45:20 GMT
content-type: binary/octet-stream
access-control-allow-origin: http://www.file-upload.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 02 Feb 2023 16:45:20 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BVWo%2BpNgFeVo4WiN75dktDX71V2ixDjy2P7B6ASoy3%2BkWmLH6QzYUYX2RYUECqIIv5sNDLU4GAQGdBUFhexRAHZK2kugKWcz0RilbWm785ts%2FKz2Ylwz%2BWGo76eXICp7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934658cabb87200-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-42931250-7&cid=46337930.1675356348&jid=325257204&_v=5.7.2&z=1254978700
64.233.164.156302 Found 366 B URL HTTP/2 stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-42931250-7&cid=46337930.1675356348&jid=325257204&_v=5.7.2&z=1254978700
IP 64.233.164.156:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 94ff1affeca5b762962db2681243fe5b
ad0ecac4dd33156ef31ec5cacb4c738f5cc2131b
e25474bbad42b26c4ccb15b895aa82851fa7ede9577c7fc3ed100074885e8408
GET /r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-42931250-7&cid=46337930.1675356348&jid=325257204&_v=5.7.2&z=1254978700 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.file-upload.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42931250-7&cid=46337930.1675356348&jid=325257204&_v=5.7.2&z=1254978700
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 02 Feb 2023 16:45:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: Golfe2
content-length: 366
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2dc2e297877f6332a114de88eeeaca61
cc91e58f3dd132b078223d21cd3177f0819e40e7
94f1191402d63bc2757d7ec854bc418dd6929b5aa9efb815d9bd35f8dab98fef
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:45:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 4cf0ccf2909be74efd7a89dbe4228ffb
b4993da334b48312584d116a3de4be4cd71962cf
e81c8aa45d0707079d9eba798fb447059042453be4834d14467839688ca66f5d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:45:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42931250-7&cid=46337930.1675356348&jid=325257204&_v=5.7.2&z=1254978700
142.250.74.164302 Found 0 B URL HTTP/2 www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42931250-7&cid=46337930.1675356348&jid=325257204&_v=5.7.2&z=1254978700
IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42931250-7&cid=46337930.1675356348&jid=325257204&_v=5.7.2&z=1254978700 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.file-upload.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 16:45:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42931250-7&cid=46337930.1675356348&jid=325257204&_v=5.7.2&z=1254978700&slf_rd=1&random=3274009331
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
equitydefault.com/38/f0/0a/38f00a36b3d7705a00e14d2d7baaa601.js
173.233.139.164200 OK 13 kB URL HTTP/1.1 equitydefault.com/38/f0/0a/38f00a36b3d7705a00e14d2d7baaa601.js
IP 173.233.139.164:0
File type ASCII text, with very long lines (37142), with no line terminators
Hash fe3079fa0312f610d8b48b557c6ca6b2
37974e9d874c640bdfca7a77582cc786ec1b2e84
7575a6c328f48865f7485b5e7aad6583f228c0afd352cbe60d0354324c4f6eb1
Analyzer Verdict Alert quad9 Sinkholed
GET /38/f0/0a/38f00a36b3d7705a00e14d2d7baaa601.js HTTP/1.1
Host: equitydefault.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.file-upload.com/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 02 Feb 2023 16:45:21 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d0efe3fc2431c13336d0474a08164054
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
connect.facebook.net/en_US/sdk.js?hash=6752170c39001fa696962cbfa37764b3
157.240.205.11200 OK 87 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=6752170c39001fa696962cbfa37764b3
IP 157.240.205.11:0
File type ASCII text, with very long lines (13192)
Hash 82d6644cc6b8aac3413489e9c8fd22c4
05cf83d03ff6ad342d7ae130cb8d85f47736f8f7
ce6b4e73ab029cfff14c92143d4bab4115e5bc8836c140a1bcf02cf3fb7cb510
GET /en_US/sdk.js?hash=6752170c39001fa696962cbfa37764b3 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.file-upload.com
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 16a8fc44e6575d26c2236b30bb07085a
etag: "e1d06f306b7b72602283fa12bb14ab14"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Fri, 02 Feb 2024 14:31:24 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: gtZkTMa4qsNBNInpyP0ixA==
x-fb-debug: OgjN1g85lBr3F+EwX/3Ww+F0G1hicXq1LODkhOnU+oaUXxVVK0MdBFzbNAPVe7q8aEv0oF7h+ylPl0tGDXxHOQ==
priority: u=3,i
content-length: 86979
x-fb-trip-id: 1679558926
date: Thu, 02 Feb 2023 16:45:21 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a4253e662d539c01b8656dbb6d73aab1
08f71eead367b6fa76b99f7f590680a5f5650b62
f05b99f6b0c8fb5c38221d02c0c9ed96389fbd5105d6329cdc733d1fae411df2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:45:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42931250-7&cid=46337930.1675356348&jid=325257204&_v=5.7.2&z=1254978700&slf_rd=1&random=3274009331
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42931250-7&cid=46337930.1675356348&jid=325257204&_v=5.7.2&z=1254978700&slf_rd=1&random=3274009331
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42931250-7&cid=46337930.1675356348&jid=325257204&_v=5.7.2&z=1254978700&slf_rd=1&random=3274009331 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.file-upload.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 16:45:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a4253e662d539c01b8656dbb6d73aab1
08f71eead367b6fa76b99f7f590680a5f5650b62
f05b99f6b0c8fb5c38221d02c0c9ed96389fbd5105d6329cdc733d1fae411df2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:45:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
friendshipmale.com/sfp.js
172.64.202.23200 OK 28 kB URL HTTP/1.1 friendshipmale.com/sfp.js
IP 172.64.202.23:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash b1fa950e77a7db5425f9a5257af02e9c
2d5580451f34ad96218f8b97edf9708f9ee1be87
d999c4320df27dc4a1d3de5aec22bb3ef201560b47a7eff3f28f4133c1997a14
Analyzer Verdict Alert fortinet Malware
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.file-upload.com/
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 16:45:21 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: max-age=14400
X-Request-ID: 7a2e83bcff980de262f80459b8680167
Strict-Transport-Security: max-age=0; includeSubdomains
CF-Cache-Status: EXPIRED
Last-Modified: Thu, 02 Feb 2023 16:45:21 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fJvtfwH3yOuJvCR7hEq0rS2J7F1N%2F9Ouxatwpj0y2Yku08Z4tkZeYgwmth5VOngiXNP6p9ZGHkWQLIdcewkHzZGG1RmfgGJCzCVajTfOslT7U%2FDn0q6yBLGhJvE7%2BNA8trLxAfU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793465934b6275c0-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10701
Expires: Thu, 02 Feb 2023 19:43:43 GMT
Date: Thu, 02 Feb 2023 16:45:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10701
Expires: Thu, 02 Feb 2023 19:43:43 GMT
Date: Thu, 02 Feb 2023 16:45:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10701
Expires: Thu, 02 Feb 2023 19:43:43 GMT
Date: Thu, 02 Feb 2023 16:45:22 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7c823f1d6bf1c50d58eb263b85e6e37c
a7b74d11494fb3254df907e5cc1eead070d84617
b2706961eb756383e0988dfdb501dc424aea59697aedd1e4a6c294c314a31935
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5356
x-amzn-requestid: fef22c83-35a4-4990-9008-af5853f838d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BEB6oAMFczg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-68d3017555c069bc3107d150;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XyDZc0F-b0rxwoS5wvSXBuBfYE7JljMmuXseBjLOBk4HvxU5gE7Oqg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:18:55 GMT
age: 66387
etag: "a7b74d11494fb3254df907e5cc1eead070d84617"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10701
Expires: Thu, 02 Feb 2023 19:43:43 GMT
Date: Thu, 02 Feb 2023 16:45:22 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd3cca56-2e75-4efc-8090-c33c65a99f80.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd3cca56-2e75-4efc-8090-c33c65a99f80.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b9af1fd56c0de8f128ddce88d49c1b4d
e3bb3d4950f7c0267f4476eef21872da332831aa
908153182f76362ff329803d9c11c06c66181e85e8e51dabd927f1f1ac630d5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd3cca56-2e75-4efc-8090-c33c65a99f80.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8944
x-amzn-requestid: 07495184-ede8-485c-94e8-5302ec348ea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: freiLHRPoAMFYbw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dade0d-275437a54eceb40e302a7f55;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:47:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 86qoRJHXcrnBGi3REMF5q3ANzKdqEs5F3yFUBmiIt6SCbBVnhGe2Kw==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:58:57 GMT
age: 67585
etag: "e3bb3d4950f7c0267f4476eef21872da332831aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4bb3a6fba496d54cdbbccaf2b9600386
8e30002699e9fbf2047f9ac11a36d2175fc9c591
927bf3a04b011b4e3bc8d8772a3d5813507f7f523312d43627767b64615562f3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15857
x-amzn-requestid: cfe36b9d-34f6-4f3f-896e-e70ec45c4a04
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJ2JGGWoAMFSLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bcf3-0dd68dd778b9aba268a129b0;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: C1kqthy0eZop0UZfG3_op5xeBOVGiPLYfia4uS1l4-kchEzV6ccE9w==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 07:28:37 GMT
age: 33405
etag: "8e30002699e9fbf2047f9ac11a36d2175fc9c591"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 395bb0f71f9eba82f5ca23548d08900f
b1fada280c7ea3eb775a6fa46ce173a51eb045f5
7443babb69532e1ee3ee779e05ad4f62de2c5bf62548bcb5702f8290a527664c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11367
x-amzn-requestid: 67702c15-9a68-46ec-95e5-efb57f08e2f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5OGfBoAMF3Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6e-033182ba55fdd0230ad5a270;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: H1HIK6zdv95V96NxqSfHCqYtDQNPZ9NLAwG5oM5mwRr3nAUR0BPxlg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:25:11 GMT
age: 66011
etag: "b1fada280c7ea3eb775a6fa46ce173a51eb045f5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ff2ba7c-95eb-402b-8e98-e95f8ac322aa.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ff2ba7c-95eb-402b-8e98-e95f8ac322aa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0f85742f336de59ca88f7f964a8b33f4
0fc7177f8cb06421a8807e93989f651bda743567
fbd5fd39c39c218b0fa956f8cb8050cbdbfcb109a92303f6175d73cc8c339526
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ff2ba7c-95eb-402b-8e98-e95f8ac322aa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8642
x-amzn-requestid: 79840c68-3e99-428d-9c01-9e4a93a34486
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdUzH1-oAMFiwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadc1e-5bb93c5126aaff474900da63;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:39:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Mc8C-oesi4njIn2K2f56GKuyt6erRJAqCU-B4InhTD8oIoqo4s5-Fg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:18:43 GMT
age: 66399
etag: "0fc7177f8cb06421a8807e93989f651bda743567"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04301881-7728-4218-a61a-642cd5ffae53.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04301881-7728-4218-a61a-642cd5ffae53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0224e848c34cb32cf932ed99dfd8468a
31c1abac8979bca5a998a6649ca3e6f59c0fb2f5
f93d5a69758e57d4d2b0d307ce98ad5ea8d86b825108873e8ea5bc36567dc5c0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04301881-7728-4218-a61a-642cd5ffae53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5061
x-amzn-requestid: a266acae-8f1e-4cd7-b93b-e40aa5393521
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdUpGcmoAMF16Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadc1d-1fbae7785fccc58f71c1b3e9;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:39:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: PevXZz9rkBo3Cy6EooCVOpSoHyeKHMoYFjKRrvDld34WFWXzOmpANQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:11:31 GMT
age: 66831
etag: "31c1abac8979bca5a998a6649ca3e6f59c0fb2f5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 16dd0f4fd355cbb105a0f14b0487c466
55af85a5f8ce5e9831574d3cd7bb0b58b4eb3354
56e8f290444a477c4241fea92565c1c32fab07779fbf162f8c569ee5b5b3da09
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=95911
Date: Thu, 02 Feb 2023 16:45:22 GMT
Etag: "63dab409-1d7"
Expires: Fri, 03 Feb 2023 19:23:53 GMT
Last-Modified: Wed, 01 Feb 2023 18:48:41 GMT
Server: ECS (nyb/1D15)
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: RZMh1dzxNzYnU0Penwk7m4HdHvt0GAfpbqchtAEe0WrpCZL6ugr3eA==
Age: 2112
webpick-cdn.s3.us-west-2.amazonaws.com/getlaid.jpeg
3.5.76.168200 OK 9.3 kB URL HTTP/1.1 webpick-cdn.s3.us-west-2.amazonaws.com/getlaid.jpeg
IP 3.5.76.168:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash e73bda30c82b74c32e5f03e4ed4e4bb1
e2b381468138921e418865ca53fd7b91ab8febb8
e6a18e81d67bc6cfadbe2c86c78b99c0e01644cdeafb48144663121b629ea227
GET /getlaid.jpeg HTTP/1.1
Host: webpick-cdn.s3.us-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: ybVEafzH4wKmy2nt1N5OUrnrzovNI9HVDUzrbJzVC8d3nvvE98aEz4uRQcAuU1d8nJ2NLDJFg4cJQag+HHklcA==
x-amz-request-id: 6T3B3AF0KXDM2G17
Date: Thu, 02 Feb 2023 16:45:24 GMT
Last-Modified: Thu, 25 Jun 2020 08:18:14 GMT
ETag: "e73bda30c82b74c32e5f03e4ed4e4bb1"
x-amz-meta-s3b-last-modified: 20200625T081632Z
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 9313
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 47d3156a01937914d3788651a5a1df4e
9f757e95fa9ba9ea3949d29f2617040b3088464a
95796fa7ec26c1f9f6f4d1503b0034405e323786758ae835de2ae53f6e378ec5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "95796FA7EC26C1F9F6F4D1503B0034405E323786758AE835DE2AE53F6E378EC5"
Last-Modified: Thu, 02 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4640
Expires: Thu, 02 Feb 2023 18:02:46 GMT
Date: Thu, 02 Feb 2023 16:45:26 GMT
Connection: keep-alive
inflectedminimalbits.com/sbar.json?key=38f00a36b3d7705a00e14d2d7baaa601&uuid=a437c3e4-a681-4b45-8b23-55eb8ad15bf1%3A2%3A1
192.243.59.20200 OK 4.0 kB URL HTTP/1.1 inflectedminimalbits.com/sbar.json?key=38f00a36b3d7705a00e14d2d7baaa601&uuid=a437c3e4-a681-4b45-8b23-55eb8ad15bf1%3A2%3A1
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (6278), with no line terminators
Hash 6e3d520a28cb96ea7b4665b502428387
f3e2bd41ac5ed729d3d74c2781d338642ccb2841
85c1e9b920a7e8f5289cfe4490a83e4535d7ad7be5e577cd5635e80030759a8f
GET /sbar.json?key=38f00a36b3d7705a00e14d2d7baaa601&uuid=a437c3e4-a681-4b45-8b23-55eb8ad15bf1%3A2%3A1 HTTP/1.1
Host: inflectedminimalbits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.file-upload.com
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 02 Feb 2023 16:45:26 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://www.file-upload.com
Access-Control-Allow-Origin: http://www.file-upload.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16537667; expires=Fri, 03 Feb 2023 16:45:26 GMT; secure; SameSite=None
uid_id2=a437c3e4-a681-4b45-8b23-55eb8ad15bf1:2:1; expires=Thu, 09 Feb 2023 16:45:26 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 03 Feb 2023 16:45:26 GMT; secure; SameSite=None
uncs=1; expires=Fri, 03 Feb 2023 16:45:26 GMT; secure; SameSite=None
pdhtkv29=true; expires=Fri, 03 Feb 2023 16:45:26 GMT; secure; SameSite=None
uncs29=1; expires=Fri, 03 Feb 2023 16:45:26 GMT; secure; SameSite=None
slec38f00a36b3d7705a00e14d2d7baaa601=[3952979]; expires=Thu, 02 Feb 2023 16:45:31 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ec025dad5c519ac03f99d4f2e8bded07
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d62d6b1aa5d380b6cdbfae5d3dca5421
f715b643ffd374ace9695098eb3ed3a70de0fde1
04f32494a66d0cd2ed4b1a8078b86edcfca40190fedcf0334d9cd62ca2ca6d19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "04F32494A66D0CD2ED4B1A8078B86EDCFCA40190FEDCF0334D9CD62CA2CA6D19"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14591
Expires: Thu, 02 Feb 2023 20:48:37 GMT
Date: Thu, 02 Feb 2023 16:45:26 GMT
Connection: keep-alive
inflectedminimalbits.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSujslBcjJ48SA0wYOCO6me7t6ZMcLi5ocEYxKTSMRTqrqqZ8ut6Wqquqcng4doQHIRJic9eOj9ZpNFDWr%2BAEFmvYS9mBGUIbjiQfAuevIgMxlcfIf63qvvHb73vffRVrlPKEo2u%2FSmGSqt2Ym4Qf0Xr6lMmMr5F676AW3Qk%2F41la1GJ%2F3B%2FLH9VwIaN%2BhL%2Fusy2TQnmjSgNKCBf1ZZmZrBiQULld%2FvBI0ObUTNRhBHGNj%2F16704JgH0d8nx6DE9MjGwwdQyQRZ75vT0m0WJn%2F5TK%2FUrDAWfbHzdraZmSpD7yBNrYc021l2w7gpIZ8egsl2lhPA9LfnE4CrKfF%2BDsCznaVM8P7dJ0q5hszAxVFU%2FQmknkCxCRJzC0o8IkAicOEist69C8ZW7MYTls3ZKTn8959Q1ZQc%2FuVZZL2v1rUa%2BFeMLgtlModBWkMNJlDdCfJyF8XQg6p2kRQfQgmCrFdDidkLLApbSSijFbbaDlYiHsUrbd4MV%2BJY8jYTQczTYGGNUhOodAItR2DuEErnoVQeytRDmXvoiZnP4k5KaSvlaRi2oyRJwjBJ4vaqiEUYtVOKMplrH6HIR0j0CIm9idzexKa68yg%2BBlt%2BB7dRwwkPriDoixqVJKgcQcUIKkVQFQRVv74rtGu6%2Bp7QruTBEptLDOuxKbpb7K4pujIjW%2Fk%2BeWbh2T%2FvnMKmnPlhO6WUhas8FK0WjRmlMohEU7Q4Y2yVBnCqhnKHwJyH4XyBP11HPsczv4GzXTi9i0QdByufB6vGrSYF2xhHbYph9nWqtFwpc22YaCSmB2Fq5MVhFDe8Lb1PnltIefWtK5DJ3trss%2BFfavtpJLZGbmu8p74n6Orb48umItuXTeXIg4t5oXpqyOarvVKwQh754g15ozJWnDvtRp%2B%2FlsyJeXr%2FqnTFeZYJlXUd%2BXJdCSHtWWMTSb49565Jfql0G%2Bulzcr8%2FKVTZ8%2F1ciudUyabgKkpIR%2B8j0RNyVEvW5ytP9iHshPYskav3CPLgDK7SPKbcPne2icfX%2Fz1pHgXzhBYfdDDcw9VWY9tkx98akWg5UHNeA0n99YePj7%2Bw%2B%2FX18Hlf4ZsudvoWg%2BsuLU41r6t0dc1mB7BlU%2BNi9zurf0YLgJce2OurbfNtdV3npjr1MyXcUpTSZuSpx2ethgVnTTqcNYJZIvHLEDhpsnjP%2B79CwAA%2F%2F8BAAD%2F%2F7pTbxyOBAAA
192.243.59.20200 OK 7 B URL HTTP/1.1 inflectedminimalbits.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSujslBcjJ48SA0wYOCO6me7t6ZMcLi5ocEYxKTSMRTqrqqZ8ut6Wqquqcng4doQHIRJic9eOj9ZpNFDWr%2BAEFmvYS9mBGUIbjiQfAuevIgMxlcfIf63qvvHb73vffRVrlPKEo2u%2FSmGSqt2Ym4Qf0Xr6lMmMr5F676AW3Qk%2F41la1GJ%2F3B%2FLH9VwIaN%2BhL%2Fusy2TQnmjSgNKCBf1ZZmZrBiQULld%2FvBI0ObUTNRhBHGNj%2F16704JgH0d8nx6DE9MjGwwdQyQRZ75vT0m0WJn%2F5TK%2FUrDAWfbHzdraZmSpD7yBNrYc021l2w7gpIZ8egsl2lhPA9LfnE4CrKfF%2BDsCznaVM8P7dJ0q5hszAxVFU%2FQmknkCxCRJzC0o8IkAicOEist69C8ZW7MYTls3ZKTn8959Q1ZQc%2FuVZZL2v1rUa%2BFeMLgtlModBWkMNJlDdCfJyF8XQg6p2kRQfQgmCrFdDidkLLApbSSijFbbaDlYiHsUrbd4MV%2BJY8jYTQczTYGGNUhOodAItR2DuEErnoVQeytRDmXvoiZnP4k5KaSvlaRi2oyRJwjBJ4vaqiEUYtVOKMplrH6HIR0j0CIm9idzexKa68yg%2BBlt%2BB7dRwwkPriDoixqVJKgcQcUIKkVQFQRVv74rtGu6%2Bp7QruTBEptLDOuxKbpb7K4pujIjW%2Fk%2BeWbh2T%2FvnMKmnPlhO6WUhas8FK0WjRmlMohEU7Q4Y2yVBnCqhnKHwJyH4XyBP11HPsczv4GzXTi9i0QdByufB6vGrSYF2xhHbYph9nWqtFwpc22YaCSmB2Fq5MVhFDe8Lb1PnltIefWtK5DJ3trss%2BFfavtpJLZGbmu8p74n6Orb48umItuXTeXIg4t5oXpqyOarvVKwQh754g15ozJWnDvtRp%2B%2FlsyJeXr%2FqnTFeZYJlXUd%2BXJdCSHtWWMTSb49565Jfql0G%2Bulzcr8%2FKVTZ8%2F1ciudUyabgKkpIR%2B8j0RNyVEvW5ytP9iHshPYskav3CPLgDK7SPKbcPne2icfX%2Fz1pHgXzhBYfdDDcw9VWY9tkx98akWg5UHNeA0n99YePj7%2Bw%2B%2FX18Hlf4ZsudvoWg%2BsuLU41r6t0dc1mB7BlU%2BNi9zurf0YLgJce2OurbfNtdV3npjr1MyXcUpTSZuSpx2ethgVnTTqcNYJZIvHLEDhpsnjP%2B79CwAA%2F%2F8BAAD%2F%2F7pTbxyOBAAA
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSujslBcjJ48SA0wYOCO6me7t6ZMcLi5ocEYxKTSMRTqrqqZ8ut6Wqquqcng4doQHIRJic9eOj9ZpNFDWr%2BAEFmvYS9mBGUIbjiQfAuevIgMxlcfIf63qvvHb73vffRVrlPKEo2u%2FSmGSqt2Ym4Qf0Xr6lMmMr5F676AW3Qk%2F41la1GJ%2F3B%2FLH9VwIaN%2BhL%2Fusy2TQnmjSgNKCBf1ZZmZrBiQULld%2FvBI0ObUTNRhBHGNj%2F16704JgH0d8nx6DE9MjGwwdQyQRZ75vT0m0WJn%2F5TK%2FUrDAWfbHzdraZmSpD7yBNrYc021l2w7gpIZ8egsl2lhPA9LfnE4CrKfF%2BDsCznaVM8P7dJ0q5hszAxVFU%2FQmknkCxCRJzC0o8IkAicOEist69C8ZW7MYTls3ZKTn8959Q1ZQc%2FuVZZL2v1rUa%2BFeMLgtlModBWkMNJlDdCfJyF8XQg6p2kRQfQgmCrFdDidkLLApbSSijFbbaDlYiHsUrbd4MV%2BJY8jYTQczTYGGNUhOodAItR2DuEErnoVQeytRDmXvoiZnP4k5KaSvlaRi2oyRJwjBJ4vaqiEUYtVOKMplrH6HIR0j0CIm9idzexKa68yg%2BBlt%2BB7dRwwkPriDoixqVJKgcQcUIKkVQFQRVv74rtGu6%2Bp7QruTBEptLDOuxKbpb7K4pujIjW%2Fk%2BeWbh2T%2FvnMKmnPlhO6WUhas8FK0WjRmlMohEU7Q4Y2yVBnCqhnKHwJyH4XyBP11HPsczv4GzXTi9i0QdByufB6vGrSYF2xhHbYph9nWqtFwpc22YaCSmB2Fq5MVhFDe8Lb1PnltIefWtK5DJ3trss%2BFfavtpJLZGbmu8p74n6Orb48umItuXTeXIg4t5oXpqyOarvVKwQh754g15ozJWnDvtRp%2B%2FlsyJeXr%2FqnTFeZYJlXUd%2BXJdCSHtWWMTSb49565Jfql0G%2Bulzcr8%2FKVTZ8%2F1ciudUyabgKkpIR%2B8j0RNyVEvW5ytP9iHshPYskav3CPLgDK7SPKbcPne2icfX%2Fz1pHgXzhBYfdDDcw9VWY9tkx98akWg5UHNeA0n99YePj7%2Bw%2B%2FX18Hlf4ZsudvoWg%2BsuLU41r6t0dc1mB7BlU%2BNi9zurf0YLgJce2OurbfNtdV3npjr1MyXcUpTSZuSpx2ethgVnTTqcNYJZIvHLEDhpsnjP%2B79CwAA%2F%2F8BAAD%2F%2F7pTbxyOBAAA HTTP/1.1
Host: inflectedminimalbits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.file-upload.com/
Cookie: u_pl=16537667; uid_id2=a437c3e4-a681-4b45-8b23-55eb8ad15bf1:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 02 Feb 2023 16:45:26 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fc9a004377cf368bb1f767f58e931a14
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.barscreative1.com/sb/au/5e/2f/d4/5e2fd4b3d4c51bdf7b2952c27a9795ef/1652872195.html
45.133.44.3200 OK 955 B URL HTTP/2 cdn.barscreative1.com/sb/au/5e/2f/d4/5e2fd4b3d4c51bdf7b2952c27a9795ef/1652872195.html
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text
Hash 3311b451b6e90781dab5ae61a1e4f65d
940e4700d9c5fbf74f8c15dcf10c28661e34cf2c
3def788280ca0f9ba09e050e3f3bfba82e5268fe2104f1c02a8f265c12774023
Analyzer Verdict Alert fortinet Phishing
GET /sb/au/5e/2f/d4/5e2fd4b3d4c51bdf7b2952c27a9795ef/1652872195.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.file-upload.com
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:45:26 GMT
content-type: text/html; charset=utf-8
content-length: 955
server: nginx/1.17.6
last-modified: Wed, 18 May 2022 11:09:59 GMT
etag: "6284d407-3bb"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
expires: Thu, 02 Feb 2023 17:45:26 GMT
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e1326b1d0b68cc5f9b8efc40c36f9231
d3578c1a32fbc184b8169373299d315ca68b2f12
25c07b57c23f9ecc3499e3f95c6f44c74a532a1ac521562c689d665a29fc9614
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "25C07B57C23F9ECC3499E3F95C6F44C74A532A1AC521562C689D665A29FC9614"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3729
Expires: Thu, 02 Feb 2023 17:47:36 GMT
Date: Thu, 02 Feb 2023 16:45:27 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e1326b1d0b68cc5f9b8efc40c36f9231
d3578c1a32fbc184b8169373299d315ca68b2f12
25c07b57c23f9ecc3499e3f95c6f44c74a532a1ac521562c689d665a29fc9614
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "25C07B57C23F9ECC3499E3F95C6F44C74A532A1AC521562C689D665A29FC9614"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3729
Expires: Thu, 02 Feb 2023 17:47:36 GMT
Date: Thu, 02 Feb 2023 16:45:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d1ede23ab1ddbc0d7fa930fd3810e49e
879f79b820606c514ae97d5a3c2be12533440a51
7ec120a673fc6ae1a147829269069666ef47b0258b832030906da7dc97ab2a14
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7EC120A673FC6AE1A147829269069666EF47B0258B832030906DA7DC97AB2A14"
Last-Modified: Tue, 31 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11341
Expires: Thu, 02 Feb 2023 19:54:28 GMT
Date: Thu, 02 Feb 2023 16:45:27 GMT
Connection: keep-alive
cdn.cloudimagesb.com/si/e3/38/1c/e3381c2969587380b30458753c6349d5/1674361501.png
45.133.44.10200 OK 12 kB URL HTTP/2 cdn.cloudimagesb.com/si/e3/38/1c/e3381c2969587380b30458753c6349d5/1674361501.png
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash c07f1baac701b672939b359081f813c7
d38ffbae259aae1e8ad3b38959339bb29da9b69f
85bc8e3de3651f6f03dc381ea4bbaff350d8973c37f598582838677817bf1826
GET /si/e3/38/1c/e3381c2969587380b30458753c6349d5/1674361501.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:45:27 GMT
content-type: image/png
content-length: 12186
server: nginx/1.17.6
last-modified: Sun, 22 Jan 2023 04:25:10 GMT
etag: "63ccbaa6-2f9a"
expires: Sat, 04 Feb 2023 16:45:27 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/software/us/ios/desk-new-big/css/style.css
172.64.167.9200 OK 1.8 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/software/us/ios/desk-new-big/css/style.css
IP 172.64.167.9:0
Hash 7429c1804169c03c7a6d72bff347bf72
90e43479eb293a5482aaf4b6c3dc7cfacc1754e9
5b5ddaacf8fd45a96fc5c0f603833ceaefb2bb1127785fde11678110732726bc
GET /sb/notifications/software/us/ios/desk-new-big/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.file-upload.com
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:45:27 GMT
content-type: text/css
last-modified: Thu, 23 Sep 2021 12:16:53 GMT
etag: W/"614c7035-145e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BadANFXoGkj%2FyDWpRvzWG4eCuxP43DmOSx5eGSF%2FCtys04x4oJy6Jkd9%2FvSVJMoO6Xh6oiWjPun%2FsWGlJvVSkznPMkTxUt1l%2FMkqSllrVB%2FENs9BzJXH8NtVQnHsTdRgRMiUtvm%2FIHuv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793465b48cd075a5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/software/us/ios/desk-new-big/css/animate.css
172.64.167.9200 OK 4.8 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/software/us/ios/desk-new-big/css/animate.css
IP 172.64.167.9:0
Hash b0af94306e34d863f64baa44f42f77c6
ad2be00e29e0654550b96d62fe35646ead8cd842
035253b8637a8f47df557ac142af86db549f515c9749f6b8768641bf64a94b95
GET /sb/notifications/software/us/ios/desk-new-big/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.file-upload.com
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:45:27 GMT
content-type: text/css
last-modified: Wed, 17 Feb 2021 11:44:02 GMT
etag: W/"602d0182-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VRwfgSOZ%2F0rC3PvAD81KNw%2BJF2zMGyZUV6ab5%2FkoVwtID841PKqq61M6vDFqiHNH2jlExZFy%2FxnCx9qhZVw%2F0YuYBxo99uSJD9h1RkxUGMH89lgrIiDNW8Bkah0YKpqhz4EDnECJjQsE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793465b48cc975a5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
inflectedminimalbits.com/pixel/sbs?c=1
192.243.59.20200 OK 0 B URL HTTP/1.1 inflectedminimalbits.com/pixel/sbs?c=1
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/sbs?c=1 HTTP/1.1
Host: inflectedminimalbits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.file-upload.com/
Cookie: u_pl=16537667; uid_id2=a437c3e4-a681-4b45-8b23-55eb8ad15bf1:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 02 Feb 2023 16:45:27 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.creative-bars1.com/sb/notifications/software/us/ios/desk-new-big/SFUIText-Regular.woff
172.64.167.9200 OK 73 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/software/us/ios/desk-new-big/SFUIText-Regular.woff
IP 172.64.167.9:0
File type Web Open Font Format, TrueType, length 72696, version 11.0\012- data
Hash 53d97caea7ef8a12beab745fcc5744e1
b8c70e4f67957e4f2cb809a58d84c773a3bde6d0
542772868e28df6d786b6f00f9dec929cba214d928cb013b32588485b46f8715
GET /sb/notifications/software/us/ios/desk-new-big/SFUIText-Regular.woff HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.file-upload.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:45:27 GMT
content-type: application/font-woff
content-length: 72696
last-modified: Wed, 17 Feb 2021 11:42:38 GMT
etag: "602d012e-11bf8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xy0CXEtgXtPe4dgxLds%2FKWnKIGD6RS8u4k8X3zQVwGRHzPenhAhGtpQBUT%2F6hm2MDHo2EwbcwM1yqZ%2FE%2FbFtTdudvIxrRGX4clMC%2BUstLfDkX%2FBE0vPwicijENsP3Q9AuKD94FTr2rpM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793465b6f81975a5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/software/us/ios/desk-new-big/js/script.js
172.64.167.9200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/software/us/ios/desk-new-big/js/script.js
IP 172.64.167.9:0
GET /sb/notifications/software/us/ios/desk-new-big/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.file-upload.com
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:45:27 GMT
content-type: application/javascript
last-modified: Wed, 17 Feb 2021 11:44:05 GMT
etag: W/"602d0185-183"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tDni7lb%2FcbYskUUZnEobe%2Bv2QIJjLeWGkcPlSB8D5eEIaGmKFxv%2BFSc%2FJIlij5nn0PqOsKa26sBdxOikHBu4M9M8ZROwZj3lMIlmYnFW35Fv16hN5KjTEaCH8HEhBRhR%2FtZoYVjp5t%2Fj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793465b48cce75a5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/
172.64.132.29200 OK 0 B IP 172.64.132.29:0
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.file-upload.com/
Origin: http://www.file-upload.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:45:20 GMT
content-type: text/plain
set-cookie: csu=1515130291653768@1@1675356320; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: http://www.file-upload.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KjshQq7vx3EKu5Kk%2BYH6GRoKTAkQ1P3rxeNlV3h%2FGnHQNur35tFC9usAjIJnsyiSmasxNIFHCh%2BKlRkePHtSP1CokEubiC2f0J%2FWE%2BmHsb0iCiTA763Jmp%2BLVOEgtfbI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7934658cbbcd7200-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.132.29200 OK 0 B IP 172.64.132.29:0
Analyzer Verdict Alert quad9 Sinkholed
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.file-upload.com/
Origin: http://www.file-upload.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:45:20 GMT
content-type: binary/octet-stream
access-control-allow-origin: http://www.file-upload.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Thu, 02 Feb 2023 16:45:20 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sa0mARGfip%2F8%2BpvZK6skSJGTRYdKAf08VM5nUOgDbWLH6resRitXbdp%2FLONKrQKIaOIaqmzY3tjXo96%2F3iyIFt2tds%2BSbmYXnl20QFsmFEHZ4uG4879uBvhnY%2F3tqrV5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934658ccbda7200-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.132.29200 OK 0 B IP 172.64.132.29:0
Analyzer Verdict Alert quad9 Sinkholed
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.file-upload.com/
Origin: http://www.file-upload.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:45:20 GMT
content-type: binary/octet-stream
access-control-allow-origin: http://www.file-upload.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Thu, 02 Feb 2023 16:45:20 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2Bffb2dbV6IHNEpgGKGdWcL3X%2B8G9%2F1Rr0kF2roJ6pgmhHuyPSsQC0s7W%2BnIL8FryhePuc9pXNQYaesAy8NKzI6YJJUEix3%2F9xi46swrnOb299RiHLcY%2BU09FICUnnbo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934658ccbdd7200-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.file-upload.com/mngez/images/anti1.png
188.114.96.1200 OK 0 B URL HTTP/2 www.file-upload.com/mngez/images/anti1.png
IP 188.114.96.1:0
GET /mngez/images/anti1.png HTTP/1.1
Host: www.file-upload.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:45:19 GMT
content-type: image/png
vary: Accept-Encoding
last-modified: Fri, 28 Dec 2018 22:57:30 GMT
etag: W/"4aae-57e1cfcdbca80"
cache-control: public, max-age=31536000
expires: Mon, 13 Jun 2022 22:59:53 GMT
x-cache: HIT from Backend
cf-cache-status: HIT
age: 20799926
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fkZOpdpBeOtq%2FOhzHwrES%2Fp5ZSZrUuJ22h%2FYZ7hG6wW%2FmMkDY17b6m0yeHQhd10WlCQAc9LxcUWtzbu9PKG1Ib7VbjPc%2BVNiQ1m7O3PTCCl392J%2BsTrVOxk8tFLU2wmPrr2FHOWB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79346585bc08b4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.file-upload.com/assets/images/norton.png
188.114.96.1200 OK 0 B URL HTTP/2 www.file-upload.com/assets/images/norton.png
IP 188.114.96.1:0
GET /assets/images/norton.png HTTP/1.1
Host: www.file-upload.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:45:19 GMT
content-type: image/png
vary: Accept-Encoding
last-modified: Fri, 09 Nov 2018 12:00:31 GMT
etag: W/"1363-57a3a191435c0"
cache-control: public, max-age=31536000
expires: Thu, 26 Jan 2023 04:56:15 GMT
x-cache: HIT from Backend
cf-cache-status: HIT
age: 1252144
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DRGRcIf6zM2ykv%2B7x9pyYnbUK85heyXw%2FfLjOkngptK3d68eqiA5XRQ1FF%2F2gts5HuZvw4jMm0pe9CVTGvrGyk3kNu%2Bymr3yr8g1bIW5myVrKoSVoppnjzdSulpAG8o50wXcUU7O"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79346585bc09b4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S-603253844%3A1675356320727100&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHevEBph3Y8YRSdZ-9expydqxdKeF24jSo9NkESYyVVoEJURtqENdE-Te-I_uKcBR3gEEF3duA
216.58.207.237403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S-603253844%3A1675356320727100&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHevEBph3Y8YRSdZ-9expydqxdKeF24jSo9NkESYyVVoEJURtqENdE-Te-I_uKcBR3gEEF3duA
IP 216.58.207.237:0
GET /v3/signin/identifier?dsh=S-603253844%3A1675356320727100&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHevEBph3Y8YRSdZ-9expydqxdKeF24jSo9NkESYyVVoEJURtqENdE-Te-I_uKcBR3gEEF3duA HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.file-upload.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 02 Feb 2023 16:45:20 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin
content-security-policy: script-src 'nonce-u-dEzQK_BmHULexlNaA49w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pogothere.xyz/
172.64.132.29200 OK 0 B IP 172.64.132.29:0
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.file-upload.com/
Origin: http://www.file-upload.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:45:20 GMT
content-type: text/plain
set-cookie: csu=352340438837512@1@1675356320; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: http://www.file-upload.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yNCqJ1aibVb6jSgjr74ijHSeKCYQy9LU5W2uw8eEV2yjiM2%2FQkwMMLWAt8VcoOqRb%2FcBq9NKljGGQbtB8h%2BDX%2BEHdjFhkVvHIURdhIC%2FLv0jsazJSx0AnyMa87TOelx3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7934658d6cce7200-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/
172.64.132.29200 OK 0 B IP 172.64.132.29:0
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.file-upload.com/
Origin: http://www.file-upload.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:45:20 GMT
content-type: text/plain
set-cookie: csu=1900740237804966@1@1675356320; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: http://www.file-upload.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v4qUxFb%2BmVdUvi7wLBWF4hQHl6qXnrw2ATrpX4zcFOcmljP29Vp2DnMLSGBSl1o%2FkdPC3TIG3hJ1eUBIYjaZEyOhiToSiUdiVsbP%2FwMXJiQRX9k02t8VfpKtf4e5Np7g"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7934658d6ccf7200-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.132.29200 OK 0 B IP 172.64.132.29:0
Analyzer Verdict Alert quad9 Sinkholed
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.file-upload.com/
Origin: http://www.file-upload.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:45:20 GMT
content-type: binary/octet-stream
access-control-allow-origin: http://www.file-upload.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Thu, 02 Feb 2023 16:45:20 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tm2NfMHZRkvcRVaZn6%2Ffc1AwJx0%2BK%2BSR29T6s3ZkJl1hQnhhsZBo70OQWY1ajpIs0zPbjYr%2FqPCN3uinAmGvWTo0U4pjTPQQlnmht0gNjp%2Bi6Lfj1CucfDBG8haXoZGn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934658cbbd37200-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2