r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6023
Expires: Sun, 29 Jan 2023 22:00:15 GMT
Date: Sun, 29 Jan 2023 20:19:52 GMT
Connection: keep-alive
firefile.cc/drive/s/lTNJuCSphMGnTVPVftc0FGOh33lduT!sgdpNdfQyn31ctN1
200 OK 9.0 kB URL HTTP/1.1 firefile.cc/drive/s/lTNJuCSphMGnTVPVftc0FGOh33lduT!sgdpNdfQyn31ctN1
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (23589)
Hash 59a44e27e78eeda673a0123fb814c583
1a1886ccb70f6aaedd7c8d5a6717253c872c5aac
67a30c4d8ae39d18c80fc109376b6d67082aac3511fe308ad20522f108325049
GET /drive/s/lTNJuCSphMGnTVPVftc0FGOh33lduT!sgdpNdfQyn31ctN1 HTTP/1.1
Host: firefile.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: XSRF-TOKEN=eyJpdiI6IkFTbGJGWmxvN3hhZzFtNE5KVkNjZWc9PSIsInZhbHVlIjoiSEhrVFRnKzlKYzRJaFducFFFU0xHdTZwQzg4K3NqR1NsS1lOMytmSTM2YUwwSVwva1BMM2s5amM3anFEOXhEKzU5SmtRaExXbkFnMVJpWVplbWtSWW1nPT0iLCJtYWMiOiI3ZmUwNmNkMmMxOWViMmQ5YTk4NjViZDYzZDVhMTM3OWZmODhjNjUzYmE3ZmI5YzIwNjIxMWU0ZDVhZTVmMTRhIn0%3D; expires=Sun, 29-Jan-2023 22:19:52 GMT; Max-Age=7200; path=/
laravel_session=eyJpdiI6ImFvdzIrRzRiTFN5Z1ZkVDdWNHhIU3c9PSIsInZhbHVlIjoiR2UrOHBrdHVVM05QdkZXc1RyS21Eczc5aFhpcTRZNWJZY2hvakdKOENZWEtGU1ZyZjhoaVwvbDNnbEhqMDZqaThVSkc2amVvZjBIQkY1SDJvR3RjNTZRPT0iLCJtYWMiOiI3NzY3MDFmOTQzZTdkZmQ5NzU4ZTE4NGRiYzI1NDFjNjY1ZWJhMmZkMDhiNWNlMjcyN2ZkM2Y0NTRjZWVmM2VjIn0%3D; expires=Sun, 29-Jan-2023 22:19:52 GMT; Max-Age=7200; path=/; httponly
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Date: Sun, 29 Jan 2023 20:19:52 GMT
X-Page-Speed: powered by sun
Cache-Control: max-age=0, no-cache
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3eb88dea4fe00db1182370e72683c3ab
ca520abf1e91bfd2aef40c6a1270a911071e8922
d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20116
Expires: Mon, 30 Jan 2023 01:55:08 GMT
Date: Sun, 29 Jan 2023 20:19:52 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 29 Jan 2023 19:43:09 GMT
content-type: application/json
age: 2203
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 302c7548412192add063ad6c8b99cf3b
e5d178931a27db036ce8daae302594d3ff7050b8
fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2454
Expires: Sun, 29 Jan 2023 21:00:46 GMT
Date: Sun, 29 Jan 2023 20:19:52 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: sdVnJuSj/aME+U695xEARoQ57zZ71DI2lgT9jzEbPYw+/Ouo5SWyZZj5w6zvX6cYZqYOUVu1j5o=
x-amz-request-id: NMMPBMM8BSMFMH8N
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 29 Jan 2023 19:21:30 GMT
age: 3502
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 20:19:52 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 20:19:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefile.cc/client/styles.a63d7ccfabce013b75de.css
200 OK 37 kB URL HTTP/1.1 firefile.cc/client/styles.a63d7ccfabce013b75de.css
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 1adca8b35001c1b5c54eb60699094992
65fa2a3797423dcd39a6897db0b208eaea73d7c7
1be624fc5f58a642950d9160efdb66f9fbea48db27a3b9dc6ac857cb76a1043f
GET /client/styles.a63d7ccfabce013b75de.css HTTP/1.1
Host: firefile.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://firefile.cc/drive/s/lTNJuCSphMGnTVPVftc0FGOh33lduT!sgdpNdfQyn31ctN1
Cookie: XSRF-TOKEN=eyJpdiI6IkFTbGJGWmxvN3hhZzFtNE5KVkNjZWc9PSIsInZhbHVlIjoiSEhrVFRnKzlKYzRJaFducFFFU0xHdTZwQzg4K3NqR1NsS1lOMytmSTM2YUwwSVwva1BMM2s5amM3anFEOXhEKzU5SmtRaExXbkFnMVJpWVplbWtSWW1nPT0iLCJtYWMiOiI3ZmUwNmNkMmMxOWViMmQ5YTk4NjViZDYzZDVhMTM3OWZmODhjNjUzYmE3ZmI5YzIwNjIxMWU0ZDVhZTVmMTRhIn0%3D; laravel_session=eyJpdiI6ImFvdzIrRzRiTFN5Z1ZkVDdWNHhIU3c9PSIsInZhbHVlIjoiR2UrOHBrdHVVM05QdkZXc1RyS21Eczc5aFhpcTRZNWJZY2hvakdKOENZWEtGU1ZyZjhoaVwvbDNnbEhqMDZqaThVSkc2amVvZjBIQkY1SDJvR3RjNTZRPT0iLCJtYWMiOiI3NzY3MDFmOTQzZTdkZmQ5NzU4ZTE4NGRiYzI1NDFjNjY1ZWJhMmZkMDhiNWNlMjcyN2ZkM2Y0NTRjZWVmM2VjIn0%3D
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 20:19:53 GMT
Content-Type: text/css
Last-Modified: Mon, 21 Feb 2022 16:09:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6213b928-3bb7d"
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Cache-Control: s-maxage=10
firefile.cc/client/polyfills.d8237f1a0c9bde31b035.js
200 OK 36 kB URL HTTP/1.1 firefile.cc/client/polyfills.d8237f1a0c9bde31b035.js
IP
File type Unicode text, UTF-8 text, with very long lines (65503), with no line terminators
Hash dbf9bcfec103313b05a526eb0941281d
3219afbb1db12bf97dd0c49ed24e232e9567d5a1
b2649f9d68e5ccab7f366cab230545217ec88536ffbc44e5860a31aec7c5ad3e
GET /client/polyfills.d8237f1a0c9bde31b035.js HTTP/1.1
Host: firefile.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://firefile.cc/drive/s/lTNJuCSphMGnTVPVftc0FGOh33lduT!sgdpNdfQyn31ctN1
Cookie: XSRF-TOKEN=eyJpdiI6IkFTbGJGWmxvN3hhZzFtNE5KVkNjZWc9PSIsInZhbHVlIjoiSEhrVFRnKzlKYzRJaFducFFFU0xHdTZwQzg4K3NqR1NsS1lOMytmSTM2YUwwSVwva1BMM2s5amM3anFEOXhEKzU5SmtRaExXbkFnMVJpWVplbWtSWW1nPT0iLCJtYWMiOiI3ZmUwNmNkMmMxOWViMmQ5YTk4NjViZDYzZDVhMTM3OWZmODhjNjUzYmE3ZmI5YzIwNjIxMWU0ZDVhZTVmMTRhIn0%3D; laravel_session=eyJpdiI6ImFvdzIrRzRiTFN5Z1ZkVDdWNHhIU3c9PSIsInZhbHVlIjoiR2UrOHBrdHVVM05QdkZXc1RyS21Eczc5aFhpcTRZNWJZY2hvakdKOENZWEtGU1ZyZjhoaVwvbDNnbEhqMDZqaThVSkc2amVvZjBIQkY1SDJvR3RjNTZRPT0iLCJtYWMiOiI3NzY3MDFmOTQzZTdkZmQ5NzU4ZTE4NGRiYzI1NDFjNjY1ZWJhMmZkMDhiNWNlMjcyN2ZkM2Y0NTRjZWVmM2VjIn0%3D
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 20:19:53 GMT
Content-Type: application/javascript
Last-Modified: Mon, 21 Feb 2022 16:09:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6213b93c-1a467"
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Cache-Control: s-maxage=10
fonts.googleapis.com/css?family=Roboto:300,400,500
200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500
IP
Hash 0079afc55c569f0b756ad4bb0a6a716f
5233575334abf375d9cb40a0bc228dc8036c8c40
bd77062f3feadbf022bc8fad7e1fb90467e66afce57e9a46e47302edab35e516
GET /css?family=Roboto:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://firefile.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 29 Jan 2023 20:19:53 GMT
date: Sun, 29 Jan 2023 20:19:53 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
firefile.cc/client/runtime.c40abe49134c51971897.js
200 OK 1.3 kB URL HTTP/1.1 firefile.cc/client/runtime.c40abe49134c51971897.js
IP
File type ASCII text, with very long lines (2364)
Hash 339c0063fd22aef14be4b8d64f1fd54c
a8286c1006c1d51b777878aee87c156e86935d39
4e6228668b5586a006696e40d4f4f76159f25121dbaf64c3da2233e226133424
GET /client/runtime.c40abe49134c51971897.js HTTP/1.1
Host: firefile.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://firefile.cc/drive/s/lTNJuCSphMGnTVPVftc0FGOh33lduT!sgdpNdfQyn31ctN1
Cookie: XSRF-TOKEN=eyJpdiI6IkFTbGJGWmxvN3hhZzFtNE5KVkNjZWc9PSIsInZhbHVlIjoiSEhrVFRnKzlKYzRJaFducFFFU0xHdTZwQzg4K3NqR1NsS1lOMytmSTM2YUwwSVwva1BMM2s5amM3anFEOXhEKzU5SmtRaExXbkFnMVJpWVplbWtSWW1nPT0iLCJtYWMiOiI3ZmUwNmNkMmMxOWViMmQ5YTk4NjViZDYzZDVhMTM3OWZmODhjNjUzYmE3ZmI5YzIwNjIxMWU0ZDVhZTVmMTRhIn0%3D; laravel_session=eyJpdiI6ImFvdzIrRzRiTFN5Z1ZkVDdWNHhIU3c9PSIsInZhbHVlIjoiR2UrOHBrdHVVM05QdkZXc1RyS21Eczc5aFhpcTRZNWJZY2hvakdKOENZWEtGU1ZyZjhoaVwvbDNnbEhqMDZqaThVSkc2amVvZjBIQkY1SDJvR3RjNTZRPT0iLCJtYWMiOiI3NzY3MDFmOTQzZTdkZmQ5NzU4ZTE4NGRiYzI1NDFjNjY1ZWJhMmZkMDhiNWNlMjcyN2ZkM2Y0NTRjZWVmM2VjIn0%3D
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 20:19:53 GMT
Content-Type: application/javascript
Last-Modified: Mon, 21 Feb 2022 16:09:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6213b927-975"
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Cache-Control: s-maxage=10
firefile.cc/client/scripts.1831cb163f53a1241e24.js
200 OK 160 kB URL HTTP/1.1 firefile.cc/client/scripts.1831cb163f53a1241e24.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Size 160 kB (159735 bytes)
Hash a6eaf5a7989b6188aca990e04c194f52
0c7334a4f3074ba26169bc95260eeb33e8c2000f
a5846da594cbaf446aabb6b078e9d995318cf6a0a601a31a10a85f17ee5ea7f7
GET /client/scripts.1831cb163f53a1241e24.js HTTP/1.1
Host: firefile.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://firefile.cc/drive/s/lTNJuCSphMGnTVPVftc0FGOh33lduT!sgdpNdfQyn31ctN1
Cookie: XSRF-TOKEN=eyJpdiI6IkFTbGJGWmxvN3hhZzFtNE5KVkNjZWc9PSIsInZhbHVlIjoiSEhrVFRnKzlKYzRJaFducFFFU0xHdTZwQzg4K3NqR1NsS1lOMytmSTM2YUwwSVwva1BMM2s5amM3anFEOXhEKzU5SmtRaExXbkFnMVJpWVplbWtSWW1nPT0iLCJtYWMiOiI3ZmUwNmNkMmMxOWViMmQ5YTk4NjViZDYzZDVhMTM3OWZmODhjNjUzYmE3ZmI5YzIwNjIxMWU0ZDVhZTVmMTRhIn0%3D; laravel_session=eyJpdiI6ImFvdzIrRzRiTFN5Z1ZkVDdWNHhIU3c9PSIsInZhbHVlIjoiR2UrOHBrdHVVM05QdkZXc1RyS21Eczc5aFhpcTRZNWJZY2hvakdKOENZWEtGU1ZyZjhoaVwvbDNnbEhqMDZqaThVSkc2amVvZjBIQkY1SDJvR3RjNTZRPT0iLCJtYWMiOiI3NzY3MDFmOTQzZTdkZmQ5NzU4ZTE4NGRiYzI1NDFjNjY1ZWJhMmZkMDhiNWNlMjcyN2ZkM2Y0NTRjZWVmM2VjIn0%3D
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 20:19:53 GMT
Content-Type: application/javascript
Last-Modified: Mon, 21 Feb 2022 16:09:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6213b923-9ae0b"
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Cache-Control: s-maxage=10
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 20:19:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://firefile.cc
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 19:33:54 GMT
expires: Thu, 25 Jan 2024 19:33:54 GMT
cache-control: public, max-age=31536000
age: 348359
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 20:19:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefile.cc/client/main.b5d4daab0e315e64a4e3.js
200 OK 374 kB URL HTTP/1.1 firefile.cc/client/main.b5d4daab0e315e64a4e3.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Size 374 kB (373733 bytes)
Hash 2d95d3d752437de39f0c45315f17cd93
4829338bcde0b796b242dd7ec4c6481f3f630394
93c4861c12e4f8094008625139e5593d009eb2a503a20538c365ea192b4f9a49
GET /client/main.b5d4daab0e315e64a4e3.js HTTP/1.1
Host: firefile.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://firefile.cc/drive/s/lTNJuCSphMGnTVPVftc0FGOh33lduT!sgdpNdfQyn31ctN1
Cookie: XSRF-TOKEN=eyJpdiI6IkFTbGJGWmxvN3hhZzFtNE5KVkNjZWc9PSIsInZhbHVlIjoiSEhrVFRnKzlKYzRJaFducFFFU0xHdTZwQzg4K3NqR1NsS1lOMytmSTM2YUwwSVwva1BMM2s5amM3anFEOXhEKzU5SmtRaExXbkFnMVJpWVplbWtSWW1nPT0iLCJtYWMiOiI3ZmUwNmNkMmMxOWViMmQ5YTk4NjViZDYzZDVhMTM3OWZmODhjNjUzYmE3ZmI5YzIwNjIxMWU0ZDVhZTVmMTRhIn0%3D; laravel_session=eyJpdiI6ImFvdzIrRzRiTFN5Z1ZkVDdWNHhIU3c9PSIsInZhbHVlIjoiR2UrOHBrdHVVM05QdkZXc1RyS21Eczc5aFhpcTRZNWJZY2hvakdKOENZWEtGU1ZyZjhoaVwvbDNnbEhqMDZqaThVSkc2amVvZjBIQkY1SDJvR3RjNTZRPT0iLCJtYWMiOiI3NzY3MDFmOTQzZTdkZmQ5NzU4ZTE4NGRiYzI1NDFjNjY1ZWJhMmZkMDhiNWNlMjcyN2ZkM2Y0NTRjZWVmM2VjIn0%3D
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 20:19:53 GMT
Content-Type: application/javascript
Last-Modified: Mon, 21 Feb 2022 16:09:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6213b927-1734c1"
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Cache-Control: s-maxage=10
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 29 Jan 2023 19:49:04 GMT
age: 1849
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18633
Expires: Mon, 30 Jan 2023 01:30:26 GMT
Date: Sun, 29 Jan 2023 20:19:53 GMT
Connection: keep-alive
firefile.cc/client/5.47f34cda7830ae253af9.js
200 OK 152 kB URL HTTP/1.1 firefile.cc/client/5.47f34cda7830ae253af9.js
IP
File type Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Size 152 kB (152193 bytes)
Hash 5e0bfd703e811f67ad3484434330c68e
327aad5d9429a1d4da5c3f66101f997e3cbfbca5
c30cf8355980cceea0c7df7251c0dd746f144362a041e2c6dba44291af740279
GET /client/5.47f34cda7830ae253af9.js HTTP/1.1
Host: firefile.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://firefile.cc/drive/s/lTNJuCSphMGnTVPVftc0FGOh33lduT!sgdpNdfQyn31ctN1
Cookie: XSRF-TOKEN=eyJpdiI6IkFTbGJGWmxvN3hhZzFtNE5KVkNjZWc9PSIsInZhbHVlIjoiSEhrVFRnKzlKYzRJaFducFFFU0xHdTZwQzg4K3NqR1NsS1lOMytmSTM2YUwwSVwva1BMM2s5amM3anFEOXhEKzU5SmtRaExXbkFnMVJpWVplbWtSWW1nPT0iLCJtYWMiOiI3ZmUwNmNkMmMxOWViMmQ5YTk4NjViZDYzZDVhMTM3OWZmODhjNjUzYmE3ZmI5YzIwNjIxMWU0ZDVhZTVmMTRhIn0%3D; laravel_session=eyJpdiI6ImFvdzIrRzRiTFN5Z1ZkVDdWNHhIU3c9PSIsInZhbHVlIjoiR2UrOHBrdHVVM05QdkZXc1RyS21Eczc5aFhpcTRZNWJZY2hvakdKOENZWEtGU1ZyZjhoaVwvbDNnbEhqMDZqaThVSkc2amVvZjBIQkY1SDJvR3RjNTZRPT0iLCJtYWMiOiI3NzY3MDFmOTQzZTdkZmQ5NzU4ZTE4NGRiYzI1NDFjNjY1ZWJhMmZkMDhiNWNlMjcyN2ZkM2Y0NTRjZWVmM2VjIn0%3D
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 20:19:53 GMT
Content-Type: application/javascript
Last-Modified: Mon, 21 Feb 2022 16:09:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6213b926-c301f"
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Cache-Control: s-maxage=10
firefile.cc/storage/branding_media/rJZCR3Xqw32MncJ0UafPRlRVGqYMWUwcumDNM1Cn.png
200 OK 10 kB URL HTTP/1.1 firefile.cc/storage/branding_media/rJZCR3Xqw32MncJ0UafPRlRVGqYMWUwcumDNM1Cn.png
IP
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 5406c580d0f2f3064ff7ecd474f92b4d
abe9e391e3d2f3b45fbb78df6d94a6c89495c031
4fe3d844f6ef3bfb419cbdc1ec6c1da1d8f0a5abe62feb8ae5c5c93c16e898b9
GET /storage/branding_media/rJZCR3Xqw32MncJ0UafPRlRVGqYMWUwcumDNM1Cn.png HTTP/1.1
Host: firefile.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://firefile.cc/drive/s/lTNJuCSphMGnTVPVftc0FGOh33lduT!sgdpNdfQyn31ctN1
Cookie: XSRF-TOKEN=eyJpdiI6IkFTbGJGWmxvN3hhZzFtNE5KVkNjZWc9PSIsInZhbHVlIjoiSEhrVFRnKzlKYzRJaFducFFFU0xHdTZwQzg4K3NqR1NsS1lOMytmSTM2YUwwSVwva1BMM2s5amM3anFEOXhEKzU5SmtRaExXbkFnMVJpWVplbWtSWW1nPT0iLCJtYWMiOiI3ZmUwNmNkMmMxOWViMmQ5YTk4NjViZDYzZDVhMTM3OWZmODhjNjUzYmE3ZmI5YzIwNjIxMWU0ZDVhZTVmMTRhIn0%3D; laravel_session=eyJpdiI6ImFvdzIrRzRiTFN5Z1ZkVDdWNHhIU3c9PSIsInZhbHVlIjoiR2UrOHBrdHVVM05QdkZXc1RyS21Eczc5aFhpcTRZNWJZY2hvakdKOENZWEtGU1ZyZjhoaVwvbDNnbEhqMDZqaThVSkc2amVvZjBIQkY1SDJvR3RjNTZRPT0iLCJtYWMiOiI3NzY3MDFmOTQzZTdkZmQ5NzU4ZTE4NGRiYzI1NDFjNjY1ZWJhMmZkMDhiNWNlMjcyN2ZkM2Y0NTRjZWVmM2VjIn0%3D
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 20:19:53 GMT
Content-Type: image/png
Content-Length: 10083
Last-Modified: Fri, 20 Mar 2020 17:14:39 GMT
Connection: keep-alive
Vary: Accept-Encoding
ETag: "5e74f9ff-2763"
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: s-maxage=10
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ba2ca6af7b23ce2e11aa4f9d86e66269
212aef55d64b6add292dcf6241b16e7c93d1bae2
f163a94d190f5aeeb05b2e344bc8e1544d9701772b08585e9c92b529c8652b3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 20:19:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://firefile.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sun, 29 Jan 2023 19:45:20 GMT
expires: Sun, 29 Jan 2023 21:45:20 GMT
cache-control: public, max-age=7200
age: 2073
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash bab8a4c1e6bb2e6c9cc00222eef1235d
1a5dd108e9f9aaf33bc048b0097a9f510d295cad
fd182297a143655a9142e3ee5bbafefd76ca974094f43fb695611f6876f3ab63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 20:19:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Bc4vrrd1SstZAuats6vZCw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: l1CX6fmVJfipYFQHeAUx6juOYPY=
firefile.cc/secure/drive/shareable-links/lTNJuCSphMGnTVPVftc0FGOh33lduT?withEntries=true
200 OK 758 B URL HTTP/1.1 firefile.cc/secure/drive/shareable-links/lTNJuCSphMGnTVPVftc0FGOh33lduT?withEntries=true
IP
File type JSON data\012- , ASCII text, with very long lines (1251), with no line terminators
Hash b5fd359eba718021a0b6045ac0f6f141
31bae8e0c957c8108f3683a663ab9b7d239b9b59
f7e223590c526a13387e1993a061aab4bac00d2593b2bf63bb2d69842fed95e1
GET /secure/drive/shareable-links/lTNJuCSphMGnTVPVftc0FGOh33lduT?withEntries=true HTTP/1.1
Host: firefile.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://firefile.cc/drive/s/lTNJuCSphMGnTVPVftc0FGOh33lduT!sgdpNdfQyn31ctN1
Cookie: XSRF-TOKEN=eyJpdiI6IkFTbGJGWmxvN3hhZzFtNE5KVkNjZWc9PSIsInZhbHVlIjoiSEhrVFRnKzlKYzRJaFducFFFU0xHdTZwQzg4K3NqR1NsS1lOMytmSTM2YUwwSVwva1BMM2s5amM3anFEOXhEKzU5SmtRaExXbkFnMVJpWVplbWtSWW1nPT0iLCJtYWMiOiI3ZmUwNmNkMmMxOWViMmQ5YTk4NjViZDYzZDVhMTM3OWZmODhjNjUzYmE3ZmI5YzIwNjIxMWU0ZDVhZTVmMTRhIn0%3D; laravel_session=eyJpdiI6ImFvdzIrRzRiTFN5Z1ZkVDdWNHhIU3c9PSIsInZhbHVlIjoiR2UrOHBrdHVVM05QdkZXc1RyS21Eczc5aFhpcTRZNWJZY2hvakdKOENZWEtGU1ZyZjhoaVwvbDNnbEhqMDZqaThVSkc2amVvZjBIQkY1SDJvR3RjNTZRPT0iLCJtYWMiOiI3NzY3MDFmOTQzZTdkZmQ5NzU4ZTE4NGRiYzI1NDFjNjY1ZWJhMmZkMDhiNWNlMjcyN2ZkM2Y0NTRjZWVmM2VjIn0%3D; _ga=GA1.2.738451134.1675023603; _gid=GA1.2.776253311.1675023603; _gat=1
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Sun, 29 Jan 2023 20:19:54 GMT
Set-Cookie: XSRF-TOKEN=eyJpdiI6IlNYV0liVWFlY01cL0hIOGdGNk5uMTBRPT0iLCJ2YWx1ZSI6IkpWR2VRQ1wvY3BuT2xDQXN0U3NId0ljZzhZTk5KckNpWis3VElhRldxOGw5UnVBemE3MG8xSjliejZIYlQ0dEJJY3BjVTJCV09RSWJ2bFE5VGxmTEhNUT09IiwibWFjIjoiZDFkNWE5YTBkYTIwNWEzM2M2ZjRmYWY0YWEyY2M3YTg1ZDcxYTU1ZGViOWVjZjNjMjczODFkMGJhNWEwNTJlNyJ9; expires=Sun, 29-Jan-2023 22:19:54 GMT; Max-Age=7200; path=/
laravel_session=eyJpdiI6ImxabGtFMUU2ZngreVNJMnJsRHdFYVE9PSIsInZhbHVlIjoidndYYyt5MlFvUm4wbFZDY3ozOXpNVkRxTnUxZWJnZ1JSXC9IYmVDWGpwVEFtN2paVUZNUFVtcW5RWEFzMWlTbkZ5cXFya2ZVNWo0SGFEU29UaEpXMFd3PT0iLCJtYWMiOiJlYmYyYjk3NGIzZDQxNmRkNTdmYzBjZDY0OTAwODI2Y2M4NDAwYmNjZWFiMGRhOWExYjRmMzRhYTBlY2NmYzZmIn0%3D; expires=Sun, 29-Jan-2023 22:19:54 GMT; Max-Age=7200; path=/; httponly
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
firefile.cc/storage/branding_media/9MZfkeg0R9vzS0CV0rixIL3eoyey7yRAHqcVwpAL.png
200 OK 12 kB URL HTTP/1.1 firefile.cc/storage/branding_media/9MZfkeg0R9vzS0CV0rixIL3eoyey7yRAHqcVwpAL.png
IP
File type PNG image data, 498 x 131, 8-bit/color RGBA, non-interlaced\012- data
Hash 3bd6aa2fd1bf50fb20c0cfd54a3e5f5a
ff00450056ecd23e0ae9310a3e7e684b753d3be8
0aca2c8baa0c1873613281ba849a514767a80674e97802256102bfca7b96bdb9
GET /storage/branding_media/9MZfkeg0R9vzS0CV0rixIL3eoyey7yRAHqcVwpAL.png HTTP/1.1
Host: firefile.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://firefile.cc/drive/s/lTNJuCSphMGnTVPVftc0FGOh33lduT!sgdpNdfQyn31ctN1
Cookie: XSRF-TOKEN=eyJpdiI6IlNYV0liVWFlY01cL0hIOGdGNk5uMTBRPT0iLCJ2YWx1ZSI6IkpWR2VRQ1wvY3BuT2xDQXN0U3NId0ljZzhZTk5KckNpWis3VElhRldxOGw5UnVBemE3MG8xSjliejZIYlQ0dEJJY3BjVTJCV09RSWJ2bFE5VGxmTEhNUT09IiwibWFjIjoiZDFkNWE5YTBkYTIwNWEzM2M2ZjRmYWY0YWEyY2M3YTg1ZDcxYTU1ZGViOWVjZjNjMjczODFkMGJhNWEwNTJlNyJ9; laravel_session=eyJpdiI6ImxabGtFMUU2ZngreVNJMnJsRHdFYVE9PSIsInZhbHVlIjoidndYYyt5MlFvUm4wbFZDY3ozOXpNVkRxTnUxZWJnZ1JSXC9IYmVDWGpwVEFtN2paVUZNUFVtcW5RWEFzMWlTbkZ5cXFya2ZVNWo0SGFEU29UaEpXMFd3PT0iLCJtYWMiOiJlYmYyYjk3NGIzZDQxNmRkNTdmYzBjZDY0OTAwODI2Y2M4NDAwYmNjZWFiMGRhOWExYjRmMzRhYTBlY2NmYzZmIn0%3D; _ga=GA1.2.738451134.1675023603; _gid=GA1.2.776253311.1675023603; _gat=1
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 20:19:54 GMT
Content-Type: image/png
Content-Length: 12338
Last-Modified: Fri, 20 Mar 2020 17:14:39 GMT
Connection: keep-alive
Vary: Accept-Encoding
ETag: "5e74f9ff-3032"
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: s-maxage=10
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash b67335a8e235eacf68e4b7f98cc5dc40
887a9b34cf2ba9371bbe8c93e362c174668cf812
1ad2f6328af6d819acd85f4e4646afcafd945e17e555d5eeb54244db83cd48fa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 20:19:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?onload=ngx_captcha_onload_callback&render=explicit
200 OK 586 B URL HTTP/2 www.google.com/recaptcha/api.js?onload=ngx_captcha_onload_callback&render=explicit
IP
File type ASCII text, with very long lines (922), with no line terminators
Hash 3b3540420e4e149b41a72ecc2e9dce63
9de1457f3776d5bf71e9ff33fe90b77843b65666
25a226dfa2fd26e4710198a539834e1f79709e00422796f106407e36febba3c0
GET /recaptcha/api.js?onload=ngx_captcha_onload_callback&render=explicit HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://firefile.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sun, 29 Jan 2023 20:19:54 GMT
date: Sun, 29 Jan 2023 20:19:54 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 586
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
deploy.mopinion.com/js/pastease.js
200 OK 10 kB URL HTTP/1.1 deploy.mopinion.com/js/pastease.js
IP
File type ASCII text, with very long lines (27408), with no line terminators
Hash d215dd71b31de92713c4160affa36383
c83ff05fc8d742b2fcfc26dd829f6849db7910de
280dfb5477cb72041c238e800ac4877c31dbbbc21dde8ad897cd78fc1cbdeace
GET /js/pastease.js HTTP/1.1
Host: deploy.mopinion.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://firefile.cc/
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sun, 29 Jan 2023 01:23:16 GMT
Server: nginx
Cache-Control: public, max-age=86400
Last-Modified: Tue, 03 Jan 2023 18:20:09 GMT
ETag: W/"6b10-18578dcbb14"
Access-Control-Allow-Headers: Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Origin
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Origin: *
X-Powered-By: Pastea.se
Content-Encoding: gzip
X-Cache: Hit from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: MnqfhIRCptMjeRozBXWeYF-ySO0QIjlysk6b6wnDDvmtrFlbTZrDEQ==
Age: 68198
firefile.cc/client/assets/icons/merged.svg
200 OK 390 kB URL HTTP/1.1 firefile.cc/client/assets/icons/merged.svg
IP
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (65536), with no line terminators
Size 390 kB (389909 bytes)
Hash 44d3a0e7b7a6d649a2281366f19198dc
90ef607b78d52dcd09752e88a04f7f9c98decc47
9bb28060c635de30f076a26c74baabb7c1f90511cb9b2bd3e710dec9156dbaf9
GET /client/assets/icons/merged.svg HTTP/1.1
Host: firefile.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://firefile.cc/drive/s/lTNJuCSphMGnTVPVftc0FGOh33lduT!sgdpNdfQyn31ctN1
Cookie: XSRF-TOKEN=eyJpdiI6IlNYV0liVWFlY01cL0hIOGdGNk5uMTBRPT0iLCJ2YWx1ZSI6IkpWR2VRQ1wvY3BuT2xDQXN0U3NId0ljZzhZTk5KckNpWis3VElhRldxOGw5UnVBemE3MG8xSjliejZIYlQ0dEJJY3BjVTJCV09RSWJ2bFE5VGxmTEhNUT09IiwibWFjIjoiZDFkNWE5YTBkYTIwNWEzM2M2ZjRmYWY0YWEyY2M3YTg1ZDcxYTU1ZGViOWVjZjNjMjczODFkMGJhNWEwNTJlNyJ9; laravel_session=eyJpdiI6ImxabGtFMUU2ZngreVNJMnJsRHdFYVE9PSIsInZhbHVlIjoidndYYyt5MlFvUm4wbFZDY3ozOXpNVkRxTnUxZWJnZ1JSXC9IYmVDWGpwVEFtN2paVUZNUFVtcW5RWEFzMWlTbkZ5cXFya2ZVNWo0SGFEU29UaEpXMFd3PT0iLCJtYWMiOiJlYmYyYjk3NGIzZDQxNmRkNTdmYzBjZDY0OTAwODI2Y2M4NDAwYmNjZWFiMGRhOWExYjRmMzRhYTBlY2NmYzZmIn0%3D; _ga=GA1.2.738451134.1675023603; _gid=GA1.2.776253311.1675023603; _gat=1
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 20:19:54 GMT
Content-Type: image/svg+xml
Last-Modified: Mon, 21 Feb 2022 16:09:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6213b928-88b96"
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Cache-Control: s-maxage=10
firefile.cc/client/fontawesome-webfont.af7ae505a9eed503f8b8.woff2?v=4.7.0
200 OK 77 kB URL HTTP/1.1 firefile.cc/client/fontawesome-webfont.af7ae505a9eed503f8b8.woff2?v=4.7.0
IP
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /client/fontawesome-webfont.af7ae505a9eed503f8b8.woff2?v=4.7.0 HTTP/1.1
Host: firefile.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://firefile.cc/drive/s/lTNJuCSphMGnTVPVftc0FGOh33lduT!sgdpNdfQyn31ctN1
Cookie: XSRF-TOKEN=eyJpdiI6IlNYV0liVWFlY01cL0hIOGdGNk5uMTBRPT0iLCJ2YWx1ZSI6IkpWR2VRQ1wvY3BuT2xDQXN0U3NId0ljZzhZTk5KckNpWis3VElhRldxOGw5UnVBemE3MG8xSjliejZIYlQ0dEJJY3BjVTJCV09RSWJ2bFE5VGxmTEhNUT09IiwibWFjIjoiZDFkNWE5YTBkYTIwNWEzM2M2ZjRmYWY0YWEyY2M3YTg1ZDcxYTU1ZGViOWVjZjNjMjczODFkMGJhNWEwNTJlNyJ9; laravel_session=eyJpdiI6ImxabGtFMUU2ZngreVNJMnJsRHdFYVE9PSIsInZhbHVlIjoidndYYyt5MlFvUm4wbFZDY3ozOXpNVkRxTnUxZWJnZ1JSXC9IYmVDWGpwVEFtN2paVUZNUFVtcW5RWEFzMWlTbkZ5cXFya2ZVNWo0SGFEU29UaEpXMFd3PT0iLCJtYWMiOiJlYmYyYjk3NGIzZDQxNmRkNTdmYzBjZDY0OTAwODI2Y2M4NDAwYmNjZWFiMGRhOWExYjRmMzRhYTBlY2NmYzZmIn0%3D; _ga=GA1.2.738451134.1675023603; _gid=GA1.2.776253311.1675023603; _gat=1
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 20:19:54 GMT
Content-Type: application/octet-stream
Content-Length: 77160
Last-Modified: Mon, 21 Feb 2022 16:09:08 GMT
Connection: keep-alive
Vary: Accept-Encoding
ETag: "6213b924-12d68"
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: s-maxage=10
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 1141ae65ad448fb3438690d5042af728
aa8b236bb1099c9440bfe3e98530939623250c03
e55eeaf5cd454042706c3e2d7d2b0211e91087b430cb5bae6b9e030392f57b4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 20:19:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9b0e739928ff29890c92c7debe59b0f0
98621aac11f7a23219a1903aa8b2d3cf28dc21d7
2638fb0c6ba666fd06d75d1ddacc3d8baa4ead58dc9a62f9595dffe2e62517c7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2638FB0C6BA666FD06D75D1DDACC3D8BAA4EAD58DC9A62F9595DFFE2E62517C7"
Last-Modified: Fri, 27 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16660
Expires: Mon, 30 Jan 2023 00:57:34 GMT
Date: Sun, 29 Jan 2023 20:19:54 GMT
Connection: keep-alive
in-page-push.com/400/4178008
403 Forbidden 22 B URL HTTP/2 in-page-push.com/400/4178008
IP
File type ASCII text, with no line terminators
Hash b5e50d07b6b24e1e105e6e4fceb97bf6
95d7e8119b8befc7153b44b4c7be59f26bd6ad33
61c3148fba3befcce5b4636c4209a440913a136138bf62005df97386827f2ae2
Analyzer Verdict Alert fortinet Malware
GET /400/4178008 HTTP/1.1
Host: in-page-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://firefile.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
server: nginx
date: Sun, 29 Jan 2023 20:19:54 GMT
content-type: text/plain; charset=utf-8
content-length: 22
x-trace-id: be13f5c97db4ee9d17a06a8c49f33fca
timing-allow-origin: *
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
X-Firefox-Spdy: h2
d301cxwfymy227.cloudfront.net/?fwxcd=941698
200 OK 69 kB URL HTTP/2 d301cxwfymy227.cloudfront.net/?fwxcd=941698
IP
File type Unicode text, UTF-8 text, with very long lines (15948)
Hash 85371f52bd024e857126c5be89c997a2
0601fb7794610df5c1965869b3f9534e92507512
ebfc63a95397444975d8d29765eab32bbdb6947181f7f34b491fdc8287e22cdb
GET /?fwxcd=941698 HTTP/1.1
Host: d301cxwfymy227.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://firefile.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 68695
date: Sun, 29 Jan 2023 20:19:54 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8LnkXLaP4D6XE9K-nkDDjK5DObN2rDpIHvbcTc7sMNMYLj_bVebd3Q==
X-Firefox-Spdy: h2
static.adwooo.com/tabu/display.js
200 OK 3.8 kB URL HTTP/2 static.adwooo.com/tabu/display.js
IP
File type HTML document, ASCII text, with very long lines (9325)
Hash d24a54239721e5e7c2f7667bf66bd3af
0043d29fdc28a135c596bb27cf93636361343d51
dc46eda8050088ad3c9b2e903aa606d04252c7915a54471100546ea7128f9037
GET /tabu/display.js HTTP/1.1
Host: static.adwooo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://firefile.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 20:19:54 GMT
content-encoding: gzip
content-length: 3771
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 10:04:25 GMT
accept-ranges: bytes
server: nginx
etag: W/"636a29a9-24a2"
cache-control: max-age=86400
x-hw: 1675023594.cds258.sk1.hn,1675023594.cds014.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
deploy.mopinion.com/config/2u8zng67bxwd4uavhcuk2o2jfaice5qpd8q
200 OK 685 B URL HTTP/1.1 deploy.mopinion.com/config/2u8zng67bxwd4uavhcuk2o2jfaice5qpd8q
IP
File type JSON data\012- , ASCII text, with very long lines (685), with no line terminators
Hash d530b57b24afbce6a52ce6d94d38d699
a3379c5f12f660e6d7285815db7a59d022175406
5e5538480803e7862f3efa034ddeb07aa544a581201304dd2a9e447c6166a400
GET /config/2u8zng67bxwd4uavhcuk2o2jfaice5qpd8q HTTP/1.1
Host: deploy.mopinion.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://firefile.cc
Connection: keep-alive
Referer: http://firefile.cc/
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 685
Connection: keep-alive
Date: Sun, 29 Jan 2023 20:19:54 GMT
Server: nginx
Cache-Control: public, max-age=3600
Access-Control-Allow-Headers: Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Origin
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Origin: *
X-Powered-By: Pastea.se
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: fSWx02JAR5Af6c4T1n1QjGkGsbSxFi1wfGfdW6OjxsjjdBQymoAfQg==
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash 7241647da541f672b155263e9b22eff1
bc41fc4d6497d154ed4d4fe9d079357bbe1028c6
a69c539a138bc99adf7b08838da4b139aa59d58ce81651504993e80996620d97
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A69C539A138BC99ADF7B08838DA4B139AA59D58CE81651504993E80996620D97"
Last-Modified: Sat, 28 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19806
Expires: Mon, 30 Jan 2023 01:50:00 GMT
Date: Sun, 29 Jan 2023 20:19:54 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1p5/SrfVchP6P8U
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/SrfVchP6P8U
IP
Hash 795f17a4efb2573fc585ba0a9588f99a
028c0c3aa8b4a8074a8f7be528327d35ee299b7e
84ab72e30738f6c2870d2785435469d42888484bc666b6d02569f2ce870c2728
POST /s/gts1p5/SrfVchP6P8U HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 20:19:54 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash 7241647da541f672b155263e9b22eff1
bc41fc4d6497d154ed4d4fe9d079357bbe1028c6
a69c539a138bc99adf7b08838da4b139aa59d58ce81651504993e80996620d97
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A69C539A138BC99ADF7B08838DA4B139AA59D58CE81651504993E80996620D97"
Last-Modified: Sat, 28 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19806
Expires: Mon, 30 Jan 2023 01:50:00 GMT
Date: Sun, 29 Jan 2023 20:19:54 GMT
Connection: keep-alive
coonandeg.xyz/TG03bXotD1QARS1QVUsPPgEKSEgKSAUrHn9dBg4COwtOAAN+XwBDGSACQgkcPgJZGVQiCENISAoBVioeOzlcIDYPLwMCHA4aeCsyAltvKyALCQQZNQg8egU2HgVWJTkJD2IsCTwJTx4TCRd6PR81JAQ7ECNYcysKDQx0VTAPP1MXIB1dfShJAhRjCiMZIX9YGR08ZkhIDiF2IxsLPn4cOCtVZT0pOz91KyN7JFs4MQQXZhw4DR5lDEkJGGIBT2lfdTcWPDVgKRE9L1AgHAM5dSMsGSxQI0p9O2YlQzY/WwksKjxxIywZLAImHRY/ZSoOOyZcJzkqB0MIL31AYVQ7GVxhPD47XGM7KzQLBCMeHzh1AyAgHW8rAz8KdhoSGgt2OxsaXXFISA4OBgEiHTpDFS0NKG09ORUidCwSPg5kWC0dJUMZLQkocQ5JBUtdHhUiHQoBFRRVWzRDFCdDLjt0J2c
200 OK 1.2 kB URL HTTP/1.1 coonandeg.xyz/TG03bXotD1QARS1QVUsPPgEKSEgKSAUrHn9dBg4COwtOAAN+XwBDGSACQgkcPgJZGVQiCENISAoBVioeOzlcIDYPLwMCHA4aeCsyAltvKyALCQQZNQg8egU2HgVWJTkJD2IsCTwJTx4TCRd6PR81JAQ7ECNYcysKDQx0VTAPP1MXIB1dfShJAhRjCiMZIX9YGR08ZkhIDiF2IxsLPn4cOCtVZT0pOz91KyN7JFs4MQQXZhw4DR5lDEkJGGIBT2lfdTcWPDVgKRE9L1AgHAM5dSMsGSxQI0p9O2YlQzY/WwksKjxxIywZLAImHRY/ZSoOOyZcJzkqB0MIL31AYVQ7GVxhPD47XGM7KzQLBCMeHzh1AyAgHW8rAz8KdhoSGgt2OxsaXXFISA4OBgEiHTpDFS0NKG09ORUidCwSPg5kWC0dJUMZLQkocQ5JBUtdHhUiHQoBFRRVWzRDFCdDLjt0J2c
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3049), with no line terminators
Hash 5634c707bb755607428a5a7c1160f475
4a651ad5a8b13d148854600721ce98f56faa5130
b5482a23b64aee89ace394f52675b56bda2f767437fd0abd96fc20756eb69fbf
GET /TG03bXotD1QARS1QVUsPPgEKSEgKSAUrHn9dBg4COwtOAAN+XwBDGSACQgkcPgJZGVQiCENISAoBVioeOzlcIDYPLwMCHA4aeCsyAltvKyALCQQZNQg8egU2HgVWJTkJD2IsCTwJTx4TCRd6PR81JAQ7ECNYcysKDQx0VTAPP1MXIB1dfShJAhRjCiMZIX9YGR08ZkhIDiF2IxsLPn4cOCtVZT0pOz91KyN7JFs4MQQXZhw4DR5lDEkJGGIBT2lfdTcWPDVgKRE9L1AgHAM5dSMsGSxQI0p9O2YlQzY/WwksKjxxIywZLAImHRY/ZSoOOyZcJzkqB0MIL31AYVQ7GVxhPD47XGM7KzQLBCMeHzh1AyAgHW8rAz8KdhoSGgt2OxsaXXFISA4OBgEiHTpDFS0NKG09ORUidCwSPg5kWC0dJUMZLQkocQ5JBUtdHhUiHQoBFRRVWzRDFCdDLjt0J2c HTTP/1.1
Host: coonandeg.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://firefile.cc/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 1197
Connection: keep-alive
Date: Sun, 29 Jan 2023 20:19:54 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
Accept-CH: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
X-Cache: Miss from cloudfront
Via: 1.1 b301fa8d72072cc0289eb055d8389e68.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN56-P2
X-Amz-Cf-Id: U-AdTRtfB3c5hN_FCBGUXkw-XQeeneuem_q1DGWyGUkzmGZpN-_10Q==
coonandeg.xyz/utx?cb=6vyoTnt5cd1Y&top=firefile.cc&tid=941698
204 No Content 0 B URL HTTP/2 coonandeg.xyz/utx?cb=6vyoTnt5cd1Y&top=firefile.cc&tid=941698
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=6vyoTnt5cd1Y&top=firefile.cc&tid=941698 HTTP/1.1
Host: coonandeg.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://firefile.cc
Connection: keep-alive
Referer: http://firefile.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 29 Jan 2023 20:19:54 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://firefile.cc
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 29 Jan 2023 20:20:54 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 36510edbc7ba8916907c18e15b00f64c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: TKkNCZVgEwv8rzu1oqKnEkk5TE9E7mpt62C3-Huy_oGoFJbGPgvR-A==
X-Firefox-Spdy: h2
coonandeg.xyz/YTdUMVIAVTdcbQAKNhcnE1tpFGAnEmZ3NlIHZVIqFlEtXCtTBWMfMQ1YIVU0E1g6RXwPUiAUYCdYBWUcC2EBVjs5dmRLNhthNXNgCU8wVjY2VRxZPDZlFQcYC3Ibdig4exZnNSp+MwUqM05sZBgidT96PCwPGwA2BG0DBSY0UGRINjZTA3UGOwY3cwciegdBaiMHAVYZOU8xdRFZXxhnaiJUHF4aI1xlXTA5ehBiKyhfGAAxLH4+RTkgYRkGAiZmFmRgMwM2RhwmbTNBOSBhGVgbMg8SZ2EjABVJCDNtAHNhIwcOXBEMZhZkKwISZnMIIHY9axoJBxxnfy8PNmkfJXUQcCAqWyx2CBYCLnBjK1sxeRMlYjpzZAJhAXoYGAc6aRAVQDFWMSJiZnM/AmUBZjMpXHJbIQ5ZJAwqAnQQWjsWcSRFHiBbNWYb
200 OK 1.2 kB URL HTTP/1.1 coonandeg.xyz/YTdUMVIAVTdcbQAKNhcnE1tpFGAnEmZ3NlIHZVIqFlEtXCtTBWMfMQ1YIVU0E1g6RXwPUiAUYCdYBWUcC2EBVjs5dmRLNhthNXNgCU8wVjY2VRxZPDZlFQcYC3Ibdig4exZnNSp+MwUqM05sZBgidT96PCwPGwA2BG0DBSY0UGRINjZTA3UGOwY3cwciegdBaiMHAVYZOU8xdRFZXxhnaiJUHF4aI1xlXTA5ehBiKyhfGAAxLH4+RTkgYRkGAiZmFmRgMwM2RhwmbTNBOSBhGVgbMg8SZ2EjABVJCDNtAHNhIwcOXBEMZhZkKwISZnMIIHY9axoJBxxnfy8PNmkfJXUQcCAqWyx2CBYCLnBjK1sxeRMlYjpzZAJhAXoYGAc6aRAVQDFWMSJiZnM/AmUBZjMpXHJbIQ5ZJAwqAnQQWjsWcSRFHiBbNWYb
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3030), with no line terminators
Hash 94845b3bc43d2042f599eebae6ab5b21
fc622483d45d8316728a98152a08409b18b73c08
4eaee2c18e70e74f963b9b85ac6875fbf3da382cbb1dbad78be177d04720ed8e
GET /YTdUMVIAVTdcbQAKNhcnE1tpFGAnEmZ3NlIHZVIqFlEtXCtTBWMfMQ1YIVU0E1g6RXwPUiAUYCdYBWUcC2EBVjs5dmRLNhthNXNgCU8wVjY2VRxZPDZlFQcYC3Ibdig4exZnNSp+MwUqM05sZBgidT96PCwPGwA2BG0DBSY0UGRINjZTA3UGOwY3cwciegdBaiMHAVYZOU8xdRFZXxhnaiJUHF4aI1xlXTA5ehBiKyhfGAAxLH4+RTkgYRkGAiZmFmRgMwM2RhwmbTNBOSBhGVgbMg8SZ2EjABVJCDNtAHNhIwcOXBEMZhZkKwISZnMIIHY9axoJBxxnfy8PNmkfJXUQcCAqWyx2CBYCLnBjK1sxeRMlYjpzZAJhAXoYGAc6aRAVQDFWMSJiZnM/AmUBZjMpXHJbIQ5ZJAwqAnQQWjsWcSRFHiBbNWYb HTTP/1.1
Host: coonandeg.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://firefile.cc/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 1180
Connection: keep-alive
Date: Sun, 29 Jan 2023 20:19:54 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
Accept-CH: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
X-Cache: Miss from cloudfront
Via: 1.1 f26fbc8f93ad20ccbbd480fccb1e6f88.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN56-P2
X-Amz-Cf-Id: WtuhBjCfxE4s7cpUUf86sn5Rh6rIDqYEmDc4MCy7IV6Y6Em-dQF9jw==
reerfdfgourgo.xyz/ZWRDa21KWyAYUAdVBl44Mz4nMQojDRktBQ8nLgcAPQkGIDRXNWUfBAFZel9cU117TR0MAH5aSxYQIh8YFllyTQQLAixWSxNZckVeUUpwWkNXQjZWXEMQMwoKWFVlGxkRCH5aW1JRc1leU1RwX1VS
204 No Content 0 B URL HTTP/2 reerfdfgourgo.xyz/ZWRDa21KWyAYUAdVBl44Mz4nMQojDRktBQ8nLgcAPQkGIDRXNWUfBAFZel9cU117TR0MAH5aSxYQIh8YFllyTQQLAixWSxNZckVeUUpwWkNXQjZWXEMQMwoKWFVlGxkRCH5aW1JRc1leU1RwX1VS
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ZWRDa21KWyAYUAdVBl44Mz4nMQojDRktBQ8nLgcAPQkGIDRXNWUfBAFZel9cU117TR0MAH5aSxYQIh8YFllyTQQLAixWSxNZckVeUUpwWkNXQjZWXEMQMwoKWFVlGxkRCH5aW1JRc1leU1RwX1VS HTTP/1.1
Host: reerfdfgourgo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://firefile.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 29 Jan 2023 20:19:54 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F70WxmCNW3IfduhjONfgxWHbDAZmXTxcCqyvaLyNtWb7%2FMTvNsReh1ypD%2BHuChhOjufFkC7nOeCPzlsX2AvQb9ShBq47FX0UB1cXnh7%2FRn6beur5MqAgzh9wq8ik8HkHcDZyhg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7914aa5b4f030b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/SrfVchP6P8U
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/SrfVchP6P8U
IP
Hash 795f17a4efb2573fc585ba0a9588f99a
028c0c3aa8b4a8074a8f7be528327d35ee299b7e
84ab72e30738f6c2870d2785435469d42888484bc666b6d02569f2ce870c2728
POST /s/gts1p5/SrfVchP6P8U HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 20:19:54 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash 7241647da541f672b155263e9b22eff1
bc41fc4d6497d154ed4d4fe9d079357bbe1028c6
a69c539a138bc99adf7b08838da4b139aa59d58ce81651504993e80996620d97
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A69C539A138BC99ADF7B08838DA4B139AA59D58CE81651504993E80996620D97"
Last-Modified: Sat, 28 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19806
Expires: Mon, 30 Jan 2023 01:50:00 GMT
Date: Sun, 29 Jan 2023 20:19:54 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 727 B IP
Hash c99066ff941e36059497540c157543be
ed89fe42cb6ad5c0e5d68040e46b58bc2dc3ac16
7bde0f6bb8a5d6a6123ecdccb6c2197e758356c7b62ddecd8f071acf459c6546
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3869
Cache-Control: max-age=118305
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 20:19:54 GMT
Etag: "63d5f0ee-2d7"
Expires: Tue, 31 Jan 2023 05:11:39 GMT
Last-Modified: Sun, 29 Jan 2023 04:07:10 GMT
Server: ECS (amb/6B81)
X-Cache: HIT
Content-Length: 727
d301cxwfymy227.cloudfront.net/laGdwTkMLCB4ofBwOFHN6XFZGd3tODQMhLRhaHCEbUAspdxsiEzMPeyI3Vjo5DFpAaC8JCRdzZQ0JE3NyTgYULH5cQQQ+LANaGSIqBg8RPSwRBFY7IlUKHzQqBAsRa3EuUl5+ZlpXWDkqBgMfOTBNVUAgN01VQH9zRldVfQFNVUA5KgZRRGtwKkJCfjteU1-V9AU1VQDw1TVQxf3NdSUBnZlpXFysgAwhVfAVaV0F+c1lXQWtxWAEZPCYOCAhrcS5WQHttWEEFc3I
200 OK 554 B URL HTTP/1.1 d301cxwfymy227.cloudfront.net/laGdwTkMLCB4ofBwOFHN6XFZGd3tODQMhLRhaHCEbUAspdxsiEzMPeyI3Vjo5DFpAaC8JCRdzZQ0JE3NyTgYULH5cQQQ+LANaGSIqBg8RPSwRBFY7IlUKHzQqBAsRa3EuUl5+ZlpXWDkqBgMfOTBNVUAgN01VQH9zRldVfQFNVUA5KgZRRGtwKkJCfjteU1-V9AU1VQDw1TVQxf3NdSUBnZlpXFysgAwhVfAVaV0F+c1lXQWtxWAEZPCYOCAhrcS5WQHttWEEFc3I
IP
File type ASCII text, with very long lines (763), with no line terminators
Hash 334bb53a3a8d01b21ad8183f49438463
17a8b42f696269c0ff12e7f36ee3647895be356a
dba8b4136c001906187bd212c50ff16b860073a46eac1d5c8a0e284e95862f1d
GET /laGdwTkMLCB4ofBwOFHN6XFZGd3tODQMhLRhaHCEbUAspdxsiEzMPeyI3Vjo5DFpAaC8JCRdzZQ0JE3NyTgYULH5cQQQ+LANaGSIqBg8RPSwRBFY7IlUKHzQqBAsRa3EuUl5+ZlpXWDkqBgMfOTBNVUAgN01VQH9zRldVfQFNVUA5KgZRRGtwKkJCfjteU1-V9AU1VQDw1TVQxf3NdSUBnZlpXFysgAwhVfAVaV0F+c1lXQWtxWAEZPCYOCAhrcS5WQHttWEEFc3I HTTP/1.1
Host: d301cxwfymy227.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coonandeg.xyz/
HTTP/1.1 200 OK
Content-Length: 554
Connection: keep-alive
Date: Sun, 29 Jan 2023 20:19:55 GMT
access-control-allow-origin: *
Cache-Control: max-age=31556926
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: VBDIowT9DY11KqUcnlf6U0pQ0fBWrSi3iGu4VxdwO37RJwLTZD58JQ==
reerfdfgourgo.xyz/d2FKRXdYXik2ShM3Ez84MTsIJwAUIxN1ORkiLQMfJlNyDTRFAmwxHhNcc3JDQlh6YwceBXd0T1ESPiQDAhJ3dFEeDywqSlEXd3RZR094a0VRFHd0UQMRKyJKRkc6MQMbXHtzQEJReHZBR1J/dEE
204 No Content 0 B URL HTTP/2 reerfdfgourgo.xyz/d2FKRXdYXik2ShM3Ez84MTsIJwAUIxN1ORkiLQMfJlNyDTRFAmwxHhNcc3JDQlh6YwceBXd0T1ESPiQDAhJ3dFEeDywqSlEXd3RZR094a0VRFHd0UQMRKyJKRkc6MQMbXHtzQEJReHZBR1J/dEE
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /d2FKRXdYXik2ShM3Ez84MTsIJwAUIxN1ORkiLQMfJlNyDTRFAmwxHhNcc3JDQlh6YwceBXd0T1ESPiQDAhJ3dFEeDywqSlEXd3RZR094a0VRFHd0UQMRKyJKRkc6MQMbXHtzQEJReHZBR1J/dEE HTTP/1.1
Host: reerfdfgourgo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://firefile.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 29 Jan 2023 20:19:55 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=29Tf54AmXs%2BjASrsZDW8GfdPJ6Oedj9X%2BbUCpC9u%2BIYSDmQPIiYLSwCXunQnoK80F7BVuj6vmeBHsGTBvtqGVZXjNu1Q7jzf7axgFmlM44uHAD8DjCewEhAKYP7CQia3CDB92A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7914aa5c183c0b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/SrfVchP6P8U
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/SrfVchP6P8U
IP
Hash 795f17a4efb2573fc585ba0a9588f99a
028c0c3aa8b4a8074a8f7be528327d35ee299b7e
84ab72e30738f6c2870d2785435469d42888484bc666b6d02569f2ce870c2728
POST /s/gts1p5/SrfVchP6P8U HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 20:19:55 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d301cxwfymy227.cloudfront.net/oQTNjVUgiXA0zdzVaB2hxdgdWbHhnWRA6JjEOGzYLBVgKIg4xRy8UJCBkKnM8O1deZW4tUg0ydWdWDTZ1cBUCMSp8B0UgKXxeDC8hLV8CcHoHBk1lbXMDSyIhL1cMIjtkAVM7PGQBU2R4bwNGZgpkAVMiIS8FV3B7AxZRZTB3B0ZmCmQBUyc+ZAAiZHh0HV-N8bXMDBDArKlxGZw5zA1JleHADUnB6cVUKJy0nXBtwegcCU2BmcRUWaHk
200 OK 189 B URL HTTP/1.1 d301cxwfymy227.cloudfront.net/oQTNjVUgiXA0zdzVaB2hxdgdWbHhnWRA6JjEOGzYLBVgKIg4xRy8UJCBkKnM8O1deZW4tUg0ydWdWDTZ1cBUCMSp8B0UgKXxeDC8hLV8CcHoHBk1lbXMDSyIhL1cMIjtkAVM7PGQBU2R4bwNGZgpkAVMiIS8FV3B7AxZRZTB3B0ZmCmQBUyc+ZAAiZHh0HV-N8bXMDBDArKlxGZw5zA1JleHADUnB6cVUKJy0nXBtwegcCU2BmcRUWaHk
IP
File type ASCII text, with no line terminators
Hash 94d3b47d044675bf5613b7fd50398dfb
3631a123cd84fb05317eece5c18ee1de54189f4f
e377ae9512ce4398423ca01bac3d25945ddf3ba153e6c9bd80937c50b0273cb9
GET /oQTNjVUgiXA0zdzVaB2hxdgdWbHhnWRA6JjEOGzYLBVgKIg4xRy8UJCBkKnM8O1deZW4tUg0ydWdWDTZ1cBUCMSp8B0UgKXxeDC8hLV8CcHoHBk1lbXMDSyIhL1cMIjtkAVM7PGQBU2R4bwNGZgpkAVMiIS8FV3B7AxZRZTB3B0ZmCmQBUyc+ZAAiZHh0HV-N8bXMDBDArKlxGZw5zA1JleHADUnB6cVUKJy0nXBtwegcCU2BmcRUWaHk HTTP/1.1
Host: d301cxwfymy227.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coonandeg.xyz/
HTTP/1.1 200 OK
Content-Length: 189
Connection: keep-alive
Date: Sun, 29 Jan 2023 20:19:55 GMT
access-control-allow-origin: *
Cache-Control: max-age=31556926
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: NkeSH7oDrM7SwsMXPQEQwp1JTE53BmqxF9FGeqkMgNGyHKNQx0pLOQ==
reerfdfgourgo.xyz/popunder.gif
301 Moved Permanently 0 B URL HTTP/1.1 reerfdfgourgo.xyz/popunder.gif
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /popunder.gif HTTP/1.1
Host: reerfdfgourgo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://firefile.cc/
HTTP/1.1 301 Moved Permanently
Date: Sun, 29 Jan 2023 20:19:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 29 Jan 2023 21:19:55 GMT
Location: https://reerfdfgourgo.xyz/popunder.gif
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mVWoNOoAG7wtteB5r%2F1la7g8cAPofIUYFmJ3yaUkTeBmfhTCDYZKbebgqol%2BLQCQlJIUyV%2FIvG0xL6I26%2BFgaZWdH6bjes6nxd%2FxfqyACoaKcJy2jeMMkEz9SHEBp7J13wC22A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7914aa5d4ae2b512-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
200 OK 471 B IP
Hash 14681339fc16ac120967600c85c37d96
589ed56dc45067e35e26a667ad3d9a12d0f61884
c7a020eb97f372e9325a03c89aa4d97d023f8583ea94af56ae1ffc2363ab8547
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4082
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 20:19:55 GMT
Last-Modified: Sun, 29 Jan 2023 19:11:53 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 631ea0b9b4e3085e98b5c5498a4c9047
ec9f6e457fdd72390b9843f217821dff325c80f8
27c2771693d65c03977ca230c70271d4105cac00b7cf855d968473c6a9eec39f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 20:19:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 4832b523537a23be2360a60f80b19115
67c7281621269de7f8c1b6c4aecef7eb19f04bfe
8282b65e611998c30f7a9fbace9effbd192d3792dcdd1ade71f1f23032d7a434
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 20:19:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js
200 OK 164 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js
IP
File type ASCII text, with very long lines (771)
Size 164 kB (163774 bytes)
Hash 57c909ab73fc27ec24f737bbf1cb1de8
89b2c02e9e7a9a764518fca545d3eec2044fd6d9
7e407e2b00bb7c238c71d96472f7ab030de4e610b1048f0f77b25cb85c2d166b
GET /recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://firefile.cc
Connection: keep-alive
Referer: http://firefile.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 17:09:34 GMT
expires: Tue, 23 Jan 2024 17:09:34 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 23 Jan 2023 01:02:00 GMT
content-type: text/javascript
age: 529821
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
302 Found 390 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (382)
Hash e7942d566e9e6c77c55282b52f7cfb75
fcd268f01dc75b9c847d7f76d35c9af9a640ad6f
6843cefad98968b801175382760a2888f4860b38f33d5c1ef32f6f9fe84e0f23
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://firefile.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 29 Jan 2023 20:19:55 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S1157671361%3A1675023595215630&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHcVwL4e1inOiOfv5qZq2Kl53HmxeJdE8AnO6-TnNrO_kNwoqlMGnyw72etZL3G2FYFb-OlH
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: script-src 'nonce-g6j0na_I6KbTNkvYcg-WFg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 390
server: GSE
set-cookie: __Host-GAPS=1:QAaEsiG0yw4s5FEUcddYos-0MCA2gA:USjAma9M3tCVyol0;Path=/;Expires=Tue, 28-Jan-2025 20:19:55 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4735
Expires: Sun, 29 Jan 2023 21:38:50 GMT
Date: Sun, 29 Jan 2023 20:19:55 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4735
Expires: Sun, 29 Jan 2023 21:38:50 GMT
Date: Sun, 29 Jan 2023 20:19:55 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd9499d0-2a81-41ee-b328-0d82ea64b349.jpeg
200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd9499d0-2a81-41ee-b328-0d82ea64b349.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 57ff6665d99a17d06b75c8fe64c90ab3
05648eed6830a794aa7e30ba4da526ed4c45b0ca
728b809756a0faff1a55bb03f13f33e31518f321e50dd944a0267d585c09264c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd9499d0-2a81-41ee-b328-0d82ea64b349.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5198
x-amzn-requestid: 8117f45b-926a-4cbe-b152-dae983bc3526
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fOYdlG6XIAMF_vA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf3abd-7ce531f65f66ac3a73970841;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 01:56:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: naZHCCrUSwrLi2eWi3LOrir9zOGQcNUBJ1iS9wUewWoV3WM2E0kE2w==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 21:47:00 GMT
age: 81175
etag: "05648eed6830a794aa7e30ba4da526ed4c45b0ca"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4735
Expires: Sun, 29 Jan 2023 21:38:50 GMT
Date: Sun, 29 Jan 2023 20:19:55 GMT
Connection: keep-alive
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
302 Found 388 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (378)
Hash 69db1e3663a354909a2ad9b886354aec
7741a9e479b17f4c47153d212601f8e5c852e665
78de7aeb939b8356f666334447cec8766ff71f2ba4c2e6ade017e7213970efb7
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://firefile.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 29 Jan 2023 20:19:55 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S1912947371%3A1675023595262839&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHecJXgMDDo35Y_EFYjWy8vuqk7A5NMFc2i6KN3b9HadEYj3tV_mboCLA9haAvisEQ_h7c8G
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-Ri3f61o_5V3v8UkG8QU9Qw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 388
server: GSE
set-cookie: __Host-GAPS=1:OQdYTOYmqEcTUm16O0tx9FjNzapkjg:krT4k8Ps3T2Kdp44;Path=/;Expires=Tue, 28-Jan-2025 20:19:55 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hAzO-IMqc1CFpiBAlRl8seIYL9UonyrBMATibovyFq5kEuaweY_VyA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 21:56:46 GMT
age: 80589
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg
200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4c77437e3a7361861aed8bfecbfe6bd6
fefd238c13c0fdfb7d964c90fcc8a8cbbf953034
282d15c443cb6232ae0a30046a0dc24360617355a4651cdba59b11e6f7313d8a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5594
x-amzn-requestid: a13a8181-5783-42c1-9fda-1fcf8db4f0f9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVpetFv-oAMF_Kg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d222c4-68165b34525ca2a054f0b505;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 06:50:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rJbdYq3bZDatEVvC83VR5WiWOFwNwVZEB16ez21KdnQJJrgJ-yKPCg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 14:55:48 GMT
age: 19447
etag: "fefd238c13c0fdfb7d964c90fcc8a8cbbf953034"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 10a6491e2c1dfde68c7cd7297e70700f
d0f195319825a6d3e5e50ad15b2fcab27cb65896
4d9353d5874e5ea03c25e1562db5f479c222a48db526fdd10ede7c2e6a4dd874
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11470
x-amzn-requestid: 62d61967-9380-4ca9-b11a-531425dbd2ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fIf6WFgAIAMF6gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cce042-6d9fe51029094b7f37c0a648;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 07:05:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rUIvvkZQ028ey3klplI-x9oZFugon5HsAWT-SN2GQo5hBeBJWqoMAg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 04:01:15 GMT
age: 58720
etag: "d0f195319825a6d3e5e50ad15b2fcab27cb65896"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5dcfee7f-f43c-4828-8113-8ba8eb26f727.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5dcfee7f-f43c-4828-8113-8ba8eb26f727.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d5ed99a9aed6f367efc5c9498ce87ff1
3123eb6f550c51fe17fc62eff943b3739e239a9b
536f45bf2eb41f7056df8b34964538005d6a0a4c6157def3fbdd9487f8c79027
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5dcfee7f-f43c-4828-8113-8ba8eb26f727.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10168
x-amzn-requestid: fe58fe3c-dd23-4614-b5a2-e91ef68c2ab7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fFOD7H-NIAMFcxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb907f-687fc51741d7ff97182d1955;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 07:13:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SORDxKQP-GudaCfRIbrmexyEeJXBExRipfF8sPHI-UkaYhR_RkDjvQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 00:55:27 GMT
age: 69868
etag: "3123eb6f550c51fe17fc62eff943b3739e239a9b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: f644ca78-a07a-43d1-96e4-95bcdecff7fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPGLfFtOIAMFp7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf83e2-202ca7160544acd24259bd5d;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:08:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xRwqrWS66l4qJfg2HnGphN1dbrIUod9XKW3zTk_-Km9AQRPyV2UqWg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 20:46:16 GMT
age: 84819
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 14681339fc16ac120967600c85c37d96
589ed56dc45067e35e26a667ad3d9a12d0f61884
c7a020eb97f372e9325a03c89aa4d97d023f8583ea94af56ae1ffc2363ab8547
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4082
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 20:19:55 GMT
Last-Modified: Sun, 29 Jan 2023 19:11:53 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://firefile.cc
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 07:51:59 GMT
expires: Thu, 25 Jan 2024 07:51:59 GMT
cache-control: public, max-age=31536000
age: 390476
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.mopinion.com/css?family=Oxygen
200 OK 338 B URL HTTP/1.1 fonts.mopinion.com/css?family=Oxygen
IP
ASN #14061 DIGITALOCEAN-ASN
Hash 7d9d446901f8858e57bf99c2b08d3f0f
961434974a26adf835b10fdeec6c61980545fd56
83b74f00afde4c86706220acba5a45de44d6ae2e9b525822ca23231a81d22463
GET /css?family=Oxygen HTTP/1.1
Host: fonts.mopinion.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://firefile.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
server: nginx
date: Sun, 29 Jan 2023 20:19:55 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding,Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 29 Jan 2024 20:19:55 GMT
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
transfer-encoding: chunked
cacheorcheck.mopinion.com/survey/public/emoji?blockId=61490&domain=app.mopinion.com
200 OK 26 kB URL HTTP/2 cacheorcheck.mopinion.com/survey/public/emoji?blockId=61490&domain=app.mopinion.com
IP
File type JSON data\012- , ASCII text, with very long lines (63123), with no line terminators
Hash b25d8914d5cfc7c50d3eb2122f6b73f2
dc50461f1c0e3aab3e7e491ab38a586563d910e4
03390261a3a241a0bfd086c2176193c0ee75d47b47e40d86ed5577e36815668c
GET /survey/public/emoji?blockId=61490&domain=app.mopinion.com HTTP/1.1
Host: cacheorcheck.mopinion.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://firefile.cc
Connection: keep-alive
Referer: http://firefile.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Access-Control-Allow-Origin,Access-Control-Allow-Methods,Access-Control-Expose-Headers,Cache-Control,Last-Modified,X-Frame-Options,Strict-Transport-Security,X-Content-Type-Options,X-XSS-Protection,Server,Origin,Accept,Accept-Version,Content-Length,Content-MD5,Content-Type,Date,X-Api-Version,X-Response-Time,X-PINGOTHER,X-CSRF-Token,Authorization
access-control-allow-methods: *
access-control-expose-headers: X-Api-Version, X-Request-Id, X-Response-Time
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
last-modified: Fri, 27 Jan 2023 07:08:46 GMT
x-powered-by: Mopinion.com
content-encoding: gzip
date: Sun, 29 Jan 2023 07:18:57 GMT
cache-control: public, max-age=86400
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ubVXSG4EceE1jWGKXn6hLipqomTXRgOAx2avfs8FNeHEkx7jS0wD3Q==
age: 46858
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 21:48:03 GMT
expires: Fri, 26 Jan 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 253912
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 16:40:43 GMT
expires: Fri, 26 Jan 2024 16:40:43 GMT
cache-control: public, max-age=31536000
age: 272352
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cacheorcheck.mopinion.com/survey/public/json-config?key=06ef6a08e9d244635e4cbcf7eaa9f400a3b3c9e8&domain=app.mopinion.com&withBase=true
200 OK 0 B URL HTTP/2 cacheorcheck.mopinion.com/survey/public/json-config?key=06ef6a08e9d244635e4cbcf7eaa9f400a3b3c9e8&domain=app.mopinion.com&withBase=true
IP
GET /survey/public/json-config?key=06ef6a08e9d244635e4cbcf7eaa9f400a3b3c9e8&domain=app.mopinion.com&withBase=true HTTP/1.1
Host: cacheorcheck.mopinion.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://firefile.cc
Connection: keep-alive
Referer: http://firefile.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
date: Sun, 29 Jan 2023 07:49:05 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Access-Control-Allow-Origin,Access-Control-Allow-Methods,Access-Control-Expose-Headers,Cache-Control,Last-Modified,X-Frame-Options,Strict-Transport-Security,X-Content-Type-Options,X-XSS-Protection,Server,Origin,Accept,Accept-Version,Content-Length,Content-MD5,Content-Type,Date,X-Api-Version,X-Response-Time,X-PINGOTHER,X-CSRF-Token,Authorization
access-control-allow-methods: *
access-control-expose-headers: X-Api-Version, X-Request-Id, X-Response-Time
cache-control: public, max-age=86400
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
last-modified: Sun, 29 Jan 2023 00:04:37 GMT
x-powered-by: Mopinion.com
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TBiBA-rwhPRtoHiljU54wdUODL7aEwOv13dCGChEO-j2t1I1-ZbskQ==
age: 45050
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S1157671361%3A1675023595215630&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHcVwL4e1inOiOfv5qZq2Kl53HmxeJdE8AnO6-TnNrO_kNwoqlMGnyw72etZL3G2FYFb-OlH
403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S1157671361%3A1675023595215630&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHcVwL4e1inOiOfv5qZq2Kl53HmxeJdE8AnO6-TnNrO_kNwoqlMGnyw72etZL3G2FYFb-OlH
IP
GET /v3/signin/identifier?dsh=S1157671361%3A1675023595215630&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHcVwL4e1inOiOfv5qZq2Kl53HmxeJdE8AnO6-TnNrO_kNwoqlMGnyw72etZL3G2FYFb-OlH HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://firefile.cc/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 29 Jan 2023 20:19:55 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi/external"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-AmvaEbzh9mH0yRm5xOoVrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pogothere.xyz/
200 OK 0 B IP
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://firefile.cc/
Origin: http://firefile.cc
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 20:19:54 GMT
content-type: text/plain
set-cookie: csu=959859014555631@1@1675023594; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: http://firefile.cc
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qibj8LyMUw7af0p6nVHupVzic5xYMHS7yjD%2BV33CTQr5qEc9DayPQDNSAOrNqSMg5E%2FMRdDk0bycXTxAkNmhD8%2BeNnFYNLFvNff1%2FICKFvgfiQBK1myFH3QJn4G7IlOq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7914aa5b4c322406-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.onesignal.com/sdks/OneSignalSDK.js
200 OK 0 B URL HTTP/2 cdn.onesignal.com/sdks/OneSignalSDK.js
IP
GET /sdks/OneSignalSDK.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://firefile.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 20:19:54 GMT
content-type: application/javascript
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
access-control-allow-headers: OneSignal-Subscription-Id
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 3217
expires: Wed, 01 Feb 2023 20:19:54 GMT
cache-control: public, max-age=259200
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 7914aa59190efac4-OSL
content-encoding: br
X-Firefox-Spdy: h2
collect.mopinion.com/assets/surveys/2.0/js/survey.min.js?d=30032020
200 OK 0 B URL HTTP/2 collect.mopinion.com/assets/surveys/2.0/js/survey.min.js?d=30032020
IP
GET /assets/surveys/2.0/js/survey.min.js?d=30032020 HTTP/1.1
Host: collect.mopinion.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://firefile.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 20:19:54 GMT
content-type: application/javascript
set-cookie: AWSALB=gbn5Vh2W8GgYOU8GkkDQ7dnjB/XYwRZXAZzF+/XUxderaNrwT2fbR1bwk3sU3v9QnkKIHU/t5PxyvaCZR6YolQYqGZgentyVTxnwvdEyrMOWQcm9nHNAH4LiWNGx; Expires=Sun, 05 Feb 2023 20:19:54 GMT; Path=/
AWSALBCORS=gbn5Vh2W8GgYOU8GkkDQ7dnjB/XYwRZXAZzF+/XUxderaNrwT2fbR1bwk3sU3v9QnkKIHU/t5PxyvaCZR6YolQYqGZgentyVTxnwvdEyrMOWQcm9nHNAH4LiWNGx; Expires=Sun, 05 Feb 2023 20:19:54 GMT; Path=/; SameSite=None; Secure
server: nginx
last-modified: Fri, 27 Jan 2023 10:12:03 GMT
vary: Accept-Encoding
etag: W/"63d3a373-403fb"
expires: Sun, 05 Feb 2023 20:19:54 GMT
cache-control: max-age=604800
content-encoding: gzip
access-control-allow-headers: Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Content-Encoding
content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com *.google.nl *.google.de *.google.fr *.google.co.uk *.google.se *.google.com.au *.google.ca *.google.be *.google.it *.google.ie *.google.is *.google.dk *.google.no *.google.ch *.google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net backend.getbeamer.com sentry.io *.ingest.sentry.io heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
x-content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com *.google.nl *.google.de *.google.fr *.google.co.uk *.google.se *.google.com.au *.google.ca *.google.be *.google.it *.google.ie *.google.is *.google.dk *.google.no *.google.ch *.google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net backend.getbeamer.com sentry.io *.ingest.sentry.io heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
x-permitted-cross-domain-policies: none
referrer-policy: same-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
200 OK 0 B IP
Analyzer Verdict Alert quad9 Sinkholed
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://firefile.cc/
Origin: http://firefile.cc
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 29 Jan 2023 20:19:55 GMT
content-type: binary/octet-stream
access-control-allow-origin: http://firefile.cc
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Sun, 29 Jan 2023 20:19:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WIUT%2Bu1BIxPwXJVYRzEVrgQJOFJo7bMrg1aErYANvMW6ceVWDoBUQtrYin9Wbus3tkQBq1ZX4j0LkSB6kL0uCoOW2NzOZOSDUb2mRfSFZ4KAN5e5vLBJGx74UBIjgH%2F5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7914aa5b6c6b2406-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
200 OK 0 B URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://firefile.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: V+o0GEwhC9scNL3tFMQ7Ce4LF5v1ePFStx25IatwOTgdRzP0gbmQ877Wms9DJ5DOJurbH8xw9pEGutQocXwNqA==
date: Sun, 29 Jan 2023 20:19:55 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
51.15.79.131
54.230.111.57
54.171.59.219
23.36.77.32
93.184.220.29
188.114.97.1
104.18.226.52
157.240.205.35