letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
31.43.191.130302 Moved Temporarily 138 B URL User Request GET HTTP/1.1 letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
IP 31.43.191.130:80
ASN #210848 Telkom Internet LTD
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /4EFv8/Shadows.of.Doubt.Build.11115953.zip HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Date: Sun, 30 Apr 2023 12:45:54 GMT
Content-Type: text/html
Content-Length: 138
Connection: keep-alive
Location: https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Server: Litespeed
letsupload.io/cache/themes/spirit/logo_inverse.png
31.43.191.130200 OK 12 kB URL GET HTTP/2 letsupload.io/cache/themes/spirit/logo_inverse.png
IP 31.43.191.130:443
ASN #210848 Telkom Internet LTD
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerLet's Encrypt
Subjectletsupload.io
FingerprintBB:80:28:EB:B1:2B:43:88:AC:AD:B5:84:B8:AD:A9:0E:6C:4A:D8:58
ValidityThu, 09 Mar 2023 23:03:42 GMT - Wed, 07 Jun 2023 23:03:41 GMT
File type PNG image data, 307 x 83, 8-bit/color RGBA, non-interlaced\012- data
Hash 3e7068c602aa75b45c1bf60860251c65
abb37260776999382d7cdf9df4bcd20e9985cb44
d162b5fab298aa43c9555929facf4274044d4cbe92e7eda200290ff576a18268
GET /cache/themes/spirit/logo_inverse.png HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Cookie: filehosting=cfnnltulgfv5bnk59hehjca8r9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 30 Apr 2023 12:45:55 GMT
content-type: image/png
content-length: 12259
last-modified: Tue, 05 Jan 2021 18:42:37 GMT
vary: Accept-Encoding
etag: "5ff4b31d-2fe3"
server: Litespeed
expires: Tue, 30 May 2023 12:45:55 GMT
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
X-Firefox-Spdy: h2
letsupload.io/cache/themes/spirit/logo.png
31.43.191.130200 OK 12 kB URL GET HTTP/2 letsupload.io/cache/themes/spirit/logo.png
IP 31.43.191.130:443
ASN #210848 Telkom Internet LTD
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerLet's Encrypt
Subjectletsupload.io
FingerprintBB:80:28:EB:B1:2B:43:88:AC:AD:B5:84:B8:AD:A9:0E:6C:4A:D8:58
ValidityThu, 09 Mar 2023 23:03:42 GMT - Wed, 07 Jun 2023 23:03:41 GMT
File type PNG image data, 307 x 83, 8-bit/color RGBA, non-interlaced\012- data
Hash 3e7068c602aa75b45c1bf60860251c65
abb37260776999382d7cdf9df4bcd20e9985cb44
d162b5fab298aa43c9555929facf4274044d4cbe92e7eda200290ff576a18268
GET /cache/themes/spirit/logo.png HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Cookie: filehosting=cfnnltulgfv5bnk59hehjca8r9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 30 Apr 2023 12:45:55 GMT
content-type: image/png
content-length: 12259
last-modified: Tue, 05 Jan 2021 18:42:37 GMT
vary: Accept-Encoding
etag: "5ff4b31d-2fe3"
server: Litespeed
expires: Tue, 30 May 2023 12:45:55 GMT
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
X-Firefox-Spdy: h2
letsupload.io/themes/spirit/assets/images/file_icons/512px/zip.png
31.43.191.130200 OK 44 kB URL GET HTTP/2 letsupload.io/themes/spirit/assets/images/file_icons/512px/zip.png
IP 31.43.191.130:443
ASN #210848 Telkom Internet LTD
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerLet's Encrypt
Subjectletsupload.io
FingerprintBB:80:28:EB:B1:2B:43:88:AC:AD:B5:84:B8:AD:A9:0E:6C:4A:D8:58
ValidityThu, 09 Mar 2023 23:03:42 GMT - Wed, 07 Jun 2023 23:03:41 GMT
File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Hash 790aadb4959167d12326fbddeea8ac47
09eac90276ba712ce49a302644ee399aa42f4be6
f1f1edb104291a0b7e28d44e542f7777cad594de397874f886381893bdc6af4b
GET /themes/spirit/assets/images/file_icons/512px/zip.png HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Cookie: filehosting=cfnnltulgfv5bnk59hehjca8r9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 30 Apr 2023 12:45:55 GMT
content-type: image/png
content-length: 43493
last-modified: Mon, 28 Sep 2020 20:29:06 GMT
vary: Accept-Encoding
etag: "5f724792-a9e5"
server: Litespeed
expires: Tue, 30 May 2023 12:45:55 GMT
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
X-Firefox-Spdy: h2
letsupload.io/plugins/webdav/assets/img/mobile_icons_inverted.png
31.43.191.130200 OK 3.1 kB URL GET HTTP/2 letsupload.io/plugins/webdav/assets/img/mobile_icons_inverted.png
IP 31.43.191.130:443
ASN #210848 Telkom Internet LTD
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerLet's Encrypt
Subjectletsupload.io
FingerprintBB:80:28:EB:B1:2B:43:88:AC:AD:B5:84:B8:AD:A9:0E:6C:4A:D8:58
ValidityThu, 09 Mar 2023 23:03:42 GMT - Wed, 07 Jun 2023 23:03:41 GMT
File type PNG image data, 195 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash cd93ac859eb1bab650f820ee09b821c9
8d4e30a9ae453744911ecbbcb82bf6113a94f6ec
8bb063904473a1de32aacb8ab6111bb464086a63eaa8cf17971dc4a389f5f0da
GET /plugins/webdav/assets/img/mobile_icons_inverted.png HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Cookie: filehosting=cfnnltulgfv5bnk59hehjca8r9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 30 Apr 2023 12:45:55 GMT
content-type: image/png
content-length: 3062
last-modified: Sun, 18 Oct 2020 09:15:10 GMT
vary: Accept-Encoding
etag: "5f8c079e-bf6"
server: Litespeed
expires: Tue, 30 May 2023 12:45:55 GMT
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
X-Firefox-Spdy: h2
letsupload.io/themes/spirit/assets/frontend/img/adblock/primary.jpg
31.43.191.130200 OK 13 kB URL GET HTTP/2 letsupload.io/themes/spirit/assets/frontend/img/adblock/primary.jpg
IP 31.43.191.130:443
ASN #210848 Telkom Internet LTD
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerLet's Encrypt
Subjectletsupload.io
FingerprintBB:80:28:EB:B1:2B:43:88:AC:AD:B5:84:B8:AD:A9:0E:6C:4A:D8:58
ValidityThu, 09 Mar 2023 23:03:42 GMT - Wed, 07 Jun 2023 23:03:41 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 601x155, components 3\012- data
Hash 0fc3ab39bcdfd3c8d38de7d89b292ada
a89f51203f0b0db4cd1c7f18388f9a84d008efa4
c661391117b70efa486492ff5439d6239ed6bfcca5cf1319ba4ebe7c37cdc72f
GET /themes/spirit/assets/frontend/img/adblock/primary.jpg HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Cookie: filehosting=cfnnltulgfv5bnk59hehjca8r9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 30 Apr 2023 12:45:55 GMT
content-type: image/jpeg
content-length: 12809
last-modified: Mon, 28 Sep 2020 20:26:42 GMT
vary: Accept-Encoding
etag: "5f724702-3209"
server: Litespeed
expires: Tue, 30 May 2023 12:45:55 GMT
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
X-Firefox-Spdy: h2
letsupload.io/themes/spirit/assets/frontend/css/theme.css
31.43.191.130200 OK 29 kB URL GET HTTP/2 letsupload.io/themes/spirit/assets/frontend/css/theme.css
IP 31.43.191.130:443
ASN #210848 Telkom Internet LTD
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerLet's Encrypt
Subjectletsupload.io
FingerprintBB:80:28:EB:B1:2B:43:88:AC:AD:B5:84:B8:AD:A9:0E:6C:4A:D8:58
ValidityThu, 09 Mar 2023 23:03:42 GMT - Wed, 07 Jun 2023 23:03:41 GMT
File type assembler source text\012- assembler source, ASCII text
Hash b8b659a40b3c283313c56aca475ff721
aed4b31565ab3d169efa5d90ac6c99aa72582e94
ee54e48605857278cb3f9c9dd73619fb960ed6d5d14f74cabe8fc6084c9b3562
GET /themes/spirit/assets/frontend/css/theme.css HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Cookie: filehosting=cfnnltulgfv5bnk59hehjca8r9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 30 Apr 2023 12:45:55 GMT
content-type: text/css
last-modified: Mon, 28 Sep 2020 20:26:44 GMT
vary: Accept-Encoding
etag: W/"5f724704-301d8"
server: Litespeed
expires: Tue, 30 May 2023 12:45:55 GMT
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
content-encoding: br
X-Firefox-Spdy: h2
letsupload.io/themes/spirit/assets/frontend/css/lightbox.min.css
31.43.191.130200 OK 1.3 kB URL GET HTTP/2 letsupload.io/themes/spirit/assets/frontend/css/lightbox.min.css
IP 31.43.191.130:443
ASN #210848 Telkom Internet LTD
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerLet's Encrypt
Subjectletsupload.io
FingerprintBB:80:28:EB:B1:2B:43:88:AC:AD:B5:84:B8:AD:A9:0E:6C:4A:D8:58
ValidityThu, 09 Mar 2023 23:03:42 GMT - Wed, 07 Jun 2023 23:03:41 GMT
Hash be084980b4cfc079ea1eef8dffeefd9f
41d5e4cd084458134d45bd045dfcb0a7d743117f
6c9ad290d9c1221445f7bc29df80f486b0944836aaf42725a641e5396c6c13b3
GET /themes/spirit/assets/frontend/css/lightbox.min.css HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Cookie: filehosting=cfnnltulgfv5bnk59hehjca8r9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 30 Apr 2023 12:45:55 GMT
content-type: text/css
last-modified: Mon, 28 Sep 2020 20:26:46 GMT
vary: Accept-Encoding
etag: W/"5f724706-e54"
server: Litespeed
expires: Tue, 30 May 2023 12:45:55 GMT
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
content-encoding: br
X-Firefox-Spdy: h2
letsupload.io/themes/spirit/assets/frontend/css/socicon.css
31.43.191.130200 OK 2.2 kB URL GET HTTP/2 letsupload.io/themes/spirit/assets/frontend/css/socicon.css
IP 31.43.191.130:443
ASN #210848 Telkom Internet LTD
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerLet's Encrypt
Subjectletsupload.io
FingerprintBB:80:28:EB:B1:2B:43:88:AC:AD:B5:84:B8:AD:A9:0E:6C:4A:D8:58
ValidityThu, 09 Mar 2023 23:03:42 GMT - Wed, 07 Jun 2023 23:03:41 GMT
Hash 8a32524126c35d586c97bf11122b3262
6c339ab7d9709f21b73df3655f12d3c6acad2691
05083ae54fa5fc7ae6dfbf7fe7fb0f00b0363cf2a4467674e331688a10883221
GET /themes/spirit/assets/frontend/css/socicon.css HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Cookie: filehosting=cfnnltulgfv5bnk59hehjca8r9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 30 Apr 2023 12:45:55 GMT
content-type: text/css
last-modified: Mon, 28 Sep 2020 20:26:44 GMT
vary: Accept-Encoding
etag: W/"5f724704-2443"
server: Litespeed
expires: Tue, 30 May 2023 12:45:55 GMT
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
content-encoding: br
X-Firefox-Spdy: h2
resnubdreich.com/1clkn/21164
23.109.87.129200 OK 26 B URL GET HTTP/1.1 resnubdreich.com/1clkn/21164
IP 23.109.87.129:443
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerLet's Encrypt
Subjectresnubdreich.com
Fingerprint0E:DE:A5:4F:F5:41:2F:F3:B5:93:7C:B9:21:BD:40:1D:25:2E:ED:38
ValiditySat, 11 Mar 2023 23:30:51 GMT - Fri, 09 Jun 2023 23:30:50 GMT
File type ASCII text, with no line terminators
Hash 414a242a6fee8464282857e475d3ef61
f669890350347f53aa9bd19c1a355692e8d17d2f
d4914e81dd0b4c1d8ee8e789f6b369d107b93ac886f862930e1a98580e79aafa
GET /1clkn/21164 HTTP/1.1
Host: resnubdreich.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 30 Apr 2023 12:45:55 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Set-Cookie: GL_UI4=eJw9jU1Sg0AQhSH8RQ1oV3EAj8AQMcnSTVbegZphGhwD06lmQuLtHa3S3fteffVeEASr8hHCJY0husgGnl8aXe97Ve31tsZq34vda9UoIbp6u1PycIA7M7dOqhFdDOt5kuxat8SwGdAim67tSGMOT976a06WrjaGRLG0Oodk8saYQ6aYrjNyGUFs5YSQHQ1jTzdvyE9iiIQQPhvrc1jBiuYyKu4heTf2cis2aVAUaQAP51G6nnhqjfaYDCw1QvgG6046HIi%2FINM4nxydAWjU7b%2F%2Fe5qMP2uQalxM55HcB%2FI3ouZOdQ%3D%3D; expires=Mon, 01-May-2023 12:45:55 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJw9i8sKwjAURGuUYNVWBvwAf8D6QBdu1aXUhbgOtd6WYM0tTXzUr%2FcFruYwc8bzPDEIIXSJ3nIaLSfRfBZNF3M0c2KIeIdeylfjqlqZ5EKQMVf3pIasKNdsAnR%2FoFI%2BETrxbnQwZ8N38x8%2BtwCtVLs6gP%2BJrxu20dS2RLgq9GO45%2BLq3raFb8gpWxKd4K%2BTY0HjzX6L8N9%2Bz7KBtraqrPhRv7nv9IWebEhxlllyUqBxk%2BIFsdRBIw%3D%3D; expires=Mon, 01-May-2023 12:45:55 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
d219kvfj8xp5vh.cloudfront.net/?jfvkd=908293
54.230.245.54200 OK 68 kB URL GET HTTP/2 d219kvfj8xp5vh.cloudfront.net/?jfvkd=908293
IP 54.230.245.54:443
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (15948)
Hash b0a474bf8b16d468ef19bac5acf8e871
c5703873abc076bcffd9e6186799c9b94df56b12
87a8d142551477291cd5e97b943bba43e438fb0e71a5b50c1a804bfcc6a04615
GET /?jfvkd=908293 HTTP/1.1
Host: d219kvfj8xp5vh.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 68333
date: Sun, 30 Apr 2023 12:45:55 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Vv9cI_rEDh9xjKWMlg2QqHaCIX-nMPMAuuFT6qvpHDpff7H3luOaMg==
X-Firefox-Spdy: h2
letsupload.io/themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631
31.43.191.130200 OK 4.3 kB URL GET HTTP/2 letsupload.io/themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631
IP 31.43.191.130:443
ASN #210848 Telkom Internet LTD
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerLet's Encrypt
Subjectletsupload.io
FingerprintBB:80:28:EB:B1:2B:43:88:AC:AD:B5:84:B8:AD:A9:0E:6C:4A:D8:58
ValidityThu, 09 Mar 2023 23:03:42 GMT - Wed, 07 Jun 2023 23:03:41 GMT
File type Web Open Font Format (Version 2), TrueType, length 4292, version 1.0\012- data
Hash ae072782b361d2afdbf43db08d3cfb73
f3db2e65b53d97491672f8631e21d6d05905cc88
31205df908aed9881f6d2d3ae7d38975252bf99e38268978b4236dc3c314754b
GET /themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631 HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://letsupload.io/themes/spirit/assets/frontend/css/stack-interface.css
Cookie: filehosting=cfnnltulgfv5bnk59hehjca8r9
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 30 Apr 2023 12:45:55 GMT
content-type: font/woff2
content-length: 4292
last-modified: Mon, 28 Sep 2020 20:26:44 GMT
vary: Accept-Encoding
etag: "5f724704-10c4"
server: Litespeed
expires: Mon, 29 Apr 2024 12:45:55 GMT
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash f6e9eb6e156c68729dafc5b81d3d88fe
cfd12f460bdaa9800002d5a86dd6fc0cb9b722e1
7c2cad96fc6e53a8c0211337d5fa9f41f555a506671a8c4d4a801d5765a9142d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 30 Apr 2023 12:45:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash f6e9eb6e156c68729dafc5b81d3d88fe
cfd12f460bdaa9800002d5a86dd6fc0cb9b722e1
7c2cad96fc6e53a8c0211337d5fa9f41f555a506671a8c4d4a801d5765a9142d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 30 Apr 2023 12:45:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash f6e9eb6e156c68729dafc5b81d3d88fe
cfd12f460bdaa9800002d5a86dd6fc0cb9b722e1
7c2cad96fc6e53a8c0211337d5fa9f41f555a506671a8c4d4a801d5765a9142d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 30 Apr 2023 12:45:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash f6e9eb6e156c68729dafc5b81d3d88fe
cfd12f460bdaa9800002d5a86dd6fc0cb9b722e1
7c2cad96fc6e53a8c0211337d5fa9f41f555a506671a8c4d4a801d5765a9142d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 30 Apr 2023 12:45:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash f6e9eb6e156c68729dafc5b81d3d88fe
cfd12f460bdaa9800002d5a86dd6fc0cb9b722e1
7c2cad96fc6e53a8c0211337d5fa9f41f555a506671a8c4d4a801d5765a9142d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 30 Apr 2023 12:45:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
letsupload.io/themes/spirit/assets/frontend/css/stack-interface.css
31.43.191.130200 OK 46 kB URL GET HTTP/2 letsupload.io/themes/spirit/assets/frontend/css/stack-interface.css
IP 31.43.191.130:443
ASN #210848 Telkom Internet LTD
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerLet's Encrypt
Subjectletsupload.io
FingerprintBB:80:28:EB:B1:2B:43:88:AC:AD:B5:84:B8:AD:A9:0E:6C:4A:D8:58
ValidityThu, 09 Mar 2023 23:03:42 GMT - Wed, 07 Jun 2023 23:03:41 GMT
Hash 296da7057e96f961c0058358a1a148ee
6b588ab264f493ae70694af9a84a045f55dc50eb
a27ad4964b67e922f0c70737a822b0b6b2237f43d0e8d0104e4cdade9f900ff1
GET /themes/spirit/assets/frontend/css/stack-interface.css HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Cookie: filehosting=cfnnltulgfv5bnk59hehjca8r9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 30 Apr 2023 12:45:55 GMT
content-type: text/css
last-modified: Mon, 28 Sep 2020 20:26:44 GMT
vary: Accept-Encoding
etag: W/"5f724704-c0a"
server: Litespeed
expires: Tue, 30 May 2023 12:45:55 GMT
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 45 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:443
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint34:5A:0A:3B:4F:02:F9:C6:C9:D7:3F:CA:9D:17:0D:40:27:05:05:0A
ValidityMon, 03 Apr 2023 08:24:23 GMT - Mon, 26 Jun 2023 08:24:22 GMT
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://letsupload.io
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 28 Apr 2023 02:06:34 GMT
expires: Sat, 27 Apr 2024 02:06:34 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
age: 211161
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 45 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:443
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint34:5A:0A:3B:4F:02:F9:C6:C9:D7:3F:CA:9D:17:0D:40:27:05:05:0A
ValidityMon, 03 Apr 2023 08:24:23 GMT - Mon, 26 Jun 2023 08:24:22 GMT
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://letsupload.io
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 28 Apr 2023 02:06:34 GMT
expires: Sat, 27 Apr 2024 02:06:34 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
age: 211161
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i
142.250.74.106200 OK 46 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i
IP 142.250.74.106:443
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT
Hash 51ebab3c093b5c0174dd01596a55195a
5a5eab823ef62770e79fa943bff2f7106ae0d5f1
d02f5fd8e2525641a5513e543bffb3e39335ae1e30d945ef71f12d363d5b029f
GET /css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 30 Apr 2023 12:45:55 GMT
date: Sun, 30 Apr 2023 12:45:55 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
216.58.207.227200 OK 18 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
IP 216.58.207.227:443
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint34:5A:0A:3B:4F:02:F9:C6:C9:D7:3F:CA:9D:17:0D:40:27:05:05:0A
ValidityMon, 03 Apr 2023 08:24:23 GMT - Mon, 26 Jun 2023 08:24:22 GMT
File type Web Open Font Format (Version 2), TrueType, length 17820, version 1.0\012- data
Hash 3d5107abaf7bf4df5478bd04625c0929
b04d394caabf6ea3e500b74781dc2bfd54f3c18d
9ad0a22b0c58240a7a92b4c01aa31f39a5918dea6a8fdfa77e63042abc4fca31
GET /s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://letsupload.io
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17820
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 07:57:05 GMT
expires: Sun, 28 Apr 2024 07:57:05 GMT
cache-control: public, max-age=31536000
age: 103730
last-modified: Mon, 15 Aug 2022 18:13:12 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
rderstartirrelea.info/N0ZKQW4YeSkyU2Z2EBE6B3N7IiYGfi8vIE0jJHBWUyh/cggEdmw1B1N7c3FWBX95Zx5eIndwSEQyKzUbRHt7ZwdZICV8SEF7e29dA2h5c0AFYD98XxEyOiAJCndsMRpDKndwWA90cnRWAHN/dVsH
172.67.150.82204 No Content 0 B URL GET HTTP/2 rderstartirrelea.info/N0ZKQW4YeSkyU2Z2EBE6B3N7IiYGfi8vIE0jJHBWUyh/cggEdmw1B1N7c3FWBX95Zx5eIndwSEQyKzUbRHt7ZwdZICV8SEF7e29dA2h5c0AFYD98XxEyOiAJCndsMRpDKndwWA90cnRWAHN/dVsH
IP 172.67.150.82:443
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerLet's Encrypt
Subjectrderstartirrelea.info
FingerprintD3:09:62:BD:A0:9D:01:24:84:90:25:50:BC:51:D6:38:8D:84:DA:C0
ValidityThu, 27 Apr 2023 07:33:02 GMT - Wed, 26 Jul 2023 07:33:01 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /N0ZKQW4YeSkyU2Z2EBE6B3N7IiYGfi8vIE0jJHBWUyh/cggEdmw1B1N7c3FWBX95Zx5eIndwSEQyKzUbRHt7ZwdZICV8SEF7e29dA2h5c0AFYD98XxEyOiAJCndsMRpDKndwWA90cnRWAHN/dVsH HTTP/1.1
Host: rderstartirrelea.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Sun, 30 Apr 2023 12:45:55 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cZ8%2F1QoOC4J4QBa9E5DNhd67RkNrXoOkoLHM%2BSrkvsLzvZlbVajqVwivRlcs3WFhmtCaWAJUGdVfrRPBFiHNLa59CdQ5ciVnHi%2F4bw%2FZRSPPRqDgVWNVKvXRYMMqFnz4rKCGpTrfg9Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7bffe2771b240b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rderstartirrelea.info/anFDSHJFTiA7TzgbGSEWPD85CkMkNhoQPy8mcxIZDhYNHSMtIGU8Gw5MenhKWEh2bgIDFX55SkwCNykGHwJ+eVQDHyUnT0wHfnlcWl9xZkFMBH55VB4BIi9PW1czPAYGTHJ+SlhJdnBFX0R3fUU
172.67.150.82204 No Content 0 B URL GET HTTP/2 rderstartirrelea.info/anFDSHJFTiA7TzgbGSEWPD85CkMkNhoQPy8mcxIZDhYNHSMtIGU8Gw5MenhKWEh2bgIDFX55SkwCNykGHwJ+eVQDHyUnT0wHfnlcWl9xZkFMBH55VB4BIi9PW1czPAYGTHJ+SlhJdnBFX0R3fUU
IP 172.67.150.82:443
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerLet's Encrypt
Subjectrderstartirrelea.info
FingerprintD3:09:62:BD:A0:9D:01:24:84:90:25:50:BC:51:D6:38:8D:84:DA:C0
ValidityThu, 27 Apr 2023 07:33:02 GMT - Wed, 26 Jul 2023 07:33:01 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /anFDSHJFTiA7TzgbGSEWPD85CkMkNhoQPy8mcxIZDhYNHSMtIGU8Gw5MenhKWEh2bgIDFX55SkwCNykGHwJ+eVQDHyUnT0wHfnlcWl9xZkFMBH55VB4BIi9PW1czPAYGTHJ+SlhJdnBFX0R3fUU HTTP/1.1
Host: rderstartirrelea.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Sun, 30 Apr 2023 12:45:55 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fLAU13pHqURHFz3lvui7ICpbyG2EBwM6dg%2F42ysYxtC%2BqdT9DgW6sAE94RU7N%2FOxDnBN3WyqP18An%2FNxOjyMOP%2BYJ%2FATV5LPs2nzYx4f9Fe7qek4GpyjP03x9tfEKq4iYrT0y2%2BFNhQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7bffe2771b290b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash f6e9eb6e156c68729dafc5b81d3d88fe
cfd12f460bdaa9800002d5a86dd6fc0cb9b722e1
7c2cad96fc6e53a8c0211337d5fa9f41f555a506671a8c4d4a801d5765a9142d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 30 Apr 2023 12:45:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
letsupload.io/themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png
31.43.191.130200 OK 5.0 kB URL GET HTTP/2 letsupload.io/themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png
IP 31.43.191.130:443
ASN #210848 Telkom Internet LTD
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerLet's Encrypt
Subjectletsupload.io
FingerprintBB:80:28:EB:B1:2B:43:88:AC:AD:B5:84:B8:AD:A9:0E:6C:4A:D8:58
ValidityThu, 09 Mar 2023 23:03:42 GMT - Wed, 07 Jun 2023 23:03:41 GMT
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash a9a8c24cea41bed7ef78ed1d12d48291
cd86d71e15b97ab602e0e39bb6e9bbaf6779f4d7
3b379c83d1c0b117cec88debed9390723daffc2fb99cf51cc2175c47169d190e
GET /themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Cookie: filehosting=cfnnltulgfv5bnk59hehjca8r9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 30 Apr 2023 12:45:55 GMT
content-type: image/png
content-length: 5016
last-modified: Mon, 28 Sep 2020 20:26:42 GMT
vary: Accept-Encoding
etag: "5f724702-1398"
server: Litespeed
expires: Tue, 30 May 2023 12:45:55 GMT
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
X-Firefox-Spdy: h2
nedukeration.info/NUtEckZUKScfeVR2JlQzRyd5V3RzbnY0Igd6fRkwUyF8CjYAPSxcJVkkMRYgRyQqBmhbLjBXdHN9JiQibxgMPwl6DycHEncgYUAEZRMSOR5icjYRE3cHFCEpWwMWQzd7eHAbBGIOED8DdCUFCDJACTwRPG8DLCQHYRJ3PnYABwkYJUcfKAo+eggzIBNyBWFAAGUKCTEWchosMwdWJg0IIXMJLUp+VywdPydfGioxF2R8CiEqYhM8NDVvIAo7HGInIzF3TSYiOjVNGAMkNn8JKzYPXA0wIxAFPR0qckYcdjx+UDECOxxiIHIwE10gAzoqcR0MHjZsHR4UHE9mcAYDdBJwFA5aehxAIlouATwlb3ksBhdjezw/AlocBwghXSkRNzRvJixHHmN6PD4OYwhiGDVaJTRPKAMaLEQMTXgOJiQ
108.157.214.22200 OK 1.2 kB URL GET HTTP/2 nedukeration.info/NUtEckZUKScfeVR2JlQzRyd5V3RzbnY0Igd6fRkwUyF8CjYAPSxcJVkkMRYgRyQqBmhbLjBXdHN9JiQibxgMPwl6DycHEncgYUAEZRMSOR5icjYRE3cHFCEpWwMWQzd7eHAbBGIOED8DdCUFCDJACTwRPG8DLCQHYRJ3PnYABwkYJUcfKAo+eggzIBNyBWFAAGUKCTEWchosMwdWJg0IIXMJLUp+VywdPydfGioxF2R8CiEqYhM8NDVvIAo7HGInIzF3TSYiOjVNGAMkNn8JKzYPXA0wIxAFPR0qckYcdjx+UDECOxxiIHIwE10gAzoqcR0MHjZsHR4UHE9mcAYDdBJwFA5aehxAIlouATwlb3ksBhdjezw/AlocBwghXSkRNzRvJixHHmN6PD4OYwhiGDVaJTRPKAMaLEQMTXgOJiQ
IP 108.157.214.22:443
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerAmazon
Subjectnedukeration.info
Fingerprint95:45:18:1D:79:D5:0F:7B:46:CF:15:61:D4:43:EE:1E:2D:89:79:A3
ValiditySun, 16 Apr 2023 00:00:00 GMT - Tue, 14 May 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3018), with no line terminators
Hash 7ca7efc159dd5c10a906b361c2f118e1
c54c7c739523dbabe956f4da18d338858ee17d0f
245cd7c5e4cee7b4dfcced971874b4a2e61d3aac82f8471e0fbcfb5d79e8de40
Analyzer Verdict Alert fortinet Phishing
GET /NUtEckZUKScfeVR2JlQzRyd5V3RzbnY0Igd6fRkwUyF8CjYAPSxcJVkkMRYgRyQqBmhbLjBXdHN9JiQibxgMPwl6DycHEncgYUAEZRMSOR5icjYRE3cHFCEpWwMWQzd7eHAbBGIOED8DdCUFCDJACTwRPG8DLCQHYRJ3PnYABwkYJUcfKAo+eggzIBNyBWFAAGUKCTEWchosMwdWJg0IIXMJLUp+VywdPydfGioxF2R8CiEqYhM8NDVvIAo7HGInIzF3TSYiOjVNGAMkNn8JKzYPXA0wIxAFPR0qckYcdjx+UDECOxxiIHIwE10gAzoqcR0MHjZsHR4UHE9mcAYDdBJwFA5aehxAIlouATwlb3ksBhdjezw/AlocBwghXSkRNzRvJixHHmN6PD4OYwhiGDVaJTRPKAMaLEQMTXgOJiQ HTTP/1.1
Host: nedukeration.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1177
date: Sun, 30 Apr 2023 12:45:55 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 3f25be8570bf62f8d4607f79984fccec.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: VwY_8_wNfls9PjL2pGgrl4NhOi7fSL0dm3ygKeUl6oX9fnleB3paJw==
X-Firefox-Spdy: h2
letsupload.io/themes/spirit/assets/frontend/img/favicon/favicon-16x16.png
31.43.191.130200 OK 447 B URL GET HTTP/2 letsupload.io/themes/spirit/assets/frontend/img/favicon/favicon-16x16.png
IP 31.43.191.130:443
ASN #210848 Telkom Internet LTD
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerLet's Encrypt
Subjectletsupload.io
FingerprintBB:80:28:EB:B1:2B:43:88:AC:AD:B5:84:B8:AD:A9:0E:6C:4A:D8:58
ValidityThu, 09 Mar 2023 23:03:42 GMT - Wed, 07 Jun 2023 23:03:41 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash f3d5da06fe8d5a2425d5d229285e5eea
01032b864f3c74bbf44771e2ba41eeb2251fad90
d11d596429d3543bfb07191a87a67a8c22e198113c6f3a109158a5a85bf82f26
GET /themes/spirit/assets/frontend/img/favicon/favicon-16x16.png HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Cookie: filehosting=cfnnltulgfv5bnk59hehjca8r9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 30 Apr 2023 12:45:55 GMT
content-type: image/png
content-length: 447
last-modified: Mon, 28 Sep 2020 20:26:40 GMT
vary: Accept-Encoding
etag: "5f724700-1bf"
server: Litespeed
expires: Tue, 30 May 2023 12:45:55 GMT
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash b34bef788a07e2e55b672a7428dae4ba
52abf5c08f91053e3180ed508ee94b87b3f3dcfe
8fad894301c2cc30ce2ade069ec9518fe56fcccc7391c4ea2397e27668f94edb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 30 Apr 2023 12:45:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash b34bef788a07e2e55b672a7428dae4ba
52abf5c08f91053e3180ed508ee94b87b3f3dcfe
8fad894301c2cc30ce2ade069ec9518fe56fcccc7391c4ea2397e27668f94edb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 30 Apr 2023 12:45:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash e88f92e36cee5b9a8a4f3f7e0487426c
cfb6df147e107497e4de5f2007ce2ac4ff2f9d06
2c3c9f23536eb7f2a855a832e38320ec538be4b721adbe3f20e804ac279373e6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 30 Apr 2023 12:45:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash e88f92e36cee5b9a8a4f3f7e0487426c
cfb6df147e107497e4de5f2007ce2ac4ff2f9d06
2c3c9f23536eb7f2a855a832e38320ec538be4b721adbe3f20e804ac279373e6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 30 Apr 2023 12:45:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
nedukeration.info/dU9Ld1cULSgaaBRyKVEiByN2UmUzankxM0d+chwhEyVzDydAOSNZNBkgPhMxByAlA3kbKj9SZTMKBCERIgJ6PTYlJSMhNSB/fzowQD0IIDseDCYUMTo2HRQHMCM4ORESHi4fIBkODCUGPQcJPxwzfjgtPyBqeTUAMXczMzknLBsNAjoWM08gOCMNARMtLCEiOkwaGx4vFB8nIiAWOA4iEz12JjE6NAUuJGM2FjMPPjMNERAUIX9uRREtHC81MzIeDzwwMyEIJgEYBww+AjMiCj0eDA4cLg8dKBEQJ00MEx8tNBgBEhkxGRInBQ0lDjYRHAwMMTo0IgI+MzJiGjMZMw4hOmYgdhovBR4rHDoeLAcsMzMwNzgtIFMlOBg5BXIpHBU2AjhEYRwC
108.157.214.22200 OK 1.2 kB URL GET HTTP/2 nedukeration.info/dU9Ld1cULSgaaBRyKVEiByN2UmUzankxM0d+chwhEyVzDydAOSNZNBkgPhMxByAlA3kbKj9SZTMKBCERIgJ6PTYlJSMhNSB/fzowQD0IIDseDCYUMTo2HRQHMCM4ORESHi4fIBkODCUGPQcJPxwzfjgtPyBqeTUAMXczMzknLBsNAjoWM08gOCMNARMtLCEiOkwaGx4vFB8nIiAWOA4iEz12JjE6NAUuJGM2FjMPPjMNERAUIX9uRREtHC81MzIeDzwwMyEIJgEYBww+AjMiCj0eDA4cLg8dKBEQJ00MEx8tNBgBEhkxGRInBQ0lDjYRHAwMMTo0IgI+MzJiGjMZMw4hOmYgdhovBR4rHDoeLAcsMzMwNzgtIFMlOBg5BXIpHBU2AjhEYRwC
IP 108.157.214.22:443
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerAmazon
Subjectnedukeration.info
Fingerprint95:45:18:1D:79:D5:0F:7B:46:CF:15:61:D4:43:EE:1E:2D:89:79:A3
ValiditySun, 16 Apr 2023 00:00:00 GMT - Tue, 14 May 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2995), with no line terminators
Hash 52fc618d4c9b4870f8d45f6c0d999790
7442b807e4e49402bed05acf15edb3edee336a2a
1289441d8faf9127f4d63eaefdf3c2eeec9b728dfb8f5b782d67a87da32169e0
Analyzer Verdict Alert fortinet Phishing
GET /dU9Ld1cULSgaaBRyKVEiByN2UmUzankxM0d+chwhEyVzDydAOSNZNBkgPhMxByAlA3kbKj9SZTMKBCERIgJ6PTYlJSMhNSB/fzowQD0IIDseDCYUMTo2HRQHMCM4ORESHi4fIBkODCUGPQcJPxwzfjgtPyBqeTUAMXczMzknLBsNAjoWM08gOCMNARMtLCEiOkwaGx4vFB8nIiAWOA4iEz12JjE6NAUuJGM2FjMPPjMNERAUIX9uRREtHC81MzIeDzwwMyEIJgEYBww+AjMiCj0eDA4cLg8dKBEQJ00MEx8tNBgBEhkxGRInBQ0lDjYRHAwMMTo0IgI+MzJiGjMZMw4hOmYgdhovBR4rHDoeLAcsMzMwNzgtIFMlOBg5BXIpHBU2AjhEYRwC HTTP/1.1
Host: nedukeration.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1155
date: Sun, 30 Apr 2023 12:45:55 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 3f25be8570bf62f8d4607f79984fccec.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: ZC6b81skxTjsoaks1xobs--IF8XKWa6y74pSNeEfneNwUpzyJaXfqg==
X-Firefox-Spdy: h2
nedukeration.info/utx?cb=2dp9PoMefKYH&top=letsupload.io&tid=908293
108.157.214.22204 No Content 0 B URL GET HTTP/2 nedukeration.info/utx?cb=2dp9PoMefKYH&top=letsupload.io&tid=908293
IP 108.157.214.22:443
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerAmazon
Subjectnedukeration.info
Fingerprint95:45:18:1D:79:D5:0F:7B:46:CF:15:61:D4:43:EE:1E:2D:89:79:A3
ValiditySun, 16 Apr 2023 00:00:00 GMT - Tue, 14 May 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=2dp9PoMefKYH&top=letsupload.io&tid=908293 HTTP/1.1
Host: nedukeration.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://letsupload.io
Connection: keep-alive
Referer: https://letsupload.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Sun, 30 Apr 2023 12:45:55 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://letsupload.io
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 30 Apr 2023 12:46:55 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 3f25be8570bf62f8d4607f79984fccec.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: 1FHNrAv456XLuRBn30Pwm6EEcSL5wJlLvvvuFm1tLhHg-7mmlUA5dg==
X-Firefox-Spdy: h2
s10.histats.com/js15_as.js
46.105.201.240200 OK 4.4 kB URL GET HTTP/2 s10.histats.com/js15_as.js
IP 46.105.201.240:443
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerLet's Encrypt
Subjecthistats.com
FingerprintF3:F6:9F:E3:A0:B3:22:C0:B2:93:4E:22:72:B6:D1:DA:40:BA:AE:9B
ValidityWed, 15 Mar 2023 12:20:28 GMT - Tue, 13 Jun 2023 12:20:27 GMT
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 30 Apr 2023 12:42:15 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 228625419
content-type: text/javascript
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.2200 OK 47 kB URL GET HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.2:443
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint09:1D:A9:AE:08:E0:55:47:86:0B:F7:70:DB:E9:AC:C4:2F:DE:19:E7
ValidityMon, 03 Apr 2023 08:16:10 GMT - Mon, 26 Jun 2023 08:16:09 GMT
File type ASCII text, with very long lines (3605)
Hash 16a1cbad2e23c437bb15465782e0cc04
d6e6d9bab44aab2143b23b14e2f7432d25b65667
6e9ef68e9198bda89fee57209b7f99abeaf1193ebddcaea6e030a0fffdb2b5a1
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 30 Apr 2023 12:45:56 GMT
expires: Sun, 30 Apr 2023 12:45:56 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 1721216403450586098
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 47338
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
142.250.74.77302 Found 395 B URL GET HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 142.250.74.77:443
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint96:EA:93:42:16:A6:B8:80:16:85:0B:B3:67:3A:BA:43:A8:41:32:23
ValidityMon, 03 Apr 2023 08:25:08 GMT - Mon, 26 Jun 2023 08:25:07 GMT
File type gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)\012- data
Hash b47bc7e1fd49f2f0878ceaeab28408de
5ceff2cc6ca35f1528010d8306913b3dfe1ab617
6d77d73a274e9e24d6b18807f4871ac06f972f62c71dcc058e78c45a9a35c616
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 30 Apr 2023 12:45:56 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneFLqyG4_riks2R7opj96CoayEVilotABERKKtumGHIiNZfwwaKnDPnpy7uaR0aUoDZse-J2
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-bFcZhcnie1TUwWd0mqGAHg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy: unsafe-none; report-to="AccountsSigninPassiveLoginHttp"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
report-to: {"group":"AccountsSigninPassiveLoginHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSigninPassiveLoginHttp/external"}]}, {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/binary
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
set-cookie: __Host-GAPS=1:2rsJmu0OK_Ar6pPPMW-m5CidSdpKXw:JWvvZBFmFhr-rzRO; Expires=Tue, 29-Apr-2025 12:45:56 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.2200 OK 47 kB URL GET HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.2:443
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint09:1D:A9:AE:08:E0:55:47:86:0B:F7:70:DB:E9:AC:C4:2F:DE:19:E7
ValidityMon, 03 Apr 2023 08:16:10 GMT - Mon, 26 Jun 2023 08:16:09 GMT
File type ASCII text, with very long lines (3605)
Hash 27e9fb6e8ae2c553ffb0a26c352b2e78
f8e3d61c3e487db17b276d0132564f641aeb03e4
cee96aef5db9e15f8fa94016f86293de7c6ef445bddeee1e13fed5b9208761a7
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 30 Apr 2023 12:45:56 GMT
expires: Sun, 30 Apr 2023 12:45:56 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 9197909982013795639
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 47335
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.2200 OK 47 kB URL GET HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.2:443
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint09:1D:A9:AE:08:E0:55:47:86:0B:F7:70:DB:E9:AC:C4:2F:DE:19:E7
ValidityMon, 03 Apr 2023 08:16:10 GMT - Mon, 26 Jun 2023 08:16:09 GMT
File type ASCII text, with very long lines (3605)
Hash db367cb895d1ca353570fdc353796e94
7937284dc8aa2e4a79f71318a80a9b0eef17c4a1
2168b85ca27e9b60fd367c94887de16655fd9e704704fc116ba99011e8a6fca2
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 30 Apr 2023 12:45:56 GMT
expires: Sun, 30 Apr 2023 12:45:56 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 5357985494052790063
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 47343
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 672f5be2ac9516eddf5124acb47532fd
7cb17e650eb3137fc6cb41d957d2bf858f2b5875
03322467627bd3814bc78b7040562672a55a2749cf9096767d36fdc263e539ce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 30 Apr 2023 12:45:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d219kvfj8xp5vh.cloudfront.net/?jfvkd=908293
54.230.245.54200 OK 68 kB URL GET HTTP/2 d219kvfj8xp5vh.cloudfront.net/?jfvkd=908293
IP 54.230.245.54:443
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (15948)
Hash 018fc677a45949741ae1a6274b3d9525
5f82a0224d1b6beed1b7cb53fad371f145ae61b3
b3fa1dc12f4466f04623dcd335f48e29662a09d3eef78a58a0516be11c9dce21
GET /?jfvkd=908293 HTTP/1.1
Host: d219kvfj8xp5vh.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://letsupload.io/
Origin: https://letsupload.io
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 68333
date: Sun, 30 Apr 2023 12:45:56 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://letsupload.io
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ck0Tx979GoJRPaVxl1rEkG-MOV2IoMZxjnYFqqHCjPp1vc-WNH2wMA==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash e88f92e36cee5b9a8a4f3f7e0487426c
cfb6df147e107497e4de5f2007ce2ac4ff2f9d06
2c3c9f23536eb7f2a855a832e38320ec538be4b721adbe3f20e804ac279373e6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 30 Apr 2023 12:45:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d219kvfj8xp5vh.cloudfront.net/EOVFWM1JaPjhVbU04Mg5rCWlkCmcfOyVcPElsNFgQehwlAGRQHHBHKF1sZhU+WD8xDnRcPzUOYx8wMlFvDXcjUm9UPixaPlUwcwEUDH9mFmAJeS4CYxxiFBZgCT0/XSdBdGQDKgFnCQVmHGIUFmAJIyAWYXhgZgp8CXhzAWJeNDVYPRxjEAFiCGFmAmIIdG-QDNFAjM1U9QXRkdWMIYHgDdExsZw
54.230.245.54 189 B URL d219kvfj8xp5vh.cloudfront.net/EOVFWM1JaPjhVbU04Mg5rCWlkCmcfOyVcPElsNFgQehwlAGRQHHBHKF1sZhU+WD8xDnRcPzUOYx8wMlFvDXcjUm9UPixaPlUwcwEUDH9mFmAJeS4CYxxiFBZgCT0/XSdBdGQDKgFnCQVmHGIUFmAJIyAWYXhgZgp8CXhzAWJeNDVYPRxjEAFiCGFmAmIIdG-QDNFAjM1U9QXRkdWMIYHgDdExsZw
IP 54.230.245.54:0
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 24628a18cb4a9c67837a2b09e4effb9a
878cabc428df5c45a6aaf390f7b7e9b58ba8aef2
78bd8dff2125c21d8825b155e3822b0920e1970eb0dc66928770b9ba3c1143b5
GET /EOVFWM1JaPjhVbU04Mg5rCWlkCmcfOyVcPElsNFgQehwlAGRQHHBHKF1sZhU+WD8xDnRcPzUOYx8wMlFvDXcjUm9UPixaPlUwcwEUDH9mFmAJeS4CYxxiFBZgCT0/XSdBdGQDKgFnCQVmHGIUFmAJIyAWYXhgZgp8CXhzAWJeNDVYPRxjEAFiCGFmAmIIdG-QDNFAjM1U9QXRkdWMIYHgDdExsZw HTTP/1.1
Host: d219kvfj8xp5vh.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nedukeration.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 189
date: Sun, 30 Apr 2023 12:45:56 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: eVlJ_jPW7MLAUjKlGOkYy4kuOCQhW8-nyvM5RjCwbAMjZokTHl7eDA==
X-Firefox-Spdy: h2
d219kvfj8xp5vh.cloudfront.net/6bVdZSHMOODcuTBk+PXVKXW9rcUBLPSonHR1qN34iBWETMEAnAztuBxczZHhVATY3L05LMjcrTlxxOCwRUGN/PAMCPGQhAAcmIzgFBi88bgYMajQnCQQ7NSlWXxFsZkNIZWlgC1xmfHsxSGVpJBoDIiFtQV0vYX4sW2N8ezFIZWk6BUhkGHlDVHlpYVZfZz-4tEAY4fHo1X2doeENcZ2htQV0xMDoWCzghbUErZmh5XV1xLHVC
54.230.245.54 498 B URL d219kvfj8xp5vh.cloudfront.net/6bVdZSHMOODcuTBk+PXVKXW9rcUBLPSonHR1qN34iBWETMEAnAztuBxczZHhVATY3L05LMjcrTlxxOCwRUGN/PAMCPGQhAAcmIzgFBi88bgYMajQnCQQ7NSlWXxFsZkNIZWlgC1xmfHsxSGVpJBoDIiFtQV0vYX4sW2N8ezFIZWk6BUhkGHlDVHlpYVZfZz-4tEAY4fHo1X2doeENcZ2htQV0xMDoWCzghbUErZmh5XV1xLHVC
IP 54.230.245.54:0
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (679), with no line terminators
Hash 6feb06621ba12d09c1a52a61277b5196
638af356ee679c784db6e89ad597e10a7462edb7
697fea57ecd4dafb009786c999653de6e308ea6fd575e4a5287dbf7c438d6531
GET /6bVdZSHMOODcuTBk+PXVKXW9rcUBLPSonHR1qN34iBWETMEAnAztuBxczZHhVATY3L05LMjcrTlxxOCwRUGN/PAMCPGQhAAcmIzgFBi88bgYMajQnCQQ7NSlWXxFsZkNIZWlgC1xmfHsxSGVpJBoDIiFtQV0vYX4sW2N8ezFIZWk6BUhkGHlDVHlpYVZfZz-4tEAY4fHo1X2doeENcZ2htQV0xMDoWCzghbUErZmh5XV1xLHVC HTTP/1.1
Host: d219kvfj8xp5vh.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nedukeration.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 498
date: Sun, 30 Apr 2023 12:45:56 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EWU6ld0KfzHGbOq2xbpMMULiU7_MfOngcRbF50XLC7x_UyS7OjaSKQ==
X-Firefox-Spdy: h2
accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneFRS_8GgnrXkb572HKKG-fmMKEqvt3saA_-bZy5FKXpU5xtzhZzenc84cs9ETIEjqoqD2BI
142.250.74.77302 Found 398 B URL GET HTTP/3 accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneFRS_8GgnrXkb572HKKG-fmMKEqvt3saA_-bZy5FKXpU5xtzhZzenc84cs9ETIEjqoqD2BI
IP 142.250.74.77:443
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintD5:3A:80:A6:03:B0:E4:36:0E:46:7B:36:45:CB:50:4C:D6:98:CE:59
ValidityMon, 03 Apr 2023 08:17:58 GMT - Mon, 26 Jun 2023 08:17:57 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (384)
Hash ddb093eee062498e694af6d9b670987e
eb3692c129d75c01984e1ff388020a2de542beaa
d8f84d3e068686fab582d830e843d6e2dc8e034c3d3fb10f7bc7cb027e97a13b
GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneFRS_8GgnrXkb572HKKG-fmMKEqvt3saA_-bZy5FKXpU5xtzhZzenc84cs9ETIEjqoqD2BI HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://letsupload.io/
Alt-Used: accounts.google.com
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 30 Apr 2023 12:45:56 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S1996747960%3A1682858756338368&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFW6XKzSvFJuoBJFd9v3aBE-Kb77K7cvDfeZjA4Kmi63nlX_Kk3-D7sZsGi2xxdtJHf_FIP9w&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-s3rIbKEWCHoOQRJmaGueOw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 398
server: GSE
set-cookie: __Host-GAPS=1:H7Ssoi-Nz5-oTfrTYZ426A5WPTrfpw:bKAsGP4TNnyJiDNS;Path=/;Expires=Tue, 29-Apr-2025 12:45:56 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2032633001482750&plah=letsupload.io&bust=31074193
142.250.74.2200 OK 122 kB URL GET HTTP/3 pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2032633001482750&plah=letsupload.io&bust=31074193
IP 142.250.74.2:443
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint09:1D:A9:AE:08:E0:55:47:86:0B:F7:70:DB:E9:AC:C4:2F:DE:19:E7
ValidityMon, 03 Apr 2023 08:16:10 GMT - Mon, 26 Jun 2023 08:16:09 GMT
File type ASCII text, with very long lines (4405)
Size 122 kB (122003 bytes)
Hash 133b3e2715b549c47143ab5859c353d9
750296ec5cba679cab028c262bbc0c521b402535
57f42cc7e4d601772bcd5b744b3aba358bf8a83c57012c8b6a52d9232524f83e
GET /pagead/managed/js/adsense/m202304260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2032633001482750&plah=letsupload.io&bust=31074193 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: pagead2.googlesyndication.com
Connection: keep-alive
Referer: https://letsupload.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 30 Apr 2023 12:45:56 GMT
expires: Sun, 30 Apr 2023 12:45:56 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 9412240941897183093
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 122003
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
accounts.google.com/v3/signin/identifier?dsh=S1996747960%3A1682858756338368&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFW6XKzSvFJuoBJFd9v3aBE-Kb77K7cvDfeZjA4Kmi63nlX_Kk3-D7sZsGi2xxdtJHf_FIP9w&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
142.250.74.77403 Forbidden 805 B URL GET HTTP/3 accounts.google.com/v3/signin/identifier?dsh=S1996747960%3A1682858756338368&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFW6XKzSvFJuoBJFd9v3aBE-Kb77K7cvDfeZjA4Kmi63nlX_Kk3-D7sZsGi2xxdtJHf_FIP9w&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
IP 142.250.74.77:443
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintD5:3A:80:A6:03:B0:E4:36:0E:46:7B:36:45:CB:50:4C:D6:98:CE:59
ValidityMon, 03 Apr 2023 08:17:58 GMT - Mon, 26 Jun 2023 08:17:57 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1644), with no line terminators
Hash aa7bb8cd7344fcbca84a97e004722fdd
1a7a4a4fffc5b099d15dbd85b2c560639620ec8d
3ea9f369cf83bd70213012f0f4e5a352542e4697289300c15cae5f9eb8007194
GET /v3/signin/identifier?dsh=S1996747960%3A1682858756338368&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFW6XKzSvFJuoBJFd9v3aBE-Kb77K7cvDfeZjA4Kmi63nlX_Kk3-D7sZsGi2xxdtJHf_FIP9w&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://letsupload.io/
Alt-Used: accounts.google.com
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 30 Apr 2023 12:45:56 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: script-src 'nonce-xlsCepwyxV-fKStKbOVrow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi/external"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 672f5be2ac9516eddf5124acb47532fd
7cb17e650eb3137fc6cb41d957d2bf858f2b5875
03322467627bd3814bc78b7040562672a55a2749cf9096767d36fdc263e539ce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 30 Apr 2023 12:45:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 1bb95c4d65e1aa28271640739efa8270
06acc6a803313a549446ffbddaa58ba5da3517ba
455d684c64f2b767464c92e6aebc8bfd42f66474dc74b2170cb2a5e1ecfe1ad6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 30 Apr 2023 12:45:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 1d1a1fca2f534baa65cd197e6a552da3
b65be463157facb6a31781090128dce6ac7dc1de
93f5498fee87b0e12451d7ba7a75cfa9fe97dc3a06a3152e39b196e033ae6069
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 30 Apr 2023 12:45:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
142.250.74.77302 Found 908 B URL GET HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 142.250.74.77:443
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint96:EA:93:42:16:A6:B8:80:16:85:0B:B3:67:3A:BA:43:A8:41:32:23
ValidityMon, 03 Apr 2023 08:25:08 GMT - Mon, 26 Jun 2023 08:25:07 GMT
File type gzip compressed data, max compression\012- data
Hash c300519c7f8e9d7e91f0acbacd2c32c3
263451f040f05d78a2e3cd75b08e29f9206cc43d
e18902afc4778c5761ecf503ff75d2c269ea496ea5afb3f4d7a3da237466d564
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 30 Apr 2023 12:45:56 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneFRS_8GgnrXkb572HKKG-fmMKEqvt3saA_-bZy5FKXpU5xtzhZzenc84cs9ETIEjqoqD2BI
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-C5aBAabkOvLddolSJ6q65g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy: unsafe-none
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-type: application/binary
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
set-cookie: __Host-GAPS=1:UdAHP1b_p7QBMs4T6cB8rLLDHb_SwA:Gn9ogfdZsIUsOBrG; Expires=Tue, 29-Apr-2025 12:45:56 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
partner.googleadservices.com/gampad/cookie.js?domain=letsupload.io&callback=_gfp_s_&client=ca-pub-2032633001482750
216.58.207.226200 OK 253 B URL GET HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=letsupload.io&callback=_gfp_s_&client=ca-pub-2032633001482750
IP 216.58.207.226:443
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerGoogle Trust Services LLC
Subject*.googleadservices.com
Fingerprint64:FB:54:D3:87:13:FF:E1:0B:82:AB:82:7D:DD:06:E3:5E:CB:77:C2
ValidityMon, 03 Apr 2023 08:21:53 GMT - Mon, 26 Jun 2023 08:21:52 GMT
File type ASCII text, with very long lines (393), with no line terminators
Hash 0c00c2711a07f737017e93655aea39ff
cf1f453462b774af240717abae886d1352993d16
0389bf92ca5d045c635d0910f66e2bff49a327a80c0cf4be9052d4e2a368357d
GET /gampad/cookie.js?domain=letsupload.io&callback=_gfp_s_&client=ca-pub-2032633001482750 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 30 Apr 2023 12:45:56 GMT
server: cafe
cache-control: private
content-length: 253
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
188.114.97.1200 OK 102 kB IP 188.114.97.1:443
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
Size 102 kB (102500 bytes)
Hash 65d4e6ff48a67f0573ed14eb88bce542
38ad86eee39e27e97eab0386292db224a63abfb5
a47afbeb95728c17a0076b242f0c6309f587dc7f5d596fd7b8f56e76cdeda1fa
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://letsupload.io/
Origin: https://letsupload.io
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 30 Apr 2023 12:45:56 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://letsupload.io
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Sun, 30 Apr 2023 10:23:46 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BbdnA8XGrzz5iChk05KEoZ5AJYuRNc9iudjpp9fcoAlUEULmeb0orxJOCgXXqWEw8qa0YMXKLinPQN4jD6%2Bx32dqf297jewtavGqYZcb%2BkB4FBjS8bg5zLisVaG8Rzul"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7bffe2798dbb0b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s4.histats.com/stats/0.php?4434016&@f16&@g1&@h1&@i1&@j1682858755983&@k0&@l1&@mShadows.of.Doubt.Build.11115953.zip%20-%20LetsUpload%20Unlimited%20Cloud%20Storage&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-6294894&@b3:1682858756&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fletsupload.io%2F4EFv8%2FShadows.of.Doubt.Build.11115953.zip&@w
149.56.240.127200 OK 52 B URL GET HTTP/1.1 s4.histats.com/stats/0.php?4434016&@f16&@g1&@h1&@i1&@j1682858755983&@k0&@l1&@mShadows.of.Doubt.Build.11115953.zip%20-%20LetsUpload%20Unlimited%20Cloud%20Storage&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-6294894&@b3:1682858756&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fletsupload.io%2F4EFv8%2FShadows.of.Doubt.Build.11115953.zip&@w
IP 149.56.240.127:443
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerLet's Encrypt
Subjecthistats.com
FingerprintF3:F6:9F:E3:A0:B3:22:C0:B2:93:4E:22:72:B6:D1:DA:40:BA:AE:9B
ValidityWed, 15 Mar 2023 12:20:28 GMT - Tue, 13 Jun 2023 12:20:27 GMT
File type ASCII text, with no line terminators
Hash bd38204c0f62b40b160d3df3e037220f
25197a6e7060a809802828f22e7eb52236747770
fa3b0107daba86f44cde8e70951a244a6aa0b5df08c32ba02c4cc384139bca2c
GET /stats/0.php?4434016&@f16&@g1&@h1&@i1&@j1682858755983&@k0&@l1&@mShadows.of.Doubt.Build.11115953.zip%20-%20LetsUpload%20Unlimited%20Cloud%20Storage&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-6294894&@b3:1682858756&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fletsupload.io%2F4EFv8%2FShadows.of.Doubt.Build.11115953.zip&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 30 Apr 2023 12:45:56 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 52
Connection: close
pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&ign=false&pw=1280&ph=1024&x=640&y=69.6
142.250.74.2204 No Content 0 B URL GET HTTP/3 pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&ign=false&pw=1280&ph=1024&x=640&y=69.6
IP 142.250.74.2:443
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint09:1D:A9:AE:08:E0:55:47:86:0B:F7:70:DB:E9:AC:C4:2F:DE:19:E7
ValidityMon, 03 Apr 2023 08:16:10 GMT - Mon, 26 Jun 2023 08:16:09 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/gen_204?id=ach_evt&tn=DIV&ign=false&pw=1280&ph=1024&x=640&y=69.6 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: pagead2.googlesyndication.com
Connection: keep-alive
Referer: https://letsupload.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 30 Apr 2023 12:45:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 1bb95c4d65e1aa28271640739efa8270
06acc6a803313a549446ffbddaa58ba5da3517ba
455d684c64f2b767464c92e6aebc8bfd42f66474dc74b2170cb2a5e1ecfe1ad6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 30 Apr 2023 12:45:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 1d1a1fca2f534baa65cd197e6a552da3
b65be463157facb6a31781090128dce6ac7dc1de
93f5498fee87b0e12451d7ba7a75cfa9fe97dc3a06a3152e39b196e033ae6069
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 30 Apr 2023 12:45:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230426&st=env
142.250.74.2200 OK 11 kB URL GET HTTP/3 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230426&st=env
IP 142.250.74.2:443
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint09:1D:A9:AE:08:E0:55:47:86:0B:F7:70:DB:E9:AC:C4:2F:DE:19:E7
ValidityMon, 03 Apr 2023 08:16:10 GMT - Mon, 26 Jun 2023 08:16:09 GMT
File type JSON data\012- , ASCII text, with very long lines (14765), with no line terminators
Hash 0e71bc808716631e508710731055b723
77927a6ae14d01865bbbdbfc82a4c606dbae5208
80588bfb23aeae7d653cdd3aa125d6ec1c41a21342be216333faa758a4d7462f
GET /getconfig/sodar?sv=200&tid=gda&tv=r20230426&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://letsupload.io
Connection: keep-alive
Referer: https://letsupload.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Sun, 30 Apr 2023 12:45:56 GMT
server: cafe
content-length: 11146
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 03ec78bc41fd330b7625eb41df1b14fc
83b69764acee95e3858bcb89370ed996be8c0002
4d75a3075aed068de1761d427590558ac10b9516d490f2997cbc1e465de0fbb7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 30 Apr 2023 12:45:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
31.13.72.36200 OK 31 kB URL GET HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP 31.13.72.36:443
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerDigiCert Inc
Subject*.facebook.com
FingerprintCA:09:73:61:C4:EA:FB:40:29:58:C4:93:8A:F5:9C:A7:33:06:3C:FF
ValidityMon, 06 Feb 2023 00:00:00 GMT - Sun, 07 May 2023 23:59:59 GMT
Hash 671b719c9472fbe4975d78ee5b05b156
bfe885873a6b3599f0ce3f7cc4690481ef396f52
a6d3b8c8f9d80474327473d54c6d447162ef556e9ff7b73dc9b55106faef67ce
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: jG4rAxL0GZ1+ounmln29PeO21nsqxOZ+APpr5I1AHmeIokPLnI4F23Y5C8++XvqzwdqmhNZGp8PyjT7GeeBdAQ==
date: Sun, 30 Apr 2023 12:45:56 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
216.58.207.193200 OK 5.0 kB URL GET HTTP/3 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 216.58.207.193:443
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint09:1D:A9:AE:08:E0:55:47:86:0B:F7:70:DB:E9:AC:C4:2F:DE:19:E7
ValidityMon, 03 Apr 2023 08:16:10 GMT - Mon, 26 Jun 2023 08:16:09 GMT
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: tpc.googlesyndication.com
Connection: keep-alive
Referer: https://letsupload.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 22:14:09 GMT
expires: Sun, 28 Apr 2024 22:14:09 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
vary: Accept-Encoding
age: 52307
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 92c57fbefb4b55aef6275dd1a7488c9c
75e1b80a55a207f24010aaa88d92f4b1f923e940
e568d5accf8fb165a5183f0e4caded640bde57f1a6d28701d50c8bfc277936fa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 30 Apr 2023 12:45:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 513 B URL GET HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:443
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintC3:7C:54:CD:86:09:A4:3E:2C:6D:EC:7C:FA:65:7B:3E:64:CB:10:E0
ValidityMon, 03 Apr 2023 08:25:07 GMT - Mon, 26 Jun 2023 08:25:06 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 43b0201f5c35cc4265511089cae0ea60
f6267777582c55e9fa8e05213a0a690b8a05a6f7
86eb09c5fffc8cc44914889c07a1afbb7723cd1b50a4b382147584d1bd6a4dbd
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 30 Apr 2023 12:45:57 GMT
date: Sun, 30 Apr 2023 12:45:57 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-8mWlg96ms4CARcwYJsFOFw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/bg/wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js
142.250.74.2 14 kB URL pagead2.googlesyndication.com/bg/wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js
IP 142.250.74.2:0
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint09:1D:A9:AE:08:E0:55:47:86:0B:F7:70:DB:E9:AC:C4:2F:DE:19:E7
ValidityMon, 03 Apr 2023 08:16:10 GMT - Mon, 26 Jun 2023 08:16:09 GMT
File type ASCII text, with very long lines (36095)
Hash 90cf568ed6b653a88b40701e190bd153
3213a9dd31941399d9c9ceb116f231a71f147323
b55aa31700550fe895635aa9f1ca08011a77213b9a4b4607f914373fc54fe725
GET /bg/wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: pagead2.googlesyndication.com
Connection: keep-alive
Referer: https://tpc.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14195
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 26 Apr 2023 20:09:41 GMT
expires: Thu, 25 Apr 2024 20:09:41 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 25 Apr 2023 09:48:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 318976
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230426&jk=4194941067074356&rc=
142.250.74.2204 No Content 0 B URL GET HTTP/3 pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230426&jk=4194941067074356&rc=
IP 142.250.74.2:443
Requested by https://www.google.com/recaptcha/api2/aframe
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint09:1D:A9:AE:08:E0:55:47:86:0B:F7:70:DB:E9:AC:C4:2F:DE:19:E7
ValidityMon, 03 Apr 2023 08:16:10 GMT - Mon, 26 Jun 2023 08:16:09 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/sodar?id=sodar2&v=225&li=gda_r20230426&jk=4194941067074356&rc= HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: pagead2.googlesyndication.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 30 Apr 2023 12:45:57 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
tpc.googlesyndication.com/generate_204?acYJjA
216.58.207.193 0 B URL tpc.googlesyndication.com/generate_204?acYJjA
IP 216.58.207.193:0
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint09:1D:A9:AE:08:E0:55:47:86:0B:F7:70:DB:E9:AC:C4:2F:DE:19:E7
ValidityMon, 03 Apr 2023 08:16:10 GMT - Mon, 26 Jun 2023 08:16:09 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /generate_204?acYJjA HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: tpc.googlesyndication.com
Connection: keep-alive
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-length: 0
cross-origin-resource-policy: cross-origin
date: Sun, 30 Apr 2023 12:45:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230426&jk=4194941067074356&bg=!CgmlCV3NAAb9Sbh13Uk7ADkAdvg8WpXkUymdAG0is0-J0Nusq7PTb401fFkY-XiTjaN-MMlcjjerl56RL9yScfTqqS_KJLyfAGMCAAAAq1IAAAAGaAEHmQKNka6ZIYUhTjYvq2-BpGWK7yq31201gZbvNd0A_XM_y4wLr66AK2yuPbtNEQza1u0UwA2cMMQwGlnOskbY0ZiJemGaAqCp2EL17GtwxV5kqevqWOuLLewPYqpuvUGqZyOxjMnW9AkGOl470tHgitUMmz4hvHBldisCb3-dNaWdeIe7LLi2L_w9Z9BTn8Q7pXItvyiStX6rEYsXy3G-lkIwvurK3iB3u_3ZaFByb9sZ0CuLwUPHTBM6x9oAfxac_FXAjgZZb3m6fmiyjg-U2jEf7eAu5Jl3ZKdTvC0alp-xLNC39pZR6iPZ89BTH0vEYZwR49WvXO-hK74IjuQRIgNrBxTapPvSxQ8VyajXATvkelIxeIwSfWEf5jG-x9PRD8Uc5wxDcHhuJPFmL_Snr3mTQA231UGQnnpntL1OlHp2ETI6BnMXRGKeYe95gNcPTUyyUjoX-AnAs8JjpwSksC1-DueeJeEDj6cFYynaFq3I_0gJnQtW6Z0K9jT8rgZNMinSapljmeaHjlNgT-cTaann3F8hPRJI2LmhHV4_bunf_7GLQEZg0w8H_E0SEJXrR3YQgw2ouQZI_afBO6f6ILL3f4joulL2-2kRa_yjzL90IpsUWTfUPNEFM_DCymjxKlzEc2ydaVF0vg_09roHLgQTiYQtXzkZu1YxbNz1MxrbQ5pBSqEMJ2YDACBvySNjl7ZCEn232NQC-1cixMmkt-CgQfZjIZ0K7u-unxdhAhVLG8RTgkxbnR_0NmZcnHz7I8vrJUNWkR9HD1TtBANr8zbDzqaE2U6iPL6ebSprD0ThCkU7_NihMdGU7ufR7-JonIIE6umQ_O_agYuXtYvGOTlc9_aoTT640PpCKGC5R_c
142.250.74.2204 No Content 0 B URL GET HTTP/3 pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230426&jk=4194941067074356&bg=!CgmlCV3NAAb9Sbh13Uk7ADkAdvg8WpXkUymdAG0is0-J0Nusq7PTb401fFkY-XiTjaN-MMlcjjerl56RL9yScfTqqS_KJLyfAGMCAAAAq1IAAAAGaAEHmQKNka6ZIYUhTjYvq2-BpGWK7yq31201gZbvNd0A_XM_y4wLr66AK2yuPbtNEQza1u0UwA2cMMQwGlnOskbY0ZiJemGaAqCp2EL17GtwxV5kqevqWOuLLewPYqpuvUGqZyOxjMnW9AkGOl470tHgitUMmz4hvHBldisCb3-dNaWdeIe7LLi2L_w9Z9BTn8Q7pXItvyiStX6rEYsXy3G-lkIwvurK3iB3u_3ZaFByb9sZ0CuLwUPHTBM6x9oAfxac_FXAjgZZb3m6fmiyjg-U2jEf7eAu5Jl3ZKdTvC0alp-xLNC39pZR6iPZ89BTH0vEYZwR49WvXO-hK74IjuQRIgNrBxTapPvSxQ8VyajXATvkelIxeIwSfWEf5jG-x9PRD8Uc5wxDcHhuJPFmL_Snr3mTQA231UGQnnpntL1OlHp2ETI6BnMXRGKeYe95gNcPTUyyUjoX-AnAs8JjpwSksC1-DueeJeEDj6cFYynaFq3I_0gJnQtW6Z0K9jT8rgZNMinSapljmeaHjlNgT-cTaann3F8hPRJI2LmhHV4_bunf_7GLQEZg0w8H_E0SEJXrR3YQgw2ouQZI_afBO6f6ILL3f4joulL2-2kRa_yjzL90IpsUWTfUPNEFM_DCymjxKlzEc2ydaVF0vg_09roHLgQTiYQtXzkZu1YxbNz1MxrbQ5pBSqEMJ2YDACBvySNjl7ZCEn232NQC-1cixMmkt-CgQfZjIZ0K7u-unxdhAhVLG8RTgkxbnR_0NmZcnHz7I8vrJUNWkR9HD1TtBANr8zbDzqaE2U6iPL6ebSprD0ThCkU7_NihMdGU7ufR7-JonIIE6umQ_O_agYuXtYvGOTlc9_aoTT640PpCKGC5R_c
IP 142.250.74.2:443
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint09:1D:A9:AE:08:E0:55:47:86:0B:F7:70:DB:E9:AC:C4:2F:DE:19:E7
ValidityMon, 03 Apr 2023 08:16:10 GMT - Mon, 26 Jun 2023 08:16:09 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230426&jk=4194941067074356&bg=!CgmlCV3NAAb9Sbh13Uk7ADkAdvg8WpXkUymdAG0is0-J0Nusq7PTb401fFkY-XiTjaN-MMlcjjerl56RL9yScfTqqS_KJLyfAGMCAAAAq1IAAAAGaAEHmQKNka6ZIYUhTjYvq2-BpGWK7yq31201gZbvNd0A_XM_y4wLr66AK2yuPbtNEQza1u0UwA2cMMQwGlnOskbY0ZiJemGaAqCp2EL17GtwxV5kqevqWOuLLewPYqpuvUGqZyOxjMnW9AkGOl470tHgitUMmz4hvHBldisCb3-dNaWdeIe7LLi2L_w9Z9BTn8Q7pXItvyiStX6rEYsXy3G-lkIwvurK3iB3u_3ZaFByb9sZ0CuLwUPHTBM6x9oAfxac_FXAjgZZb3m6fmiyjg-U2jEf7eAu5Jl3ZKdTvC0alp-xLNC39pZR6iPZ89BTH0vEYZwR49WvXO-hK74IjuQRIgNrBxTapPvSxQ8VyajXATvkelIxeIwSfWEf5jG-x9PRD8Uc5wxDcHhuJPFmL_Snr3mTQA231UGQnnpntL1OlHp2ETI6BnMXRGKeYe95gNcPTUyyUjoX-AnAs8JjpwSksC1-DueeJeEDj6cFYynaFq3I_0gJnQtW6Z0K9jT8rgZNMinSapljmeaHjlNgT-cTaann3F8hPRJI2LmhHV4_bunf_7GLQEZg0w8H_E0SEJXrR3YQgw2ouQZI_afBO6f6ILL3f4joulL2-2kRa_yjzL90IpsUWTfUPNEFM_DCymjxKlzEc2ydaVF0vg_09roHLgQTiYQtXzkZu1YxbNz1MxrbQ5pBSqEMJ2YDACBvySNjl7ZCEn232NQC-1cixMmkt-CgQfZjIZ0K7u-unxdhAhVLG8RTgkxbnR_0NmZcnHz7I8vrJUNWkR9HD1TtBANr8zbDzqaE2U6iPL6ebSprD0ThCkU7_NihMdGU7ufR7-JonIIE6umQ_O_agYuXtYvGOTlc9_aoTT640PpCKGC5R_c HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: pagead2.googlesyndication.com
Connection: keep-alive
Referer: https://letsupload.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 30 Apr 2023 12:45:57 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
rderstartirrelea.info/popunder.gif
172.67.150.82200 OK 35 B URL GET HTTP/2 rderstartirrelea.info/popunder.gif
IP 172.67.150.82:443
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerLet's Encrypt
Subjectrderstartirrelea.info
FingerprintD3:09:62:BD:A0:9D:01:24:84:90:25:50:BC:51:D6:38:8D:84:DA:C0
ValidityThu, 27 Apr 2023 07:33:02 GMT - Wed, 26 Jul 2023 07:33:01 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /popunder.gif HTTP/1.1
Host: rderstartirrelea.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 30 Apr 2023 12:45:55 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 14627
last-modified: Sun, 30 Apr 2023 08:42:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sqzq9o6bqxvoIAUZNX3hVltjWquMxmsfZnnftsjBjFcaGImnz8Kew207v4TGiDlx%2FpVgiKJr0EVqMpUTMznoa1d9ll3IIfF2UFFrD0W5rcxzLzQxNFcE63Ak30RnkbJ1EvE28kcK%2Bxg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7bffe2772b310b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S721736581%3A1682858756145549&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneHXjdp3E6xqZESM_jz7lFgs8DDVPYEcw0MEMJY_5V6xYXODyu1HPDiJfNrAQxKhIYQBlmSN&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
142.250.74.77403 Forbidden 0 B URL GET HTTP/3 accounts.google.com/v3/signin/identifier?dsh=S721736581%3A1682858756145549&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneHXjdp3E6xqZESM_jz7lFgs8DDVPYEcw0MEMJY_5V6xYXODyu1HPDiJfNrAQxKhIYQBlmSN&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
IP 142.250.74.77:443
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintD5:3A:80:A6:03:B0:E4:36:0E:46:7B:36:45:CB:50:4C:D6:98:CE:59
ValidityMon, 03 Apr 2023 08:17:58 GMT - Mon, 26 Jun 2023 08:17:57 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/signin/identifier?dsh=S721736581%3A1682858756145549&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneHXjdp3E6xqZESM_jz7lFgs8DDVPYEcw0MEMJY_5V6xYXODyu1HPDiJfNrAQxKhIYQBlmSN&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://letsupload.io/
Alt-Used: accounts.google.com
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 30 Apr 2023 12:45:56 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-PJIL4Jhv4F2b4U2gOgxPrQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi/external"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
adservice.google.com/adsid/integrator.js?domain=letsupload.io
216.58.207.226200 OK 107 B URL GET HTTP/2 adservice.google.com/adsid/integrator.js?domain=letsupload.io
IP 216.58.207.226:443
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintD5:3A:80:A6:03:B0:E4:36:0E:46:7B:36:45:CB:50:4C:D6:98:CE:59
ValidityMon, 03 Apr 2023 08:17:58 GMT - Mon, 26 Jun 2023 08:17:57 GMT
File type ASCII text, with no line terminators
Hash daff491788f28afec3764faf89d266ae
02a67a772a3cf5e9453f7acf90b83433d8e7e6cb
630294b2b14115944c2cf694b2e508a165f7e8461279597b3d570b7691587559
GET /adsid/integrator.js?domain=letsupload.io HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 30 Apr 2023 12:45:56 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=letsupload.io
142.250.74.130200 OK 107 B URL GET HTTP/2 adservice.google.no/adsid/integrator.js?domain=letsupload.io
IP 142.250.74.130:443
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerGoogle Trust Services LLC
Subject*.google.no
FingerprintA5:D0:38:67:8E:62:86:24:29:BC:82:07:2E:29:1E:0B:C8:29:09:29
ValidityMon, 03 Apr 2023 08:27:03 GMT - Mon, 26 Jun 2023 08:27:02 GMT
File type ASCII text, with no line terminators
Hash daff491788f28afec3764faf89d266ae
02a67a772a3cf5e9453f7acf90b83433d8e7e6cb
630294b2b14115944c2cf694b2e508a165f7e8461279597b3d570b7691587559
GET /adsid/integrator.js?domain=letsupload.io HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 30 Apr 2023 12:45:56 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
letsupload.io/themes/spirit/assets/frontend/js/datepicker.js
31.43.191.130200 OK 21 kB URL GET HTTP/2 letsupload.io/themes/spirit/assets/frontend/js/datepicker.js
IP 31.43.191.130:443
ASN #210848 Telkom Internet LTD
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerLet's Encrypt
Subjectletsupload.io
FingerprintBB:80:28:EB:B1:2B:43:88:AC:AD:B5:84:B8:AD:A9:0E:6C:4A:D8:58
ValidityThu, 09 Mar 2023 23:03:42 GMT - Wed, 07 Jun 2023 23:03:41 GMT
File type ASCII text, with very long lines (12692), with CRLF line terminators
Hash 8cfe207a6a21c7495cfb751c761217a6
35d686a6c4ecc9946c35444ce93e110cb0e1611c
804e3c2608de23694fa71684178e2f9815115d56ee022ec770e1fcb208847acc
GET /themes/spirit/assets/frontend/js/datepicker.js HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Cookie: filehosting=cfnnltulgfv5bnk59hehjca8r9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 30 Apr 2023 12:45:55 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 28 Sep 2020 20:26:40 GMT
vary: Accept-Encoding
etag: W/"5f724700-51ef"
server: Litespeed
expires: Tue, 30 May 2023 12:45:55 GMT
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
content-encoding: br
X-Firefox-Spdy: h2
letsupload.io/themes/spirit/assets/frontend/js/smooth-scroll.min.js
31.43.191.130200 OK 6.0 kB URL GET HTTP/2 letsupload.io/themes/spirit/assets/frontend/js/smooth-scroll.min.js
IP 31.43.191.130:443
ASN #210848 Telkom Internet LTD
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerLet's Encrypt
Subjectletsupload.io
FingerprintBB:80:28:EB:B1:2B:43:88:AC:AD:B5:84:B8:AD:A9:0E:6C:4A:D8:58
ValidityThu, 09 Mar 2023 23:03:42 GMT - Wed, 07 Jun 2023 23:03:41 GMT
File type ASCII text, with very long lines (6159), with no line terminators
Hash fead0f6603170c104aac9a72bce15731
6919006cff847bd1992c681f103969288f5ae379
4b2a41b80260db770fac0a823d349cb757d164578b74dcc15281f8f0b1a8e004
GET /themes/spirit/assets/frontend/js/smooth-scroll.min.js HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Cookie: filehosting=cfnnltulgfv5bnk59hehjca8r9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 30 Apr 2023 12:45:55 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 28 Sep 2020 20:26:40 GMT
vary: Accept-Encoding
etag: W/"5f724700-1776"
server: Litespeed
expires: Tue, 30 May 2023 12:45:55 GMT
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
content-encoding: br
X-Firefox-Spdy: h2
letsupload.io/themes/spirit/assets/frontend/js/jquery.steps.min.js
31.43.191.130200 OK 14 kB URL GET HTTP/2 letsupload.io/themes/spirit/assets/frontend/js/jquery.steps.min.js
IP 31.43.191.130:443
ASN #210848 Telkom Internet LTD
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerLet's Encrypt
Subjectletsupload.io
FingerprintBB:80:28:EB:B1:2B:43:88:AC:AD:B5:84:B8:AD:A9:0E:6C:4A:D8:58
ValidityThu, 09 Mar 2023 23:03:42 GMT - Wed, 07 Jun 2023 23:03:41 GMT
File type ASCII text, with very long lines (13686)
Hash 4c5e9f4e84d32b7df69af7420b355e03
14e1e287ec98e8cc0a992ee996783b0c42f9ec0f
c9459a9e11e4c63fb7a30d2a644e80b733fc9599302ef3da8142cbe8f9d9333d
GET /themes/spirit/assets/frontend/js/jquery.steps.min.js HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Cookie: filehosting=cfnnltulgfv5bnk59hehjca8r9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 30 Apr 2023 12:45:55 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 28 Sep 2020 20:26:40 GMT
vary: Accept-Encoding
etag: W/"5f724700-3621"
server: Litespeed
expires: Tue, 30 May 2023 12:45:55 GMT
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
content-encoding: br
X-Firefox-Spdy: h2
letsupload.io/themes/spirit/assets/frontend/css/custom.css
31.43.191.130200 OK 8.9 kB URL GET HTTP/2 letsupload.io/themes/spirit/assets/frontend/css/custom.css
IP 31.43.191.130:443
ASN #210848 Telkom Internet LTD
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerLet's Encrypt
Subjectletsupload.io
FingerprintBB:80:28:EB:B1:2B:43:88:AC:AD:B5:84:B8:AD:A9:0E:6C:4A:D8:58
ValidityThu, 09 Mar 2023 23:03:42 GMT - Wed, 07 Jun 2023 23:03:41 GMT
File type ASCII text, with very long lines (9784), with no line terminators
Hash 05c547ff94e3fe3517713e92874604ed
1363de852b9bf75de8b703c0dad45551022fdeef
de405ccac2edb7ce793ead535d9ad1eb7e613c4980c74218a714ab1117037b5f
GET /themes/spirit/assets/frontend/css/custom.css HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Cookie: filehosting=cfnnltulgfv5bnk59hehjca8r9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 30 Apr 2023 12:45:55 GMT
content-type: text/css
last-modified: Thu, 04 Feb 2021 22:28:50 GMT
vary: Accept-Encoding
etag: W/"601c7522-22e8"
server: Litespeed
expires: Tue, 30 May 2023 12:45:55 GMT
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
content-encoding: br
X-Firefox-Spdy: h2
letsupload.io/themes/spirit/assets/frontend/js/jquery.dataTables.min.js
31.43.191.130200 OK 70 kB URL GET HTTP/2 letsupload.io/themes/spirit/assets/frontend/js/jquery.dataTables.min.js
IP 31.43.191.130:443
ASN #210848 Telkom Internet LTD
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerLet's Encrypt
Subjectletsupload.io
FingerprintBB:80:28:EB:B1:2B:43:88:AC:AD:B5:84:B8:AD:A9:0E:6C:4A:D8:58
ValidityThu, 09 Mar 2023 23:03:42 GMT - Wed, 07 Jun 2023 23:03:41 GMT
File type ASCII text, with very long lines (768)
Hash 737f853e9fd6a31d62f5028e88663c9f
cf144f2ab49f53a69fbfe10d3588fc23437d2736
6c3ca64b7acfdd29b3ca6f1b9b46696369abd462d4546182085c347f72211841
GET /themes/spirit/assets/frontend/js/jquery.dataTables.min.js HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Cookie: filehosting=cfnnltulgfv5bnk59hehjca8r9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 30 Apr 2023 12:45:55 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 28 Sep 2020 20:26:40 GMT
vary: Accept-Encoding
etag: W/"5f724700-10fe4"
server: Litespeed
expires: Tue, 30 May 2023 12:45:55 GMT
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
content-encoding: br
X-Firefox-Spdy: h2
letsupload.io/themes/spirit/assets/frontend/js/flickity.min.js
31.43.191.130200 OK 54 kB URL GET HTTP/2 letsupload.io/themes/spirit/assets/frontend/js/flickity.min.js
IP 31.43.191.130:443
ASN #210848 Telkom Internet LTD
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerLet's Encrypt
Subjectletsupload.io
FingerprintBB:80:28:EB:B1:2B:43:88:AC:AD:B5:84:B8:AD:A9:0E:6C:4A:D8:58
ValidityThu, 09 Mar 2023 23:03:42 GMT - Wed, 07 Jun 2023 23:03:41 GMT
File type ASCII text, with very long lines (32032)
Hash 81a84001ccd9bdd589d1b4f187311b15
5cdf8cb0d97b5b16a5f812e1541ad387a7cb8af5
5a28889b1faf91d12eeb5b5d173c50135eefd7fdc29a951b365340cf473bd9b2
GET /themes/spirit/assets/frontend/js/flickity.min.js HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Cookie: filehosting=cfnnltulgfv5bnk59hehjca8r9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 30 Apr 2023 12:45:55 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 28 Sep 2020 20:26:40 GMT
vary: Accept-Encoding
etag: W/"5f724700-d265"
server: Litespeed
expires: Tue, 30 May 2023 12:45:55 GMT
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
content-encoding: br
X-Firefox-Spdy: h2
letsupload.io/themes/spirit/assets/frontend/js/scripts.js
31.43.191.130200 OK 112 kB URL GET HTTP/2 letsupload.io/themes/spirit/assets/frontend/js/scripts.js
IP 31.43.191.130:443
ASN #210848 Telkom Internet LTD
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerLet's Encrypt
Subjectletsupload.io
FingerprintBB:80:28:EB:B1:2B:43:88:AC:AD:B5:84:B8:AD:A9:0E:6C:4A:D8:58
ValidityThu, 09 Mar 2023 23:03:42 GMT - Wed, 07 Jun 2023 23:03:41 GMT
File type ASCII text, with very long lines (914)
Size 112 kB (111905 bytes)
Hash ccd6c308b2b8e36ae154d7bacea4240d
f7d2f7195150771246dd599dbb4ff3bc2f0f2179
fc2a8bf60f1e7577697c0b457c01aeeecfd2b18ea68c93e2d374bf6d95fbe7a0
GET /themes/spirit/assets/frontend/js/scripts.js HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Cookie: filehosting=cfnnltulgfv5bnk59hehjca8r9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 30 Apr 2023 12:45:55 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 14 Oct 2020 22:17:02 GMT
vary: Accept-Encoding
etag: W/"5f8778de-1b521"
server: Litespeed
expires: Tue, 30 May 2023 12:45:55 GMT
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
content-encoding: br
X-Firefox-Spdy: h2
letsupload.io/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js
31.43.191.130200 OK 87 kB URL GET HTTP/2 letsupload.io/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js
IP 31.43.191.130:443
ASN #210848 Telkom Internet LTD
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerLet's Encrypt
Subjectletsupload.io
FingerprintBB:80:28:EB:B1:2B:43:88:AC:AD:B5:84:B8:AD:A9:0E:6C:4A:D8:58
ValidityThu, 09 Mar 2023 23:03:42 GMT - Wed, 07 Jun 2023 23:03:41 GMT
File type ASCII text, with very long lines (32030)
Hash e071abda8fe61194711cfc2ab99fe104
f647a6d37dc4ca055ced3cf64bbc1f490070acba
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
GET /themes/spirit/assets/frontend/js/jquery-3.1.1.min.js HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Cookie: filehosting=cfnnltulgfv5bnk59hehjca8r9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 30 Apr 2023 12:45:55 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 28 Sep 2020 20:26:40 GMT
vary: Accept-Encoding
etag: W/"5f724700-152b5"
server: Litespeed
expires: Tue, 30 May 2023 12:45:55 GMT
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
content-encoding: br
X-Firefox-Spdy: h2
letsupload.io/themes/spirit/assets/frontend/js/countdown.min.js
31.43.191.130200 OK 5.3 kB URL GET HTTP/2 letsupload.io/themes/spirit/assets/frontend/js/countdown.min.js
IP 31.43.191.130:443
ASN #210848 Telkom Internet LTD
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerLet's Encrypt
Subjectletsupload.io
FingerprintBB:80:28:EB:B1:2B:43:88:AC:AD:B5:84:B8:AD:A9:0E:6C:4A:D8:58
ValidityThu, 09 Mar 2023 23:03:42 GMT - Wed, 07 Jun 2023 23:03:41 GMT
File type ASCII text, with very long lines (5465), with no line terminators
Hash 0b3c9d3b99e7706b9c4bfe81939d5bb9
88d1fe7e60e7abeeeb7a05c362e23404a94f5e68
661e2d380688330acf43647d2eebca43fc0a2b246259352a04edfd7ff44fd0f4
GET /themes/spirit/assets/frontend/js/countdown.min.js HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Cookie: filehosting=cfnnltulgfv5bnk59hehjca8r9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 30 Apr 2023 12:45:55 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 28 Sep 2020 20:26:40 GMT
vary: Accept-Encoding
etag: W/"5f724700-14db"
server: Litespeed
expires: Tue, 30 May 2023 12:45:55 GMT
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
content-encoding: br
X-Firefox-Spdy: h2
letsupload.io/themes/spirit/assets/frontend/css/flickity.css
31.43.191.130200 OK 2.4 kB URL GET HTTP/2 letsupload.io/themes/spirit/assets/frontend/css/flickity.css
IP 31.43.191.130:443
ASN #210848 Telkom Internet LTD
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerLet's Encrypt
Subjectletsupload.io
FingerprintBB:80:28:EB:B1:2B:43:88:AC:AD:B5:84:B8:AD:A9:0E:6C:4A:D8:58
ValidityThu, 09 Mar 2023 23:03:42 GMT - Wed, 07 Jun 2023 23:03:41 GMT
File type ASCII text, with very long lines (2521), with no line terminators
Hash f7d0ff608f4f2bd30033615cbce87767
0d8260946fa5f9fd1ab494ba33eb8fc915daebfb
45d3ef2e59c0e1b51f52ef39008118ca54d9e72e6f46950f4d3f16547475f5e4
GET /themes/spirit/assets/frontend/css/flickity.css HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Cookie: filehosting=cfnnltulgfv5bnk59hehjca8r9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 30 Apr 2023 12:45:55 GMT
content-type: text/css
last-modified: Mon, 28 Sep 2020 20:26:44 GMT
vary: Accept-Encoding
etag: W/"5f724704-958"
server: Litespeed
expires: Tue, 30 May 2023 12:45:55 GMT
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
content-encoding: br
X-Firefox-Spdy: h2
letsupload.io/themes/spirit/assets/frontend/js/granim.min.js
31.43.191.130200 OK 11 kB URL GET HTTP/2 letsupload.io/themes/spirit/assets/frontend/js/granim.min.js
IP 31.43.191.130:443
ASN #210848 Telkom Internet LTD
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerLet's Encrypt
Subjectletsupload.io
FingerprintBB:80:28:EB:B1:2B:43:88:AC:AD:B5:84:B8:AD:A9:0E:6C:4A:D8:58
ValidityThu, 09 Mar 2023 23:03:42 GMT - Wed, 07 Jun 2023 23:03:41 GMT
File type ASCII text, with very long lines (10573)
Hash 2c16a9a724563fc0c306abb5bdeb03fe
90c2032537714e66059a3eaa150b93f3c9c80163
997a15cf01d5118cb0106587f441c32de2074c8dc12d85cf7c7dc430e2ee342e
GET /themes/spirit/assets/frontend/js/granim.min.js HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Cookie: filehosting=cfnnltulgfv5bnk59hehjca8r9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 30 Apr 2023 12:45:55 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 28 Sep 2020 20:26:40 GMT
vary: Accept-Encoding
etag: W/"5f724700-298a"
server: Litespeed
expires: Tue, 30 May 2023 12:45:55 GMT
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
content-encoding: br
X-Firefox-Spdy: h2
rderstartirrelea.info/Y2VOSE1MWi07cC0PKiQeUCgPCRsHURw/FCAwBiQPIhJ3LChTJGg8JAdYd3h1UVx9bj0KAXN5axARLzw4EFh9eH1SQycmKwxYfnh9UkM4dXxNVnpmflFLfG44XlR8cX1aUXh5flZQfXB+U1RoPD0CAnN5axMROiRwUlN2enVWXXl9e1BQeg
172.67.150.82204 No Content 0 B URL POST HTTP/3 rderstartirrelea.info/Y2VOSE1MWi07cC0PKiQeUCgPCRsHURw/FCAwBiQPIhJ3LChTJGg8JAdYd3h1UVx9bj0KAXN5axARLzw4EFh9eH1SQycmKwxYfnh9UkM4dXxNVnpmflFLfG44XlR8cX1aUXh5flZQfXB+U1RoPD0CAnN5axMROiRwUlN2enVWXXl9e1BQeg
IP 172.67.150.82:443
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerLet's Encrypt
Subjectrderstartirrelea.info
FingerprintD3:09:62:BD:A0:9D:01:24:84:90:25:50:BC:51:D6:38:8D:84:DA:C0
ValidityThu, 27 Apr 2023 07:33:02 GMT - Wed, 26 Jul 2023 07:33:01 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /Y2VOSE1MWi07cC0PKiQeUCgPCRsHURw/FCAwBiQPIhJ3LChTJGg8JAdYd3h1UVx9bj0KAXN5axARLzw4EFh9eH1SQycmKwxYfnh9UkM4dXxNVnpmflFLfG44XlR8cX1aUXh5flZQfXB+U1RoPD0CAnN5axMROiRwUlN2enVWXXl9e1BQeg HTTP/1.1
Host: rderstartirrelea.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://letsupload.io
Alt-Used: rderstartirrelea.info
Connection: keep-alive
Referer: https://letsupload.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/3 204 No Content
date: Sun, 30 Apr 2023 12:45:56 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6QDOXWurOmDoEVz46LSrxJx4ByNhitJNxOMPbYm7vtvxSUvh7xCN6h4xj4Vx4dimK133wKS%2Bn0a8%2FGKlm3rGI0VReEEVy0agrbbqIeD0n7MpdZrsoqGGjUnRU56ksn2GPVFTdjLYW4k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7bffe27c4b92b4f1-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
letsupload.io/js/adsx.js
31.43.191.130200 OK 151 B IP 31.43.191.130:443
ASN #210848 Telkom Internet LTD
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerLet's Encrypt
Subjectletsupload.io
FingerprintBB:80:28:EB:B1:2B:43:88:AC:AD:B5:84:B8:AD:A9:0E:6C:4A:D8:58
ValidityThu, 09 Mar 2023 23:03:42 GMT - Wed, 07 Jun 2023 23:03:41 GMT
File type ASCII text, with no line terminators
Hash aab9ea683a3030df40c9652718db96de
9ae683397b0331ef48d7a3a7f4107fc8ad541d54
3e5b8711610ceef5eee4252c2de8949a3318c1badbd9eb270b952cb9a3a1ba26
GET /js/adsx.js HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Cookie: filehosting=cfnnltulgfv5bnk59hehjca8r9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, no-cache
date: Sun, 30 Apr 2023 12:45:55 GMT
server: Litespeed
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2.js
216.58.207.193200 OK 17 kB URL GET HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 216.58.207.193:443
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerGoogle Trust Services LLC
Subjecttpc.googlesyndication.com
FingerprintFA:BE:2D:1E:F9:2F:85:0D:1C:53:23:E1:8F:CB:37:95:4E:97:B5:6F
ValidityMon, 03 Apr 2023 08:24:19 GMT - Mon, 26 Jun 2023 08:24:18 GMT
File type ASCII text, with very long lines (1321)
Hash 2cc87e9764aebcbbf36ff2061e6a2793
b4f2ffdf4c695aa79f0e63651c18a88729c2407b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Sun, 30 Apr 2023 12:45:56 GMT
expires: Sun, 30 Apr 2023 12:45:56 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
letsupload.io/themes/spirit/assets/frontend/css/font-awesome.min.css
31.43.191.130200 OK 59 kB URL GET HTTP/2 letsupload.io/themes/spirit/assets/frontend/css/font-awesome.min.css
IP 31.43.191.130:443
ASN #210848 Telkom Internet LTD
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerLet's Encrypt
Subjectletsupload.io
FingerprintBB:80:28:EB:B1:2B:43:88:AC:AD:B5:84:B8:AD:A9:0E:6C:4A:D8:58
ValidityThu, 09 Mar 2023 23:03:42 GMT - Wed, 07 Jun 2023 23:03:41 GMT
File type ASCII text, with very long lines (58929)
Hash 66e407beb68fdbb8bacd87d91ddf7829
5ed55601e30871fb757dc4b78a40a432f9a3600b
eb98a660b34391ce502005c6b8553af83defcf0832489134efb499498051d1d9
GET /themes/spirit/assets/frontend/css/font-awesome.min.css HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Cookie: filehosting=cfnnltulgfv5bnk59hehjca8r9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 30 Apr 2023 12:45:55 GMT
content-type: text/css
last-modified: Mon, 28 Sep 2020 20:26:44 GMT
vary: Accept-Encoding
etag: W/"5f724704-e6eb"
server: Litespeed
expires: Tue, 30 May 2023 12:45:55 GMT
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
content-encoding: br
X-Firefox-Spdy: h2
pogothere.xyz/
188.114.97.1200 OK 27 B IP 188.114.97.1:443
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 71c3dc9a017ca685a364d9c4c8d4630c
b34c612b55b46d2ab22e5bc48fe883f5d16cef3d
8717ac6bd5793d2e893e7f2edfe72a69fb5af61f366c8bb904c8dfb163003916
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://letsupload.io/
Origin: https://letsupload.io
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 30 Apr 2023 12:45:56 GMT
content-type: text/plain
set-cookie: csu=1290946135538301@1@1682858756; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://letsupload.io
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ht6RJEGlszNfVm1ihlYW%2FH4Xm27TGIMLiFwxsGozd%2BFlfqWvyILyGUGEdHfMLp0fRYUbrETzw2xDWo95Mp1BQrb5l720Dz5TZ5qYHep%2BF5XAdmH2l8j8lF13VQFyQ7%2Fc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7bffe2798dbc0b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
letsupload.io/themes/spirit/assets/frontend/js/typed.min.js
31.43.191.130200 OK 3.9 kB URL GET HTTP/2 letsupload.io/themes/spirit/assets/frontend/js/typed.min.js
IP 31.43.191.130:443
ASN #210848 Telkom Internet LTD
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerLet's Encrypt
Subjectletsupload.io
FingerprintBB:80:28:EB:B1:2B:43:88:AC:AD:B5:84:B8:AD:A9:0E:6C:4A:D8:58
ValidityThu, 09 Mar 2023 23:03:42 GMT - Wed, 07 Jun 2023 23:03:41 GMT
File type ASCII text, with very long lines (4016), with no line terminators
Hash 774397f3c0e528c9236aa2aa52e7f00d
8827256327d046805954084e9b5002247e073ceb
d2b259a9bb83973272b1e93c242646451df16bc3860ac6c8f3689df92ad98140
GET /themes/spirit/assets/frontend/js/typed.min.js HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Cookie: filehosting=cfnnltulgfv5bnk59hehjca8r9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 30 Apr 2023 12:45:55 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 28 Sep 2020 20:26:40 GMT
vary: Accept-Encoding
etag: W/"5f724700-f6d"
server: Litespeed
expires: Tue, 30 May 2023 12:45:55 GMT
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
content-encoding: br
X-Firefox-Spdy: h2
letsupload.io/themes/spirit/assets/frontend/css/jquery.steps.css
31.43.191.130200 OK 5.6 kB URL GET HTTP/2 letsupload.io/themes/spirit/assets/frontend/css/jquery.steps.css
IP 31.43.191.130:443
ASN #210848 Telkom Internet LTD
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerLet's Encrypt
Subjectletsupload.io
FingerprintBB:80:28:EB:B1:2B:43:88:AC:AD:B5:84:B8:AD:A9:0E:6C:4A:D8:58
ValidityThu, 09 Mar 2023 23:03:42 GMT - Wed, 07 Jun 2023 23:03:41 GMT
File type ASCII text, with very long lines (6021), with no line terminators
Hash e397b8ef00fd38c0c06b0b02a0b3da18
12e895e75ac68778207a4e94f0e16733bd7f9d5f
f561f7cae560289622c158b482be69b2c6e3805ae7e3ca21bee9a8e94f2b069f
GET /themes/spirit/assets/frontend/css/jquery.steps.css HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Cookie: filehosting=cfnnltulgfv5bnk59hehjca8r9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 30 Apr 2023 12:45:55 GMT
content-type: text/css
last-modified: Mon, 28 Sep 2020 20:26:44 GMT
vary: Accept-Encoding
etag: W/"5f724704-1606"
server: Litespeed
expires: Tue, 30 May 2023 12:45:55 GMT
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
content-encoding: br
X-Firefox-Spdy: h2
letsupload.io/themes/spirit/assets/frontend/css/bootstrap.min.css
31.43.191.130200 OK 77 kB URL GET HTTP/2 letsupload.io/themes/spirit/assets/frontend/css/bootstrap.min.css
IP 31.43.191.130:443
ASN #210848 Telkom Internet LTD
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerLet's Encrypt
Subjectletsupload.io
FingerprintBB:80:28:EB:B1:2B:43:88:AC:AD:B5:84:B8:AD:A9:0E:6C:4A:D8:58
ValidityThu, 09 Mar 2023 23:03:42 GMT - Wed, 07 Jun 2023 23:03:41 GMT
File type ASCII text, with very long lines (65324)
Hash bc48830f50049b0cbbe3dd417755a347
e5cdb6545f9b4bce4eeda78f64a714e2de4d0e09
7d56baeec9679114562cdc56d3f28cb9a43263cada11b1f64809851e7a8b1419
GET /themes/spirit/assets/frontend/css/bootstrap.min.css HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Cookie: filehosting=cfnnltulgfv5bnk59hehjca8r9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 30 Apr 2023 12:45:55 GMT
content-type: text/css
last-modified: Mon, 28 Sep 2020 20:26:44 GMT
vary: Accept-Encoding
etag: W/"5f724704-12c75"
server: Litespeed
expires: Tue, 30 May 2023 12:45:55 GMT
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
content-encoding: br
X-Firefox-Spdy: h2
letsupload.io/themes/spirit/assets/frontend/css/iconsmind.css
31.43.191.130200 OK 96 kB URL GET HTTP/2 letsupload.io/themes/spirit/assets/frontend/css/iconsmind.css
IP 31.43.191.130:443
ASN #210848 Telkom Internet LTD
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerLet's Encrypt
Subjectletsupload.io
FingerprintBB:80:28:EB:B1:2B:43:88:AC:AD:B5:84:B8:AD:A9:0E:6C:4A:D8:58
ValidityThu, 09 Mar 2023 23:03:42 GMT - Wed, 07 Jun 2023 23:03:41 GMT
Hash 39aa385af1cfd640bac73a09de3ac9fe
6d17dff21d04138cd8ab3ef9dfe1eae79994834c
0909de268b3276cb7464acb2f86701f62974a893dd374312908a3f8efc363438
GET /themes/spirit/assets/frontend/css/iconsmind.css HTTP/1.1
Host: letsupload.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Cookie: filehosting=cfnnltulgfv5bnk59hehjca8r9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 30 Apr 2023 12:45:55 GMT
content-type: text/css
last-modified: Mon, 28 Sep 2020 20:26:44 GMT
vary: Accept-Encoding
etag: W/"5f724704-178bf"
server: Litespeed
expires: Tue, 30 May 2023 12:45:55 GMT
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/icon?family=Material+Icons
142.250.74.106200 OK 565 B URL GET HTTP/2 fonts.googleapis.com/icon?family=Material+Icons
IP 142.250.74.106:443
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT
File type ASCII text, with very long lines (588), with no line terminators
Hash bdcf60bde5544e1017e1f2e60888a9c7
6fb24309b7ff90c1c99d19c0c7a127a16508840e
d701601406acfca6bfc0c58b411446e3e0e96c659f35c143355d3dd72c390952
GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letsupload.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 30 Apr 2023 12:45:55 GMT
date: Sun, 30 Apr 2023 12:45:55 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneFLqyG4_riks2R7opj96CoayEVilotABERKKtumGHIiNZfwwaKnDPnpy7uaR0aUoDZse-J2
142.250.74.77302 Found 0 B URL GET HTTP/2 accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneFLqyG4_riks2R7opj96CoayEVilotABERKKtumGHIiNZfwwaKnDPnpy7uaR0aUoDZse-J2
IP 142.250.74.77:443
Requested by https://letsupload.io/4EFv8/Shadows.of.Doubt.Build.11115953.zip
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint96:EA:93:42:16:A6:B8:80:16:85:0B:B3:67:3A:BA:43:A8:41:32:23
ValidityMon, 03 Apr 2023 08:25:08 GMT - Mon, 26 Jun 2023 08:25:07 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneFLqyG4_riks2R7opj96CoayEVilotABERKKtumGHIiNZfwwaKnDPnpy7uaR0aUoDZse-J2 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://letsupload.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 30 Apr 2023 12:45:56 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S721736581%3A1682858756145549&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneHXjdp3E6xqZESM_jz7lFgs8DDVPYEcw0MEMJY_5V6xYXODyu1HPDiJfNrAQxKhIYQBlmSN&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: script-src 'nonce-GW8dyqnMsMDngVd3nEAn9Q' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 395
server: GSE
set-cookie: __Host-GAPS=1:XIphA4PXfhh4jyvu8xod1dEUaeO3vA:cyTDCEN1qxbTnLi4;Path=/;Expires=Tue, 29-Apr-2025 12:45:56 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2