www.upload-4ever.com/nd6obkxo3h6s/SMS%20Bomber%20[v2]%E2%84%A2.rar
172.67.152.107301 Moved Permanently 0 B URL HTTP/1.1 www.upload-4ever.com/nd6obkxo3h6s/SMS%20Bomber%20[v2]%E2%84%A2.rar
IP 172.67.152.107:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /nd6obkxo3h6s/SMS%20Bomber%20[v2]%E2%84%A2.rar HTTP/1.1
Host: www.upload-4ever.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 02 Feb 2023 20:01:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 02 Feb 2023 21:01:35 GMT
Location: https://www.upload-4ever.com/nd6obkxo3h6s/SMS%20Bomber%20[v2]%E2%84%A2.rar
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ja8IFUs8z6r1F552AaBClu4pAOBBIW70QNd%2BG1gQ8u7RCrVmlWnQfg%2F4sGMZh9Q37fejzNHkl2R%2FxvFxgI0hUt%2BTqZj9jlyFXyePblhG4jc3HJQ0ZiGTG92me8Cw6enQLeYJXNc%2BOg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7935850528f8b506-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4054
Expires: Thu, 02 Feb 2023 21:09:09 GMT
Date: Thu, 02 Feb 2023 20:01:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5400
Expires: Thu, 02 Feb 2023 21:31:35 GMT
Date: Thu, 02 Feb 2023 20:01:35 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 02 Feb 2023 19:43:31 GMT
content-type: application/json
age: 1084
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9a76feabb767086ae0fa54e0ffbf763f
3655d78994a1e9838340669462728b67c8c12e54
bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2322
Expires: Thu, 02 Feb 2023 20:40:17 GMT
Date: Thu, 02 Feb 2023 20:01:35 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: OHGyUnDoUwtoERO3R6wR9eGI5EhzQZTs5GERffi169Lo/FJAiSRfdvpu5/36GSeZRuuZ+T8zAOiTgvWmN5r7mg==
x-amz-request-id: AQNWHFSGNGEB3ZAG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 02 Feb 2023 19:23:14 GMT
age: 2301
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9744c85c18a73fc000609219b9ddaa84
05c2b1e7f972e69bc274b65f3de0e228ef5a69bd
67c6aca21f497c8d15482cd453477e083ecd0c7820eaefd01b7079017ec05995
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6125
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 20:01:35 GMT
Last-Modified: Thu, 02 Feb 2023 18:19:30 GMT
Server: ECS (amb/6BA0)
X-Cache: HIT
Content-Length: 279
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 20:01:35 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9744c85c18a73fc000609219b9ddaa84
05c2b1e7f972e69bc274b65f3de0e228ef5a69bd
67c6aca21f497c8d15482cd453477e083ecd0c7820eaefd01b7079017ec05995
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6126
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 20:01:36 GMT
Last-Modified: Thu, 02 Feb 2023 18:19:30 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 02 Feb 2023 19:07:19 GMT
age: 3257
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
d1j2jv7bvcsxqg.cloudfront.net/?bvjjd=976112
54.230.245.28200 OK 116 kB URL HTTP/2 d1j2jv7bvcsxqg.cloudfront.net/?bvjjd=976112
IP 54.230.245.28:0
File type Unicode text, UTF-8 text, with very long lines (15948)
Size 116 kB (116196 bytes)
Hash 2d0a75687dafbeae50912ccdb3e1476e
21f79a43a225f7c22abac5479c58fea77a455c8f
ae385a1f5f2e68f6a8f63e07e9bcc103a46b4655e7b64a44c97b6cafb435b776
GET /?bvjjd=976112 HTTP/1.1
Host: d1j2jv7bvcsxqg.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 116196
date: Thu, 02 Feb 2023 20:01:36 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qtvsA0-1tw8ikGkZJwtj_v1H6KH5kNC8rder0v7QmaCdDXq7Zji97w==
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fbabb004d48783a2962887b51c8c824e
0b080da4ba8f8cc8d109008b89f2c9682b13b9ea
ac604323056fa6cd8fc07ee3be527a738be3b0dcd72529c84dd53c4677ee11a8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC604323056FA6CD8FC07EE3BE527A738BE3B0DCD72529C84DD53C4677EE11A8"
Last-Modified: Wed, 01 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17117
Expires: Fri, 03 Feb 2023 00:46:53 GMT
Date: Thu, 02 Feb 2023 20:01:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fbabb004d48783a2962887b51c8c824e
0b080da4ba8f8cc8d109008b89f2c9682b13b9ea
ac604323056fa6cd8fc07ee3be527a738be3b0dcd72529c84dd53c4677ee11a8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC604323056FA6CD8FC07EE3BE527A738BE3B0DCD72529C84DD53C4677EE11A8"
Last-Modified: Wed, 01 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17117
Expires: Fri, 03 Feb 2023 00:46:53 GMT
Date: Thu, 02 Feb 2023 20:01:36 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7d9658ab51d515dc13f1c7f42f955b42
0cdcccbd462b02685a2fb7621b7a2b89b89688cf
6166e834b5baf8925b4a5cbe92c65cde09a87910fbe73c3834e1d3ac0409fe1f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "6166E834B5BAF8925B4A5CBE92C65CDE09A87910FBE73C3834E1D3AC0409FE1F"
Last-Modified: Wed, 01 Feb 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21089
Expires: Fri, 03 Feb 2023 01:53:05 GMT
Date: Thu, 02 Feb 2023 20:01:36 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7d9658ab51d515dc13f1c7f42f955b42
0cdcccbd462b02685a2fb7621b7a2b89b89688cf
6166e834b5baf8925b4a5cbe92c65cde09a87910fbe73c3834e1d3ac0409fe1f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "6166E834B5BAF8925B4A5CBE92C65CDE09A87910FBE73C3834E1D3AC0409FE1F"
Last-Modified: Wed, 01 Feb 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21089
Expires: Fri, 03 Feb 2023 01:53:05 GMT
Date: Thu, 02 Feb 2023 20:01:36 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7d9658ab51d515dc13f1c7f42f955b42
0cdcccbd462b02685a2fb7621b7a2b89b89688cf
6166e834b5baf8925b4a5cbe92c65cde09a87910fbe73c3834e1d3ac0409fe1f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "6166E834B5BAF8925B4A5CBE92C65CDE09A87910FBE73C3834E1D3AC0409FE1F"
Last-Modified: Wed, 01 Feb 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21089
Expires: Fri, 03 Feb 2023 01:53:05 GMT
Date: Thu, 02 Feb 2023 20:01:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2718
Expires: Thu, 02 Feb 2023 20:46:54 GMT
Date: Thu, 02 Feb 2023 20:01:36 GMT
Connection: keep-alive
cagothie.net/tag.min.js
139.45.197.238200 OK 25 kB IP 139.45.197.238:0
File type ASCII text, with very long lines (5899), with no line terminators
Hash 4ae22465e77602b5027d3e551849b950
c0f420f33b5ee895a1e0ece37e115947239a1242
23a078378d24426b9d072a83add6cd4425bddf23554f9f13ed5e2d3ea0d8d0e3
GET /tag.min.js HTTP/1.1
Host: cagothie.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 20:01:36 GMT
content-type: text/javascript; charset=utf-8
content-length: 23495
content-encoding: br
x-trace-id: 5ec773184d2eb47a274089816e838b1f
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Wed, 01 Feb 2023 11:04:27 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
racterdeet.com/M2xlQmdSDgYvWFJRB2QSQQBYZ1V1SVcEAwIGVygRBA4TIRRLHQJsBF8DECYBQQMLNkldCRFnVXUAPxUxSjo9CyBwBBI4M2EpKAQKWyAwLil3NiAAI3cbIHQvcTo8BCMLDysALX8ONBsUYhs8NCFfBDMUI1g4JjUtYw8dIStxB1wpMXI9JwcgWys0OiJwIw0uPnUtMDsmRBsBBA5QIC1yKnsiIHoucAsCei9UByAUVVBcMAcTcA8gADFnPTB6L3IpLgA0aTQzczJQJTMmP2U5Ky4/dTokEzVXNDNzMnU8JzozZjoBLyp2Lj0TDgIpMBclcSpUJj9lPUgDDWVdPCk2ATotEVZlDgYHJWUtDSFVdD0VAzZxIiQUMWEvPxcpZTojJgliCygPJnctMAEPAjQ/ODVmOjAmUGIHKBMzAT1DKBRcAhV/AVkCNDVeCxgs
143.204.55.121200 OK 1.2 kB URL HTTP/2 racterdeet.com/M2xlQmdSDgYvWFJRB2QSQQBYZ1V1SVcEAwIGVygRBA4TIRRLHQJsBF8DECYBQQMLNkldCRFnVXUAPxUxSjo9CyBwBBI4M2EpKAQKWyAwLil3NiAAI3cbIHQvcTo8BCMLDysALX8ONBsUYhs8NCFfBDMUI1g4JjUtYw8dIStxB1wpMXI9JwcgWys0OiJwIw0uPnUtMDsmRBsBBA5QIC1yKnsiIHoucAsCei9UByAUVVBcMAcTcA8gADFnPTB6L3IpLgA0aTQzczJQJTMmP2U5Ky4/dTokEzVXNDNzMnU8JzozZjoBLyp2Lj0TDgIpMBclcSpUJj9lPUgDDWVdPCk2ATotEVZlDgYHJWUtDSFVdD0VAzZxIiQUMWEvPxcpZTojJgliCygPJnctMAEPAjQ/ODVmOjAmUGIHKBMzAT1DKBRcAhV/AVkCNDVeCxgs
IP 143.204.55.121:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3035), with no line terminators
Hash acbc19950b56764644efdf8d9c2a05f9
18a573ad950bd50491f530494e957a3ec1f028b7
5be5810107db0e2a98de6d1eff29151d9278b92ccd1446b0706f9ddcee66a907
GET /M2xlQmdSDgYvWFJRB2QSQQBYZ1V1SVcEAwIGVygRBA4TIRRLHQJsBF8DECYBQQMLNkldCRFnVXUAPxUxSjo9CyBwBBI4M2EpKAQKWyAwLil3NiAAI3cbIHQvcTo8BCMLDysALX8ONBsUYhs8NCFfBDMUI1g4JjUtYw8dIStxB1wpMXI9JwcgWys0OiJwIw0uPnUtMDsmRBsBBA5QIC1yKnsiIHoucAsCei9UByAUVVBcMAcTcA8gADFnPTB6L3IpLgA0aTQzczJQJTMmP2U5Ky4/dTokEzVXNDNzMnU8JzozZjoBLyp2Lj0TDgIpMBclcSpUJj9lPUgDDWVdPCk2ATotEVZlDgYHJWUtDSFVdD0VAzZxIiQUMWEvPxcpZTojJgliCygPJnctMAEPAjQ/ODVmOjAmUGIHKBMzAT1DKBRcAhV/AVkCNDVeCxgs HTTP/1.1
Host: racterdeet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1184
date: Thu, 02 Feb 2023 20:01:36 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: e0l0yukOdDpOyTDCRrhT9YteSxc6FJKCvf2cdsnMAzwI9dqk1W8ZFw==
X-Firefox-Spdy: h2
racterdeet.com/UVNzdXAwMRAYTzBuEVMFIz9OUEIXdkEzFGA5QR8GZjEFFgMpIhRbEz08BhEWIzwdAV4/NgdQQhcdJCMAMBwmPEYfByETFgJjCSUXA2QRGAgjEDszVWMVPjYcBh8wGR4SBEpCPygRBSEKFBcRIUEdER1NBRgVQlBCFzIrAkIGEARQQhMJQA0THRcDGxEpaxklJDk9NyIhIhxBESUdAD4PPj0GGRM3NjA3MgghNUESOjA6Rw8+F2MHORk9dkEzM2IaQDkeaR8QGBggNzIZHjA7G1BCFxBAPAUcKSIlFD8rAzIyKSQSJjoiFyQRARYbSzkTOCAAEwc+FxIyACcVQD8HN2FeEjobBwRAPQcJHRQIKTwwLT4hMh4GOjJgCxoRPWsBPgppayUfAGkyMQI5Mj4LRRE5a0AvNyJ1GQYfPyNOJiZoMQlABiIJRBICFQ
143.204.55.121200 OK 1.2 kB URL HTTP/2 racterdeet.com/UVNzdXAwMRAYTzBuEVMFIz9OUEIXdkEzFGA5QR8GZjEFFgMpIhRbEz08BhEWIzwdAV4/NgdQQhcdJCMAMBwmPEYfByETFgJjCSUXA2QRGAgjEDszVWMVPjYcBh8wGR4SBEpCPygRBSEKFBcRIUEdER1NBRgVQlBCFzIrAkIGEARQQhMJQA0THRcDGxEpaxklJDk9NyIhIhxBESUdAD4PPj0GGRM3NjA3MgghNUESOjA6Rw8+F2MHORk9dkEzM2IaQDkeaR8QGBggNzIZHjA7G1BCFxBAPAUcKSIlFD8rAzIyKSQSJjoiFyQRARYbSzkTOCAAEwc+FxIyACcVQD8HN2FeEjobBwRAPQcJHRQIKTwwLT4hMh4GOjJgCxoRPWsBPgppayUfAGkyMQI5Mj4LRRE5a0AvNyJ1GQYfPyNOJiZoMQlABiIJRBICFQ
IP 143.204.55.121:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3023), with no line terminators
Hash 9920c024c88bb4a4c51b43ec9eb63931
29b287793f8ed9ce41f7f2af86a0fe9875754c2f
1fdde31b642330ce1f7aeec28f1cb191013b226cc67ef00b233c57c06c61903f
GET /UVNzdXAwMRAYTzBuEVMFIz9OUEIXdkEzFGA5QR8GZjEFFgMpIhRbEz08BhEWIzwdAV4/NgdQQhcdJCMAMBwmPEYfByETFgJjCSUXA2QRGAgjEDszVWMVPjYcBh8wGR4SBEpCPygRBSEKFBcRIUEdER1NBRgVQlBCFzIrAkIGEARQQhMJQA0THRcDGxEpaxklJDk9NyIhIhxBESUdAD4PPj0GGRM3NjA3MgghNUESOjA6Rw8+F2MHORk9dkEzM2IaQDkeaR8QGBggNzIZHjA7G1BCFxBAPAUcKSIlFD8rAzIyKSQSJjoiFyQRARYbSzkTOCAAEwc+FxIyACcVQD8HN2FeEjobBwRAPQcJHRQIKTwwLT4hMh4GOjJgCxoRPWsBPgppayUfAGkyMQI5Mj4LRRE5a0AvNyJ1GQYfPyNOJiZoMQlABiIJRBICFQ HTTP/1.1
Host: racterdeet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1176
date: Thu, 02 Feb 2023 20:01:36 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: oZjr6dDUvNk8iLtY2K-vJ12loT-_IzOVgecVOGIqMtXdEaL6RmpYOw==
X-Firefox-Spdy: h2
racterdeet.com/SUFnQ2goIwQuVyh8BWUdOy1aZloPZFUFDHgrVSkefiMRIBsxMABtCyUuEicOOy4JN0YnJBNmWg8wKgUMexcKdjwGAwA0PRwQQnEqDCwTGyp7ByQZBBAWNxI9fAAiARkIKDILPx4QAwofEywgAVk+BgwsEhpzPQowDRg+Dj4EFiorD3gUEAUQDzsuDiweDzYKAHwnNwYbJwYxIAUBOFMIOSB1KiAqPRMGKxt8ByEoXw4rAw8pIQcjJi59Fz0WMmxzJQQ+InQiKQMTEFQJLRMmJQYLIhMKGx8LdDUtJi0iCQktEykLGSccAw4QHwQXMnE6LBIgBSsqcFY6CyJsNS4gDBseETotJyYEIhAbDCA+ExQ+Oyt4DF8EMAciAy4+DhtWdykTKj0tOz4LCQYscSIxFy0TDQwwKwwUAy4/MXQJFisHFSYSTiMyCC0YdDUUKgF6KhIrPgYq
143.204.55.121200 OK 1.2 kB URL HTTP/2 racterdeet.com/SUFnQ2goIwQuVyh8BWUdOy1aZloPZFUFDHgrVSkefiMRIBsxMABtCyUuEicOOy4JN0YnJBNmWg8wKgUMexcKdjwGAwA0PRwQQnEqDCwTGyp7ByQZBBAWNxI9fAAiARkIKDILPx4QAwofEywgAVk+BgwsEhpzPQowDRg+Dj4EFiorD3gUEAUQDzsuDiweDzYKAHwnNwYbJwYxIAUBOFMIOSB1KiAqPRMGKxt8ByEoXw4rAw8pIQcjJi59Fz0WMmxzJQQ+InQiKQMTEFQJLRMmJQYLIhMKGx8LdDUtJi0iCQktEykLGSccAw4QHwQXMnE6LBIgBSsqcFY6CyJsNS4gDBseETotJyYEIhAbDCA+ExQ+Oyt4DF8EMAciAy4+DhtWdykTKj0tOz4LCQYscSIxFy0TDQwwKwwUAy4/MXQJFisHFSYSTiMyCC0YdDUUKgF6KhIrPgYq
IP 143.204.55.121:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3040), with no line terminators
Hash b46def9d40392a23a35b3bc5bac16c95
cc7ed72e4b7f73107a9922c2e54a018b847d82c7
f11e2a29df01b5106754682ee13149be58e0e7d6bf2519216927cda5c50134b8
GET /SUFnQ2goIwQuVyh8BWUdOy1aZloPZFUFDHgrVSkefiMRIBsxMABtCyUuEicOOy4JN0YnJBNmWg8wKgUMexcKdjwGAwA0PRwQQnEqDCwTGyp7ByQZBBAWNxI9fAAiARkIKDILPx4QAwofEywgAVk+BgwsEhpzPQowDRg+Dj4EFiorD3gUEAUQDzsuDiweDzYKAHwnNwYbJwYxIAUBOFMIOSB1KiAqPRMGKxt8ByEoXw4rAw8pIQcjJi59Fz0WMmxzJQQ+InQiKQMTEFQJLRMmJQYLIhMKGx8LdDUtJi0iCQktEykLGSccAw4QHwQXMnE6LBIgBSsqcFY6CyJsNS4gDBseETotJyYEIhAbDCA+ExQ+Oyt4DF8EMAciAy4+DhtWdykTKj0tOz4LCQYscSIxFy0TDQwwKwwUAy4/MXQJFisHFSYSTiMyCC0YdDUUKgF6KhIrPgYq HTTP/1.1
Host: racterdeet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1195
date: Thu, 02 Feb 2023 20:01:36 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: m63ojfn5MSZAqt3QhnalkZVo_sxZittJHSRqrcQlftPr1r-hA47hgw==
X-Firefox-Spdy: h2
pyoungstersofto.xyz/SHFxellnThIJZCxBFQAOHQE5HDIOARQRPT8gNktsGh8/Njt7AlcOMCxMSE1vfEFJXCkhFUxLfzsFEA4sO0xAXDAmFx5Hfz5MQFRqfF9CS3d6VwRHaG4FARs+dUBXCi08HUxLb39EQkxheUNFSG5/
172.67.207.205204 No Content 0 B URL HTTP/2 pyoungstersofto.xyz/SHFxellnThIJZCxBFQAOHQE5HDIOARQRPT8gNktsGh8/Njt7AlcOMCxMSE1vfEFJXCkhFUxLfzsFEA4sO0xAXDAmFx5Hfz5MQFRqfF9CS3d6VwRHaG4FARs+dUBXCi08HUxLb39EQkxheUNFSG5/
IP 172.67.207.205:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /SHFxellnThIJZCxBFQAOHQE5HDIOARQRPT8gNktsGh8/Njt7AlcOMCxMSE1vfEFJXCkhFUxLfzsFEA4sO0xAXDAmFx5Hfz5MQFRqfF9CS3d6VwRHaG4FARs+dUBXCi08HUxLb39EQkxheUNFSG5/ HTTP/1.1
Host: pyoungstersofto.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 02 Feb 2023 20:01:36 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LdOTc8EM0fGOsBiyHV8nYwRMcd1CK71X8Eo%2BdWnSM4fcX2xUYELUg6N%2BbCLaVxgwy5yari0Yh8IQU4V5C1KUYrdAG%2BvbfJtcrRHktBPyIJ7yq%2FVHQrdPwvBwzC7mxvv5Qnf%2FL7go"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7935850d0d74b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pyoungstersofto.xyz/SEtXZTZndDQWCysDERNkHzMTNHAseQ9VcA8TZCtjGw4NBFV5IHERXyx2blIAeXplQ0YhL2pUEDs/NhFDO3ZmQ18mLThYED52ZksFfGVkVBh6bSJYB24/JwRRdXpxFUI8J2pUAH9+ZFMOeXljVwJw
172.67.207.205204 No Content 0 B URL HTTP/2 pyoungstersofto.xyz/SEtXZTZndDQWCysDERNkHzMTNHAseQ9VcA8TZCtjGw4NBFV5IHERXyx2blIAeXplQ0YhL2pUEDs/NhFDO3ZmQ18mLThYED52ZksFfGVkVBh6bSJYB24/JwRRdXpxFUI8J2pUAH9+ZFMOeXljVwJw
IP 172.67.207.205:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /SEtXZTZndDQWCysDERNkHzMTNHAseQ9VcA8TZCtjGw4NBFV5IHERXyx2blIAeXplQ0YhL2pUEDs/NhFDO3ZmQ18mLThYED52ZksFfGVkVBh6bSJYB24/JwRRdXpxFUI8J2pUAH9+ZFMOeXljVwJw HTTP/1.1
Host: pyoungstersofto.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 02 Feb 2023 20:01:36 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C5YdC0h4dH7CzTL1LA%2BFKp4yp%2Bv2sj%2Bv%2F6C%2FYkxOV8mUAgEH5s5YhvmgcvoTzpK3bN7%2BduW7Wdm47L%2BVhz2549nHRR0ZYGp1%2F9LRxfPiGcIXOSvgrS4nz7XvrgBXM5imI6jbUL9L"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7935850d0d6eb4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pyoungstersofto.xyz/M01LbW4ccigeU2oYESY6AyUeCQBDeCgrOAArJR1aZgUdSFxxKANZSEckL1BXBHt6XF0VPSIJUwJ1bR4aUjk+HlMCayIDCFxwbRtTAmN7Q1wdf20YUwJrPx0PVHB6Sx5HOSdQXwV6fl5YC3x5WVwFeA
172.67.207.205204 No Content 0 B URL HTTP/2 pyoungstersofto.xyz/M01LbW4ccigeU2oYESY6AyUeCQBDeCgrOAArJR1aZgUdSFxxKANZSEckL1BXBHt6XF0VPSIJUwJ1bR4aUjk+HlMCayIDCFxwbRtTAmN7Q1wdf20YUwJrPx0PVHB6Sx5HOSdQXwV6fl5YC3x5WVwFeA
IP 172.67.207.205:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /M01LbW4ccigeU2oYESY6AyUeCQBDeCgrOAArJR1aZgUdSFxxKANZSEckL1BXBHt6XF0VPSIJUwJ1bR4aUjk+HlMCayIDCFxwbRtTAmN7Q1wdf20YUwJrPx0PVHB6Sx5HOSdQXwV6fl5YC3x5WVwFeA HTTP/1.1
Host: pyoungstersofto.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 02 Feb 2023 20:01:36 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xIKkxoPsef7B6DTIL8AcD1pK%2FCrjYltRQHSRrejOYMusKRHdp3V2crUwf2BbwSwEQRQVh1jLhCcTWH7tozmJ85qEoMNgAS%2FvLCaEvDTDpTHDqKSE20nFQfoo94ZMLeq%2BFXqp8zxW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7935850d0d77b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7d9658ab51d515dc13f1c7f42f955b42
0cdcccbd462b02685a2fb7621b7a2b89b89688cf
6166e834b5baf8925b4a5cbe92c65cde09a87910fbe73c3834e1d3ac0409fe1f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "6166E834B5BAF8925B4A5CBE92C65CDE09A87910FBE73C3834E1D3AC0409FE1F"
Last-Modified: Wed, 01 Feb 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21089
Expires: Fri, 03 Feb 2023 01:53:05 GMT
Date: Thu, 02 Feb 2023 20:01:36 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ede42358dbe8cf2e6b7e6a2653774d01
5dc8ca0b929f04fb15c7ff81d0a9decda023b7fb
8e841815d41c4ade06e328cb1ffb9be342640167ec6acb658f6b4b373e23a52a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5637
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 20:01:37 GMT
Last-Modified: Thu, 02 Feb 2023 18:27:40 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8d777e9406316814b36e3c580cccd4c8
7653df86c61ff7c801e35da9eeca3ecc70c7d7e8
2c4bb952aa3359712306a7c20b845627ee26689aacdb2560a61fc175e7c0c731
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 20:01:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9bfd33253208c9d034988400d66abd5d
8811fd76d9bc56c15431433f8f08d648185992ed
6382de7eb2bc0b40dc6d2e21ab8b6cb90cc0effe3241e3fb5008d2e4f626e92c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 20:01:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d5aa8840f812da83fc823da528a74c1a
9e7bad3462506164bd4bdb87a761352ef8131ba9
abaa07021a967e89f7786ac14efa3ce48f24e4c032376a36421cca12f5ecaeeb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 20:01:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2751084b42dd111d0a7f28241a77201b
680a9ac2f4cf451c9a8449c4df3587595ed9cc4c
1c68a770afbcdb5405fe330f2eabefa576ea1d08740719956083d7f6b490ccf8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 20:01:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
racterdeet.com/utx?cb=bPN7OcdK7uzn&top=www.upload-4ever.com&tid=976112
143.204.55.121204 No Content 0 B URL HTTP/2 racterdeet.com/utx?cb=bPN7OcdK7uzn&top=www.upload-4ever.com&tid=976112
IP 143.204.55.121:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=bPN7OcdK7uzn&top=www.upload-4ever.com&tid=976112 HTTP/1.1
Host: racterdeet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.upload-4ever.com
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 02 Feb 2023 20:01:37 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www.upload-4ever.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Thu, 02 Feb 2023 20:02:37 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 52EWytTU4u_yBjd_yMqi4N-V_wFu7EAfJZawe6Wf4uG-UWRnrH9auA==
X-Firefox-Spdy: h2
racterdeet.com/utx?cb=DzWUIhXuZVmn&top=www.upload-4ever.com&tid=976408
143.204.55.121204 No Content 0 B URL HTTP/2 racterdeet.com/utx?cb=DzWUIhXuZVmn&top=www.upload-4ever.com&tid=976408
IP 143.204.55.121:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=DzWUIhXuZVmn&top=www.upload-4ever.com&tid=976408 HTTP/1.1
Host: racterdeet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.upload-4ever.com
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 02 Feb 2023 20:01:37 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www.upload-4ever.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Thu, 02 Feb 2023 20:02:37 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: H-aJPBvSOoKfuKrbYzGoY5V_uL15quP244k0i0iXG0HaUiVMK4qZCQ==
X-Firefox-Spdy: h2
e1.o.lencr.org/
95.101.11.115200 OK 346 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b1a7b37ab41ab2c241ca4b4a3bb3319a
daf83e4a20f0849dc16777ed18d21806f978c555
4b423ec7676253213ed3bab15af479edcfa43ee8bd23da39b5ee34589020e033
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "4B423EC7676253213ED3BAB15AF479EDCFA43EE8BD23DA39B5EE34589020E033"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20000
Expires: Fri, 03 Feb 2023 01:34:57 GMT
Date: Thu, 02 Feb 2023 20:01:37 GMT
Connection: keep-alive
ssl.google-analytics.com/ga.js
216.58.207.232200 OK 17 kB URL HTTP/2 ssl.google-analytics.com/ga.js
IP 216.58.207.232:0
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Thu, 02 Feb 2023 18:41:16 GMT
expires: Thu, 02 Feb 2023 20:41:16 GMT
cache-control: public, max-age=7200
age: 4821
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
d1j2jv7bvcsxqg.cloudfront.net/lZWVyVXIGChwzTREMFmhLUlNDZEBDDwE6HBVYFD8cNBJLbQYsQwYvFlhVVDkTCwJPcxcLBk9kVAQBEGhGQxECOhlYFAUyAwwdFicLH0MHNE8ICgg8HgkEV2c0UEtCcEBVTQU8HAEKBSZXV1UcIVdXVUNlXFVAQRdXV1UFPBxTUVdmMEBXQi1EUUBBF1dXVQ-AjV1YkQ2VHS1VbcEBVAhc2GQpAQBNAVVRCZUNVVFdnQgMMADAUCh1XZzRUVUd7QkMQT2Q
54.230.245.28200 OK 493 B URL HTTP/2 d1j2jv7bvcsxqg.cloudfront.net/lZWVyVXIGChwzTREMFmhLUlNDZEBDDwE6HBVYFD8cNBJLbQYsQwYvFlhVVDkTCwJPcxcLBk9kVAQBEGhGQxECOhlYFAUyAwwdFicLH0MHNE8ICgg8HgkEV2c0UEtCcEBVTQU8HAEKBSZXV1UcIVdXVUNlXFVAQRdXV1UFPBxTUVdmMEBXQi1EUUBBF1dXVQ-AjV1YkQ2VHS1VbcEBVAhc2GQpAQBNAVVRCZUNVVFdnQgMMADAUCh1XZzRUVUd7QkMQT2Q
IP 54.230.245.28:0
File type ASCII text, with very long lines (673), with no line terminators
Hash e81e469617a7626c30083761d9d8195b
e2aaa18e9ee35db01c7abab29f89be73772e1c3f
fd2af6a85f77c4e5aafc942486d9331fbfe6fde378525b54213c904cd4edac80
GET /lZWVyVXIGChwzTREMFmhLUlNDZEBDDwE6HBVYFD8cNBJLbQYsQwYvFlhVVDkTCwJPcxcLBk9kVAQBEGhGQxECOhlYFAUyAwwdFicLH0MHNE8ICgg8HgkEV2c0UEtCcEBVTQU8HAEKBSZXV1UcIVdXVUNlXFVAQRdXV1UFPBxTUVdmMEBXQi1EUUBBF1dXVQ-AjV1YkQ2VHS1VbcEBVAhc2GQpAQBNAVVRCZUNVVFdnQgMMADAUCh1XZzRUVUd7QkMQT2Q HTTP/1.1
Host: d1j2jv7bvcsxqg.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://racterdeet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 493
date: Thu, 02 Feb 2023 20:01:37 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9gj5gzuqDs7_NtJNJHP04zGYG1qydGHrEN4t-CcXeaQGdiY8NXFHHQ==
X-Firefox-Spdy: h2
d1j2jv7bvcsxqg.cloudfront.net/NWVpaOUI6NTRffS0zPgR7bmxrCHF/MClWLClnCW97OyBvTzEDbT1LBn8uIF1/aXw2WCw+Z3xcLDpnax8jPThnDWQsO2dULSMzNlUjfGgcDGxpf2gJai4zNF0tLil/C3I3Ln8LcmhqdAlnahh/C3IuMzQPdnxpGBxwaSJsDWdqGH8LcissfwoDaGpvF3Jwf2-gJJTw5MVZnaxxoCXNpamsJc3xoal8rKz88Vjp8aBwIcmx0ah83ZGs
54.230.245.28200 OK 183 B URL HTTP/2 d1j2jv7bvcsxqg.cloudfront.net/NWVpaOUI6NTRffS0zPgR7bmxrCHF/MClWLClnCW97OyBvTzEDbT1LBn8uIF1/aXw2WCw+Z3xcLDpnax8jPThnDWQsO2dULSMzNlUjfGgcDGxpf2gJai4zNF0tLil/C3I3Ln8LcmhqdAlnahh/C3IuMzQPdnxpGBxwaSJsDWdqGH8LcissfwoDaGpvF3Jwf2-gJJTw5MVZnaxxoCXNpamsJc3xoal8rKz88Vjp8aBwIcmx0ah83ZGs
IP 54.230.245.28:0
File type ASCII text, with no line terminators
Hash 024daccef3fa80fbf7e3dbac437ea448
dc1a3994efba4de331c283c738c2cad3f16d5046
671a8a525ed428e32f8d843d840f3ad49667c52d4bb3ac21a2a7d87b32325941
GET /NWVpaOUI6NTRffS0zPgR7bmxrCHF/MClWLClnCW97OyBvTzEDbT1LBn8uIF1/aXw2WCw+Z3xcLDpnax8jPThnDWQsO2dULSMzNlUjfGgcDGxpf2gJai4zNF0tLil/C3I3Ln8LcmhqdAlnahh/C3IuMzQPdnxpGBxwaSJsDWdqGH8LcissfwoDaGpvF3Jwf2-gJJTw5MVZnaxxoCXNpamsJc3xoal8rKz88Vjp8aBwIcmx0ah83ZGs HTTP/1.1
Host: d1j2jv7bvcsxqg.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://racterdeet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 183
date: Thu, 02 Feb 2023 20:01:37 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nXUuSQaFD274YCQscsDhQVvAacJrAlSbuAWj2C5LZLrMsqdbxaeuQA==
X-Firefox-Spdy: h2
d1j2jv7bvcsxqg.cloudfront.net/qMFd2Vm5TOBgwUUQ+EmtXB2FCZlYWPQU5AEBqAiUHWWQdIwZmGB1wGkozS2ZIXDYYMVMWMhg1UwFxFzIMDWNQIh5fPEsnGVcmHy4KQi4McBtRahs5FFk7GjdLAhFDeF4VZUZ+GVk5EjkZQ3JEZgBEckRmXwB5RnNdcnJEZhlZOUBiSwMVU2ReSGFCc11yck-RmHEZyRRdfAGJYZkcVZUYxC1M8GXNcdmVGZ14AZkZnSwJnED8cVTEZLksCEUdmWx5nUCNTAQ
54.230.245.28200 OK 561 B URL HTTP/2 d1j2jv7bvcsxqg.cloudfront.net/qMFd2Vm5TOBgwUUQ+EmtXB2FCZlYWPQU5AEBqAiUHWWQdIwZmGB1wGkozS2ZIXDYYMVMWMhg1UwFxFzIMDWNQIh5fPEsnGVcmHy4KQi4McBtRahs5FFk7GjdLAhFDeF4VZUZ+GVk5EjkZQ3JEZgBEckRmXwB5RnNdcnJEZhlZOUBiSwMVU2ReSGFCc11yck-RmHEZyRRdfAGJYZkcVZUYxC1M8GXNcdmVGZ14AZkZnSwJnED8cVTEZLksCEUdmWx5nUCNTAQ
IP 54.230.245.28:0
File type ASCII text, with very long lines (791), with no line terminators
Hash 68f4275dca721b8883d09870fc421c53
76e5c7681ceaeb72023757bf88941a220d68a756
d30db56d8ddde1f7e49afe584a77ec4c5f066fe0149660212aace5a03183d841
GET /qMFd2Vm5TOBgwUUQ+EmtXB2FCZlYWPQU5AEBqAiUHWWQdIwZmGB1wGkozS2ZIXDYYMVMWMhg1UwFxFzIMDWNQIh5fPEsnGVcmHy4KQi4McBtRahs5FFk7GjdLAhFDeF4VZUZ+GVk5EjkZQ3JEZgBEckRmXwB5RnNdcnJEZhlZOUBiSwMVU2ReSGFCc11yck-RmHEZyRRdfAGJYZkcVZUYxC1M8GXNcdmVGZ14AZkZnSwJnED8cVTEZLksCEUdmWx5nUCNTAQ HTTP/1.1
Host: d1j2jv7bvcsxqg.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://racterdeet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 561
date: Thu, 02 Feb 2023 20:01:37 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fR_23D1BtXN6a_mFRadjZ5aukr6ygurqpx4DAYZm4rKIykhLtZCs_w==
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
216.58.211.2200 OK 50 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 216.58.211.2:0
File type ASCII text, with very long lines (4879)
Hash b9d37d9802f6572b6a9216b595cd8c01
ff79297121ad8351e24384bfa61e69c031603b54
b66ad2f69040d563c321792f5651cbfede25a1daf3cdecf60649ad39145b7cb0
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 02 Feb 2023 20:01:37 GMT
expires: Thu, 02 Feb 2023 20:01:37 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 10489320523171891547
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49772
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 05295a6ef6a1e08350820742ca84d4cd
829cfdfb5f40a5cf0a9b80d787d46652df0ffdec
2864347c8cafc993e298b6c80a7e34b0c49710b9e8e35af6815ef685d4efdaf2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2864347C8CAFC993E298B6C80A7E34B0C49710B9E8E35AF6815EF685D4EFDAF2"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14131
Expires: Thu, 02 Feb 2023 23:57:08 GMT
Date: Thu, 02 Feb 2023 20:01:37 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9c45ea25709afbea416f215ee34611b0
117c52c0ee3ff15a2485c0b1e39cc12c7c2021ed
7fbc3c806c7fc6d70d70b55723dbbfc00698b14fcad55014218bc5e03e92a118
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 20:01:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cagothie.net/5/2726715/?oo=1&aab=1
139.45.197.238200 OK 1.7 kB URL HTTP/2 cagothie.net/5/2726715/?oo=1&aab=1
IP 139.45.197.238:0
File type JSON data\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (2755)
Hash 0ccfc3892f12b4a36ca1c8635d7287e3
c0baeb0966bee46bba14593798df9ce1cfd8ba7b
3e778f19603295c78569493fa557837448adf1ce17847caa2c7212c6d2d2ba45
GET /5/2726715/?oo=1&aab=1 HTTP/1.1
Host: cagothie.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.upload-4ever.com
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 20:01:36 GMT
content-type: application/json
x-trace-id: 96bef11a5dd4727472efcd06b58f7834
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://www.upload-4ever.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=0c2e71beb42441b19f55ef06a6283064; expires=Fri, 02 Feb 2024 20:01:36 GMT; path=/; secure; SameSite=None
oaidts=1675368096; expires=Fri, 02 Feb 2024 20:01:36 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.213.61.61101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.213.61.61:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: JGXdJ0ELaD+Z6MyFILZq+g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Vqq5L4ylphvok1OixO6hGAU+JrI=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9bfd33253208c9d034988400d66abd5d
8811fd76d9bc56c15431433f8f08d648185992ed
6382de7eb2bc0b40dc6d2e21ab8b6cb90cc0effe3241e3fb5008d2e4f626e92c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 20:01:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ede42358dbe8cf2e6b7e6a2653774d01
5dc8ca0b929f04fb15c7ff81d0a9decda023b7fb
8e841815d41c4ade06e328cb1ffb9be342640167ec6acb658f6b4b373e23a52a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5637
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 20:01:37 GMT
Last-Modified: Thu, 02 Feb 2023 18:27:40 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
d1j2jv7bvcsxqg.cloudfront.net/?bvjjd=976112
54.230.245.28200 OK 116 kB URL HTTP/2 d1j2jv7bvcsxqg.cloudfront.net/?bvjjd=976112
IP 54.230.245.28:0
File type Unicode text, UTF-8 text, with very long lines (15948)
Size 116 kB (116196 bytes)
Hash 2b756b71b754ad7c80225ccd061301cb
1a7732928ab82f731c656c4f692c707cfa9fe0d4
63ed02a9f11e8a1f590f44a9ea2bf495f1db947db3b0cfb76a34f27309139d2d
GET /?bvjjd=976112 HTTP/1.1
Host: d1j2jv7bvcsxqg.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload-4ever.com/
Origin: https://www.upload-4ever.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 116196
date: Thu, 02 Feb 2023 20:01:37 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.upload-4ever.com
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EH56VTI7QZumSyAnCC10qUxYTNkNXIhBIECQB-PnyyHKklYz6YwJ5Q==
X-Firefox-Spdy: h2
e1.o.lencr.org/
95.101.11.115200 OK 346 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b1a7b37ab41ab2c241ca4b4a3bb3319a
daf83e4a20f0849dc16777ed18d21806f978c555
4b423ec7676253213ed3bab15af479edcfa43ee8bd23da39b5ee34589020e033
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "4B423EC7676253213ED3BAB15AF479EDCFA43EE8BD23DA39B5EE34589020E033"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20000
Expires: Fri, 03 Feb 2023 01:34:57 GMT
Date: Thu, 02 Feb 2023 20:01:37 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d06fd066caf4dfa1e21a722a5c468158
acb765577662906ae8e11242bed487ce1051db28
4b45760de269e60345d43ff2da6c5803722f7c052edd0a9f5258ce69b2ffa32f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 20:01:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
my.rtmark.net/gid.js?userId=0c2e71beb42441b19f55ef06a6283064
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=0c2e71beb42441b19f55ef06a6283064
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 47d4caeea58f0f338814d02638d80bb1
5d7fe35e376c5c0aabdebf56efc5f1f0d65beab0
e0c89ccea2747b0543175ed31394cac77a9b1b20eb80dc4a920a01bed451ab55
GET /gid.js?userId=0c2e71beb42441b19f55ef06a6283064 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.upload-4ever.com
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 20:01:37 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www.upload-4ever.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0c2e71beb42441b19f55ef06a6283064; expires=Fri, 02 Feb 2024 20:01:37 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-70364639-8&cid=347046885.1675368125&jid=814074826&_v=5.7.2&z=1667235042
64.233.165.154302 Found 367 B URL HTTP/2 stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-70364639-8&cid=347046885.1675368125&jid=814074826&_v=5.7.2&z=1667235042
IP 64.233.165.154:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash d83b0c1790b2726f3bedc76937c3239f
5eea32c9fcf33a057bd61b839e29b3f61a0b4c6a
be0e600895496de942cc75c216f304892cce87536e3f78e4a9a8004954fca5a0
GET /r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-70364639-8&cid=347046885.1675368125&jid=814074826&_v=5.7.2&z=1667235042 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload-4ever.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70364639-8&cid=347046885.1675368125&jid=814074826&_v=5.7.2&z=1667235042
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 02 Feb 2023 20:01:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: Golfe2
content-length: 367
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 4cf0ccf2909be74efd7a89dbe4228ffb
b4993da334b48312584d116a3de4be4cd71962cf
e81c8aa45d0707079d9eba798fb447059042453be4834d14467839688ca66f5d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 20:01:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70364639-8&cid=347046885.1675368125&jid=814074826&_v=5.7.2&z=1667235042
142.250.74.164302 Found 0 B URL HTTP/2 www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70364639-8&cid=347046885.1675368125&jid=814074826&_v=5.7.2&z=1667235042
IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70364639-8&cid=347046885.1675368125&jid=814074826&_v=5.7.2&z=1667235042 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload-4ever.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 20:01:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70364639-8&cid=347046885.1675368125&jid=814074826&_v=5.7.2&z=1667235042&slf_rd=1&random=587923267
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 1.3 kB IP 142.250.74.131:0
File type gzip compressed data, max compression\012- data
Hash 631d34d1a982278cb8db40d48aa35ce3
ac420585bae3c738ee009017577d445de231c591
23a52356d30b556368678aac9ec0c876c31911d0fc34258889016059d21dffb9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 20:01:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70364639-8&cid=347046885.1675368125&jid=814074826&_v=5.7.2&z=1667235042&slf_rd=1&random=587923267
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70364639-8&cid=347046885.1675368125&jid=814074826&_v=5.7.2&z=1667235042&slf_rd=1&random=587923267
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70364639-8&cid=347046885.1675368125&jid=814074826&_v=5.7.2&z=1667235042&slf_rd=1&random=587923267 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload-4ever.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 20:01:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2bef39ac599211fe23ad884ceacf1c9b
c19b32a600412658c49a3e55d5d8353a5101c31d
0ff4181df99351d3aa3490540d2f19474531fb07e13ee457b9339efab1a47ad9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 20:01:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8420
Expires: Thu, 02 Feb 2023 22:21:58 GMT
Date: Thu, 02 Feb 2023 20:01:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8420
Expires: Thu, 02 Feb 2023 22:21:58 GMT
Date: Thu, 02 Feb 2023 20:01:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8420
Expires: Thu, 02 Feb 2023 22:21:58 GMT
Date: Thu, 02 Feb 2023 20:01:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8420
Expires: Thu, 02 Feb 2023 22:21:58 GMT
Date: Thu, 02 Feb 2023 20:01:38 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7c823f1d6bf1c50d58eb263b85e6e37c
a7b74d11494fb3254df907e5cc1eead070d84617
b2706961eb756383e0988dfdb501dc424aea59697aedd1e4a6c294c314a31935
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5356
x-amzn-requestid: fef22c83-35a4-4990-9008-af5853f838d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BEB6oAMFczg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-68d3017555c069bc3107d150;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XyDZc0F-b0rxwoS5wvSXBuBfYE7JljMmuXseBjLOBk4HvxU5gE7Oqg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:18:55 GMT
age: 78163
etag: "a7b74d11494fb3254df907e5cc1eead070d84617"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd3cca56-2e75-4efc-8090-c33c65a99f80.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd3cca56-2e75-4efc-8090-c33c65a99f80.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b9af1fd56c0de8f128ddce88d49c1b4d
e3bb3d4950f7c0267f4476eef21872da332831aa
908153182f76362ff329803d9c11c06c66181e85e8e51dabd927f1f1ac630d5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd3cca56-2e75-4efc-8090-c33c65a99f80.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8944
x-amzn-requestid: 07495184-ede8-485c-94e8-5302ec348ea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: freiLHRPoAMFYbw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dade0d-275437a54eceb40e302a7f55;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:47:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 86qoRJHXcrnBGi3REMF5q3ANzKdqEs5F3yFUBmiIt6SCbBVnhGe2Kw==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:58:57 GMT
age: 79361
etag: "e3bb3d4950f7c0267f4476eef21872da332831aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4bb3a6fba496d54cdbbccaf2b9600386
8e30002699e9fbf2047f9ac11a36d2175fc9c591
927bf3a04b011b4e3bc8d8772a3d5813507f7f523312d43627767b64615562f3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15857
x-amzn-requestid: cfe36b9d-34f6-4f3f-896e-e70ec45c4a04
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJ2JGGWoAMFSLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bcf3-0dd68dd778b9aba268a129b0;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: C1kqthy0eZop0UZfG3_op5xeBOVGiPLYfia4uS1l4-kchEzV6ccE9w==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 07:28:37 GMT
age: 45181
etag: "8e30002699e9fbf2047f9ac11a36d2175fc9c591"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6bb5b89e738516f4862491eec286bf6d
8fb46b9ca85f2c578eb2a56d0007859183e12209
7f164a37b675bf39f8473392b07a2a383397da003303965fb190fd4f455bb43b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15051
x-amzn-requestid: 72a3f2ae-538e-40dc-9496-86c28334ba0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc6jGTAIAMFy4A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb76-72178ed13a2e70d462785b90;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CKTfQzCvXa4oL6Lm2n8Rw_9Uhj69YfgpDTP9s0zoaX5qW1vcqWIXDA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:46:26 GMT
age: 80112
etag: "8fb46b9ca85f2c578eb2a56d0007859183e12209"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 395bb0f71f9eba82f5ca23548d08900f
b1fada280c7ea3eb775a6fa46ce173a51eb045f5
7443babb69532e1ee3ee779e05ad4f62de2c5bf62548bcb5702f8290a527664c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11367
x-amzn-requestid: 67702c15-9a68-46ec-95e5-efb57f08e2f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5OGfBoAMF3Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6e-033182ba55fdd0230ad5a270;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: H1HIK6zdv95V96NxqSfHCqYtDQNPZ9NLAwG5oM5mwRr3nAUR0BPxlg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:25:11 GMT
age: 77787
etag: "b1fada280c7ea3eb775a6fa46ce173a51eb045f5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash df4a4906103a8f409c066b1cded71384
22847e3926db3e3d5f6b529297a4abe8b377c3a6
84a14b73b2cc7f4641eaa5539cbee0a109ae2b05cf88d06797a2b00c8d4f0c43
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9221
x-amzn-requestid: 209c2ad4-7a1f-4867-bf98-4ca8621111a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdTBFv5IAMFgqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadc13-1627a9d603c69f7760ad013b;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kAkcQOKAvuq3k-X081MLCqon-cnQJqGryVeE0fwX0a7bcXgJlySIvg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:12:07 GMT
age: 78571
etag: "22847e3926db3e3d5f6b529297a4abe8b377c3a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.upload-4ever.com/nd6obkxo3h6s/SMS%20Bomber%20[v2]%E2%84%A2.rar
104.21.12.131200 OK 0 B URL HTTP/2 www.upload-4ever.com/nd6obkxo3h6s/SMS%20Bomber%20[v2]%E2%84%A2.rar
IP 104.21.12.131:0
GET /nd6obkxo3h6s/SMS%20Bomber%20[v2]%E2%84%A2.rar HTTP/1.1
Host: www.upload-4ever.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 02 Feb 2023 20:01:36 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=0;includeSubDomains;
expires: Wed, 01 Feb 2023 20:01:35 GMT
cf-cache-status: BYPASS
set-cookie: aff=222424; domain=.upload-4ever.com; path=/; expires=Thu, 16-Feb-2023 20:01:35 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BJyhmn%2BibXw6ndZzjt%2FVK5bUCPlzIukBoudu2vey26V1ktmQlVfovc7zgm914NBvgm744F%2FxFmHguazFHaMIHlzM2dXV08HsbYU0HrSatzSyP%2FKosa%2B%2F2kblMiP9Tu8vDRhNeQP2kA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793585076995b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/
172.64.133.29200 OK 0 B IP 172.64.133.29:0
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload-4ever.com/
Origin: https://www.upload-4ever.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 20:01:37 GMT
content-type: text/plain
set-cookie: csu=825459027623637@1@1675368097; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://www.upload-4ever.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BeM8OlvZz4cFSQVROZbdcZtcNgo%2BKPHGray8xvxibiMpiRhfZaAEyZ7Xr6sEcAKDkkM48KEtoWMamZ23HZVwQ2oYK6La7uHQ%2Fh2uQTHU600xcbxZEAC%2BSBWa3KXOh6xF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7935850eeec975de-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
157.240.205.35200 OK 0 B URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP 157.240.205.35:0
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: +LqHXr7XH5DWA9X+4Gt7qjOLrrh2c+5bQihdm3ms7lmIF4O93dko+Y+6gLsmo/hWNcAnejoccZVuAeBntsPTrQ==
date: Thu, 02 Feb 2023 20:01:37 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.133.29200 OK 0 B IP 172.64.133.29:0
Analyzer Verdict Alert quad9 Sinkholed
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload-4ever.com/
Origin: https://www.upload-4ever.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 02 Feb 2023 20:01:37 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://www.upload-4ever.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 1691
last-modified: Thu, 02 Feb 2023 19:33:26 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O5A1kN6wsfW%2BVlGhm%2B1NOLBA0OTLvnsFeYLtjA8TNACtJrdNd1KwD6CILPt1%2FMgUYxnyRzke9GnZ316EY8gKNcIO9MmcqupKr4YNpxDqw8J6PAKMW1Gyr1kaYWvgiSeq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7935850eeec775de-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.133.29200 OK 0 B IP 172.64.133.29:0
Analyzer Verdict Alert quad9 Sinkholed
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload-4ever.com/
Origin: https://www.upload-4ever.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 02 Feb 2023 20:01:37 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://www.upload-4ever.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 1691
last-modified: Thu, 02 Feb 2023 19:33:26 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IClKjwx%2F3rTcRIXek7dFl2uLlUp4G%2BBR2WhrVWrH9TzHtnHg01UGeF7g%2F2BDrgBeW6W3XpXHmIBsX57%2Bj7y8PkDjvprVhqT7Z%2BgPcWSFmkG%2F3AK7ioP%2FHPki6y6t9mgq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7935850eeecc75de-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/
172.64.133.29200 OK 0 B IP 172.64.133.29:0
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload-4ever.com/
Origin: https://www.upload-4ever.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 20:01:37 GMT
content-type: text/plain
set-cookie: csu=615092785665562@1@1675368097; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://www.upload-4ever.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L1RAnlNtAanLei%2FfYLRP0qgBWM9hCIcMQ1hEToDysBx%2FLvrmUMWv%2BuRX8c3U%2FZj7m17GeJn1qJuDguqhPvOThfSx5uCcuax7kGYaizSDfzh0e98tfVyXH85fckl1cdYv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7935850fbfd675de-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cagothie.net/?rb=OEjzORHCp08A5Q92imtkRu7jWMBl1mleIcXWc3JfO73s8g2VbAT12uKqiHYAVpDVrLFWpXTZ_maVXjahi6GwZi8kvLph-MseT-pSpxHXM-6Tl__tYp47ihg66GCpWobTfxk0FJwmjEWTdYxzyTsVwmfRXljJY1FFSBNa8UTZMRisTuR4QuzxcnzBtj6lbWeIJ-amAwFsIQOHE6KRvCwljzQHAdjEPkJ0zd9zqd37bCBSU9LE&request_ab2=0&zoneid=2726715&js_build=iclick-v1.478.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=5&pl=https%3A%2F%2Fwww.upload-4ever.com%2Fnd6obkxo3h6s%2FSMS%2520Bomber%2520%5Bv2%5D%25E2%2584%25A2.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.478.0&bs=e66143ed-a46d-4871-8179-2437c93ee6b3&userId=0c2e71beb42441b19f55ef06a6283064&m=link
139.45.197.238200 OK 0 B URL HTTP/2 cagothie.net/?rb=OEjzORHCp08A5Q92imtkRu7jWMBl1mleIcXWc3JfO73s8g2VbAT12uKqiHYAVpDVrLFWpXTZ_maVXjahi6GwZi8kvLph-MseT-pSpxHXM-6Tl__tYp47ihg66GCpWobTfxk0FJwmjEWTdYxzyTsVwmfRXljJY1FFSBNa8UTZMRisTuR4QuzxcnzBtj6lbWeIJ-amAwFsIQOHE6KRvCwljzQHAdjEPkJ0zd9zqd37bCBSU9LE&request_ab2=0&zoneid=2726715&js_build=iclick-v1.478.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=5&pl=https%3A%2F%2Fwww.upload-4ever.com%2Fnd6obkxo3h6s%2FSMS%2520Bomber%2520%5Bv2%5D%25E2%2584%25A2.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.478.0&bs=e66143ed-a46d-4871-8179-2437c93ee6b3&userId=0c2e71beb42441b19f55ef06a6283064&m=link
IP 139.45.197.238:0
GET /?rb=OEjzORHCp08A5Q92imtkRu7jWMBl1mleIcXWc3JfO73s8g2VbAT12uKqiHYAVpDVrLFWpXTZ_maVXjahi6GwZi8kvLph-MseT-pSpxHXM-6Tl__tYp47ihg66GCpWobTfxk0FJwmjEWTdYxzyTsVwmfRXljJY1FFSBNa8UTZMRisTuR4QuzxcnzBtj6lbWeIJ-amAwFsIQOHE6KRvCwljzQHAdjEPkJ0zd9zqd37bCBSU9LE&request_ab2=0&zoneid=2726715&js_build=iclick-v1.478.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=5&pl=https%3A%2F%2Fwww.upload-4ever.com%2Fnd6obkxo3h6s%2FSMS%2520Bomber%2520%5Bv2%5D%25E2%2584%25A2.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.478.0&bs=e66143ed-a46d-4871-8179-2437c93ee6b3&userId=0c2e71beb42441b19f55ef06a6283064&m=link HTTP/1.1
Host: cagothie.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload-4ever.com/
Origin: https://www.upload-4ever.com
Connection: keep-alive
Cookie: OAID=0c2e71beb42441b19f55ef06a6283064; oaidts=1675368096
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 20:01:37 GMT
content-type: application/json
x-trace-id: b02588c187a3b0e0683248a0268c6409
access-control-allow-origin: https://www.upload-4ever.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=0c2e71beb42441b19f55ef06a6283064; expires=Fri, 02 Feb 2024 20:01:37 GMT; path=/; secure; SameSite=None
oaidts=1675368097; expires=Fri, 02 Feb 2024 20:01:37 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Thu, 09 Feb 2023 20:01:37 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2