www.upload-4ever.com/oy5tg56hsz0u/PES%206%20GamePlay.rar
301 Moved Permanently 0 B URL HTTP/1.1 www.upload-4ever.com/oy5tg56hsz0u/PES%206%20GamePlay.rar
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /oy5tg56hsz0u/PES%206%20GamePlay.rar HTTP/1.1
Host: www.upload-4ever.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 23 Feb 2023 23:36:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 24 Feb 2023 00:36:55 GMT
Location: https://www.upload-4ever.com/oy5tg56hsz0u/PES%206%20GamePlay.rar
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YG9omNjDcGYGnwlXUg3vRBODsORpt1O8JjLPME3CcqyIcpk1ArvTRrhP0hqcWhPhc4jKhsNiQjK2dtsn9MVbzAtAKprAQXPGXyVFqYwFHe%2BI1a2RIvYSvnaGzOob0MhHesjgNZJWgA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79e3c954395fb509-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bbe5e8dc913bdcab76f9fe8851ea2e77
9215fadd003873382ed2a4ace79ba337adadd692
e6094932dd4de52ea6360bdfbe8bb15951ebd76255766eee627c5de6f83fcea8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E6094932DD4DE52EA6360BDFBE8BB15951EBD76255766EEE627C5DE6F83FCEA8"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15355
Expires: Fri, 24 Feb 2023 03:52:50 GMT
Date: Thu, 23 Feb 2023 23:36:55 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6f313739c4c44174fc9a97ac63621b46
319da68d06694330ad9f7901bcde1ca0a6eeac0d
321236ee07769c741890815bc56fd2700ff1974b0534368b9ff2e96320ae4fee
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "321236EE07769C741890815BC56FD2700FF1974B0534368B9FF2E96320AE4FEE"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5079
Expires: Fri, 24 Feb 2023 01:01:34 GMT
Date: Thu, 23 Feb 2023 23:36:55 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4ad6984a756720fbfff47b37a75513a2
355e35258114452af8b9638985ed9d8ef3bf0aca
43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 23 Feb 2023 22:53:57 GMT
content-type: application/json
age: 2578
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7fb59e5d3cdf08b94e5f41fdeb9aec6c
ff644039db3b9f74d7e2fab10f93581bea10614a
861573a00d75364e15783c5e448c4f8b4da48b38d9beba3ebd33a87f993489a5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "861573A00D75364E15783C5E448C4F8B4DA48B38D9BEBA3EBD33A87F993489A5"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19099
Expires: Fri, 24 Feb 2023 04:55:14 GMT
Date: Thu, 23 Feb 2023 23:36:55 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ywMRPcj2MEv6OQr1YlubSRcj8YKknYGSoJHrw6iKV+JyYJWfCer6SKVJ2mrntwlU2CQQRh5Jce0=
x-amz-request-id: GW8VYH5BKFBQJKX0
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 23 Feb 2023 22:49:15 GMT
age: 2860
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash f22ee8ff5d175fc77e6bd4f345e2a275
c74fa0a358a620fbf6c87ba320d558f03ce16537
f3d3cd593d12a66150e4dedf8ada8a394003071a324a6d598ed19cfd752bde08
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4846
Cache-Control: max-age=113908
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 23:36:56 GMT
Etag: "63f6ff9e-118"
Expires: Sat, 25 Feb 2023 07:15:24 GMT
Last-Modified: Thu, 23 Feb 2023 05:54:38 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 280
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Feb 2023 23:36:56 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 1.7 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
Hash a7665f49170e1a5072c856b8bd68c86b
d2baa3dbe110542748377c53c155901d317fa83d
721603aed159d4414bf4f6d59328b5442607c4aa8a2e6989e294fe244f0f8b85
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Expires, Last-Modified, Cache-Control, ETag, Backoff, Content-Type, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 23 Feb 2023 23:20:35 GMT
age: 981
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
d1j2jv7bvcsxqg.cloudfront.net/?bvjjd=976112
200 OK 117 kB URL HTTP/2 d1j2jv7bvcsxqg.cloudfront.net/?bvjjd=976112
IP
File type Unicode text, UTF-8 text, with very long lines (15948)
Size 117 kB (116589 bytes)
Hash 798688433d42833384b06e959278f222
d34e04c2bc6629dfdb296b7d155c40fc88e6ee17
36dff0010b9d9dc230347b087baa10c02482f9be160ae4f2faececf7513bd65d
GET /?bvjjd=976112 HTTP/1.1
Host: d1j2jv7bvcsxqg.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 116589
date: Thu, 23 Feb 2023 23:36:56 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ErwMtjE1DnbOr_XJXuLbQGnFioEebDFj16qnQCxj1b2vFKnGJlrOug==
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a503e51f129578fd344ab97a28f9ee1a
f141944a32e73e8db4c362fefffac1b4c7043ad4
bf30c275ceab2a4c047f64f39761761f4a592d541c7a2627e0e01b935cd23f7d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF30C275CEAB2A4C047F64F39761761F4A592D541C7A2627E0E01B935CD23F7D"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5915
Expires: Fri, 24 Feb 2023 01:15:31 GMT
Date: Thu, 23 Feb 2023 23:36:56 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a503e51f129578fd344ab97a28f9ee1a
f141944a32e73e8db4c362fefffac1b4c7043ad4
bf30c275ceab2a4c047f64f39761761f4a592d541c7a2627e0e01b935cd23f7d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF30C275CEAB2A4C047F64F39761761F4A592D541C7A2627E0E01B935CD23F7D"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5915
Expires: Fri, 24 Feb 2023 01:15:31 GMT
Date: Thu, 23 Feb 2023 23:36:56 GMT
Connection: keep-alive
cagothie.net/tag.min.js
200 OK 28 kB IP
Hash 2f99e949f9fd6e7ec9dab3c777b5234a
ecd9fbe159f015df9e1514a11ce3e495e751a4af
826212e932e449b32c0eeb064d7224cec81f3d4bbd81087830b6d7a0f41928f0
GET /tag.min.js HTTP/1.1
Host: cagothie.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Cookie: OAID=221c61d526e8482787141873badcf8d0; oaidts=1677192608; syncedCookie=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Feb 2023 23:36:56 GMT
content-type: text/javascript; charset=utf-8
content-length: 23689
content-encoding: br
x-trace-id: 4f13469f612ef453e5610ac8477488b9
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Wed, 22 Feb 2023 09:02:40 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5fa728a339ca32e616d483e61d0aebcd
6a63966de94d16390c8f1e47e5b67fe5bb67f7cd
7e83729d554404e59f1f1ff809ac776d3596487e2b062a1e38af8e29f33c0686
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E83729D554404E59F1F1FF809AC776D3596487E2B062A1E38AF8E29F33C0686"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3814
Expires: Fri, 24 Feb 2023 00:40:30 GMT
Date: Thu, 23 Feb 2023 23:36:56 GMT
Connection: keep-alive
raglassofrum.cc/ZU5NRHMELC4pTARzL2IGFyJwYUEja38CF1Qkfy4FUiw7JwAdPypqEAkhOCAVFyEjMF0LKzlhQSMHHhFKHyoaIwIsDH0QJR9+IAJDDRwrKh8mHAs0BS8fDCUxDyI0DgQ8HwgGEEB8DxQJHXYPBTIgASUFJDMfCBc/PQQJEQQ0IQQWISwaJDMbIAslHhEcehUCQjN3LBUQIww0DgokNnUBOiZ+FwMhEjsCAiYkDRUVGi0PdQY5NgMeETUKHigoQiMaFTBWVwgaMzonBDQ3ECQmOTcVMAMvDDQddxx0ITwUfn0kNyc9NxUwAw4FIAF7H3UxBw1/NDE3HA9hQSMrfGkpIgUgPEo0OS4hES05NBY1DXYUET0GGhUwVlcICwYyKQckBiQ3N3hzFVUECxM7DWt/AiIJDCwhIA4vDzNDEwcMMCIyKXRhQScffQY0ABkmAyAjJWsuAAogPXknFjYUHD4vGngPABQcFB0
200 OK 1.2 kB URL HTTP/2 raglassofrum.cc/ZU5NRHMELC4pTARzL2IGFyJwYUEja38CF1Qkfy4FUiw7JwAdPypqEAkhOCAVFyEjMF0LKzlhQSMHHhFKHyoaIwIsDH0QJR9+IAJDDRwrKh8mHAs0BS8fDCUxDyI0DgQ8HwgGEEB8DxQJHXYPBTIgASUFJDMfCBc/PQQJEQQ0IQQWISwaJDMbIAslHhEcehUCQjN3LBUQIww0DgokNnUBOiZ+FwMhEjsCAiYkDRUVGi0PdQY5NgMeETUKHigoQiMaFTBWVwgaMzonBDQ3ECQmOTcVMAMvDDQddxx0ITwUfn0kNyc9NxUwAw4FIAF7H3UxBw1/NDE3HA9hQSMrfGkpIgUgPEo0OS4hES05NBY1DXYUET0GGhUwVlcICwYyKQckBiQ3N3hzFVUECxM7DWt/AiIJDCwhIA4vDzNDEwcMMCIyKXRhQScffQY0ABkmAyAjJWsuAAogPXknFjYUHD4vGngPABQcFB0
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3049), with no line terminators
Hash 365bc379e73fdc49255477afd4465571
9417ec5b1a764484ed22483da911c447b32e5583
7726905236f51aa9a02e6f33ff5d43ec610263897dbe2fca80d17bf7ecff9047
GET /ZU5NRHMELC4pTARzL2IGFyJwYUEja38CF1Qkfy4FUiw7JwAdPypqEAkhOCAVFyEjMF0LKzlhQSMHHhFKHyoaIwIsDH0QJR9+IAJDDRwrKh8mHAs0BS8fDCUxDyI0DgQ8HwgGEEB8DxQJHXYPBTIgASUFJDMfCBc/PQQJEQQ0IQQWISwaJDMbIAslHhEcehUCQjN3LBUQIww0DgokNnUBOiZ+FwMhEjsCAiYkDRUVGi0PdQY5NgMeETUKHigoQiMaFTBWVwgaMzonBDQ3ECQmOTcVMAMvDDQddxx0ITwUfn0kNyc9NxUwAw4FIAF7H3UxBw1/NDE3HA9hQSMrfGkpIgUgPEo0OS4hES05NBY1DXYUET0GGhUwVlcICwYyKQckBiQ3N3hzFVUECxM7DWt/AiIJDCwhIA4vDzNDEwcMMCIyKXRhQScffQY0ABkmAyAjJWsuAAogPXknFjYUHD4vGngPABQcFB0 HTTP/1.1
Host: raglassofrum.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1197
date: Thu, 23 Feb 2023 23:36:56 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 8ea75fde43c768e7e1d041f8b7a07bd6.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: O6DSMg-Ml8_gZXHx6rqWFK4ZeYo5_3SA1jCB98QzTCZSkAlyGWuDRA==
X-Firefox-Spdy: h2
raglassofrum.cc/ajE5dTgLU1oYBwsMW1NNGF0EUAosFAszXFtbCx9OXVNPFksSQF5bWwZeTBFeGF5XARYEVE1QCiwEdxtIE2t8AW4sY042XC94bTNUBkh4IEAuZ2ESaS9wfDlyP2txOn47eX0PUzB8TgVOKVl8EH8yXm0jeitJbB5cKWBQEWAsc28vWjx8bDBuBgd8N0s9c1csezJwWjNcBkJvNnlaX24dTDJnXkV8PHRzN107a2o3aVpdbB1tLHcLQX05WU4kWg1jciQJOF17GQEoe1RBfTlWbDtyO3N2IwkJe3xFUCl5cUV7MgF8GFoNY3I0eiBEeyFMLmdxQWE5XRQBeg9gYBF+HVJeIm5TcHAbUy1iCT9tD1ZjOW5baw4geidweCYJMHBVEW8uYF0+alpBDjB5U2FvJB4AQlYbSFd7CTkBKVpuNGEaUkMndAM
200 OK 1.2 kB URL HTTP/2 raglassofrum.cc/ajE5dTgLU1oYBwsMW1NNGF0EUAosFAszXFtbCx9OXVNPFksSQF5bWwZeTBFeGF5XARYEVE1QCiwEdxtIE2t8AW4sY042XC94bTNUBkh4IEAuZ2ESaS9wfDlyP2txOn47eX0PUzB8TgVOKVl8EH8yXm0jeitJbB5cKWBQEWAsc28vWjx8bDBuBgd8N0s9c1csezJwWjNcBkJvNnlaX24dTDJnXkV8PHRzN107a2o3aVpdbB1tLHcLQX05WU4kWg1jciQJOF17GQEoe1RBfTlWbDtyO3N2IwkJe3xFUCl5cUV7MgF8GFoNY3I0eiBEeyFMLmdxQWE5XRQBeg9gYBF+HVJeIm5TcHAbUy1iCT9tD1ZjOW5baw4geidweCYJMHBVEW8uYF0+alpBDjB5U2FvJB4AQlYbSFd7CTkBKVpuNGEaUkMndAM
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3028), with no line terminators
Hash 5ef98c64d5f6466e7b6130c0c995290e
6d14e58183a6078854f41fe6962b13c6f9313e5d
ddc24a2f3f4b57e53c8c36e60303506d1dee286ccfc66ebf2cdad951a8bca7a4
GET /ajE5dTgLU1oYBwsMW1NNGF0EUAosFAszXFtbCx9OXVNPFksSQF5bWwZeTBFeGF5XARYEVE1QCiwEdxtIE2t8AW4sY042XC94bTNUBkh4IEAuZ2ESaS9wfDlyP2txOn47eX0PUzB8TgVOKVl8EH8yXm0jeitJbB5cKWBQEWAsc28vWjx8bDBuBgd8N0s9c1csezJwWjNcBkJvNnlaX24dTDJnXkV8PHRzN107a2o3aVpdbB1tLHcLQX05WU4kWg1jciQJOF17GQEoe1RBfTlWbDtyO3N2IwkJe3xFUCl5cUV7MgF8GFoNY3I0eiBEeyFMLmdxQWE5XRQBeg9gYBF+HVJeIm5TcHAbUy1iCT9tD1ZjOW5baw4geidweCYJMHBVEW8uYF0+alpBDjB5U2FvJB4AQlYbSFd7CTkBKVpuNGEaUkMndAM HTTP/1.1
Host: raglassofrum.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1179
date: Thu, 23 Feb 2023 23:36:56 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 8ea75fde43c768e7e1d041f8b7a07bd6.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: t7B-G3xIHE5vL97ly7_YWdO8F5Akb5Qgp48Ipt4qyaq0gRZBLtXQRw==
X-Firefox-Spdy: h2
raglassofrum.cc/TVNlc3IsMQYeTSxuB1UHPz9YVkALdlc1Fnw5VxkEejETEAE1IgJdESE8EBcUPzwLB1wjNhFWQAsRKB8nOgIyQiACP1EdJyYKXSU6NQYnJD8IMDMmJx1jKAYzfRkKITYUFT0nBgYfH0obLmM0RDEcagk1G30ePTc7AwkSGxEDNFQEIXweHSYcNQkjMDQMHwIqIgcFCgcwCxJAQTQVFzA4IBUdIzo0DzUqGB0iEjNHQgsLKAEwfiAkKTR1EAMmESISVCpEHykvOjMKBQA9JyoSPyI0NQISOQUMJCs6MwoFLTgzABY8ISQ0Hx0XHAwXCREwIxIhMkIqEj8mXwRgNjI3GBI9NSsFFDApKAtrJj4eGDonH0M6EgIXFAw+NDIRGyQmKTAbKT0lI3UCDCI+FQBVJRE0ICEpIxslPSEjKhc9MlQnIAodAnAnEhsdIykLISI
200 OK 1.2 kB URL HTTP/2 raglassofrum.cc/TVNlc3IsMQYeTSxuB1UHPz9YVkALdlc1Fnw5VxkEejETEAE1IgJdESE8EBcUPzwLB1wjNhFWQAsRKB8nOgIyQiACP1EdJyYKXSU6NQYnJD8IMDMmJx1jKAYzfRkKITYUFT0nBgYfH0obLmM0RDEcagk1G30ePTc7AwkSGxEDNFQEIXweHSYcNQkjMDQMHwIqIgcFCgcwCxJAQTQVFzA4IBUdIzo0DzUqGB0iEjNHQgsLKAEwfiAkKTR1EAMmESISVCpEHykvOjMKBQA9JyoSPyI0NQISOQUMJCs6MwoFLTgzABY8ISQ0Hx0XHAwXCREwIxIhMkIqEj8mXwRgNjI3GBI9NSsFFDApKAtrJj4eGDonH0M6EgIXFAw+NDIRGyQmKTAbKT0lI3UCDCI+FQBVJRE0ICEpIxslPSEjKhc9MlQnIAodAnAnEhsdIykLISI
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3035), with no line terminators
Hash 0561792775531ea87cc664d4a3a0645f
9a1d05276218bf0ff9eb94975b2025c36b458ca1
7a477c97e4455cee49ce4975003b90d963c8ab2d206377419b812a21e703a369
GET /TVNlc3IsMQYeTSxuB1UHPz9YVkALdlc1Fnw5VxkEejETEAE1IgJdESE8EBcUPzwLB1wjNhFWQAsRKB8nOgIyQiACP1EdJyYKXSU6NQYnJD8IMDMmJx1jKAYzfRkKITYUFT0nBgYfH0obLmM0RDEcagk1G30ePTc7AwkSGxEDNFQEIXweHSYcNQkjMDQMHwIqIgcFCgcwCxJAQTQVFzA4IBUdIzo0DzUqGB0iEjNHQgsLKAEwfiAkKTR1EAMmESISVCpEHykvOjMKBQA9JyoSPyI0NQISOQUMJCs6MwoFLTgzABY8ISQ0Hx0XHAwXCREwIxIhMkIqEj8mXwRgNjI3GBI9NSsFFDApKAtrJj4eGDonH0M6EgIXFAw+NDIRGyQmKTAbKT0lI3UCDCI+FQBVJRE0ICEpIxslPSEjKhc9MlQnIAodAnAnEhsdIykLISI HTTP/1.1
Host: raglassofrum.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1185
date: Thu, 23 Feb 2023 23:36:56 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 8ea75fde43c768e7e1d041f8b7a07bd6.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: kNF8dXyuFqnMUM4Oc1JEn8i9Hw-F4riMgtqOyqLxWp5BfJ0wgI3SMg==
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 0178fe0ebb0df24ee62cd67faccdc383
d25121befecd6d77962e988f68c871653cba1959
627efd1b332a0296cd7558e08374fabcd7c750683ab6ae22b9d7ab7f3b7537c1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2668
Cache-Control: max-age=111051
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 23:36:56 GMT
Etag: "63f6fcf7-1d7"
Expires: Sat, 25 Feb 2023 06:27:47 GMT
Last-Modified: Thu, 23 Feb 2023 05:43:19 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4733770bf092ca1324e01dff373722a1
1524c31178714c399a4b4751744b261768c41277
26776ee98fd94df1d3adbadb39aaad24b847a689c2119c2ed62a70640f4b5b18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 23:36:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash d5a81909f9ba52a4b5b4beca7189f10a
216a773aef7239d68c979f6c24013a31f085c779
79799853ac50d2c9e10b8cfab4a57150b087403209006e166af67164c2630de6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 23:36:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 56cd85a02d031d2f7b794f1f2cfda4eb
878162e77393da15f0a1c8bf8a83a777a6caf317
15bc2ef238d6cf940adc4a29a31bd3fa0ee1712529d89c1a2fd74fb32d5ffe5e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 23:36:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ssl.google-analytics.com/ga.js
200 OK 17 kB URL HTTP/2 ssl.google-analytics.com/ga.js
IP
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Thu, 23 Feb 2023 22:41:40 GMT
expires: Fri, 24 Feb 2023 00:41:40 GMT
cache-control: public, max-age=7200
age: 3317
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
raglassofrum.cc/utx?cb=jV2CEhQEKVK5&top=www.upload-4ever.com&tid=976112
204 No Content 0 B URL HTTP/2 raglassofrum.cc/utx?cb=jV2CEhQEKVK5&top=www.upload-4ever.com&tid=976112
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=jV2CEhQEKVK5&top=www.upload-4ever.com&tid=976112 HTTP/1.1
Host: raglassofrum.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.upload-4ever.com
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 23 Feb 2023 23:36:56 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www.upload-4ever.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Thu, 23 Feb 2023 23:37:56 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 8ea75fde43c768e7e1d041f8b7a07bd6.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: gGiGJtmFe95fABRFYDoMJNsvzbHRhomTs4iz4t0apclx7JuKbD6-tg==
X-Firefox-Spdy: h2
raglassofrum.cc/utx?cb=JrML6tLRmL21&top=www.upload-4ever.com&tid=976408
204 No Content 0 B URL HTTP/2 raglassofrum.cc/utx?cb=JrML6tLRmL21&top=www.upload-4ever.com&tid=976408
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=JrML6tLRmL21&top=www.upload-4ever.com&tid=976408 HTTP/1.1
Host: raglassofrum.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.upload-4ever.com
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 23 Feb 2023 23:36:57 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www.upload-4ever.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Thu, 23 Feb 2023 23:37:57 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 8ea75fde43c768e7e1d041f8b7a07bd6.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: wtJ2tiyCOnNd3k6z4uV1zsWe0XopSW_Qsm4Der1wplSKgK6o_z-dEA==
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
200 OK 49 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP
File type ASCII text, with very long lines (3649)
Hash 1b2cb6c948cf70d9340a4a0c226a36cf
8c5ceb397b19760560d30bbddfe89bb8ad17671e
a0fe35d8f867a33b4fdb37d5a33addb2b55c0ff6c90a76510920f7eac269db43
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 23 Feb 2023 23:36:57 GMT
expires: Thu, 23 Feb 2023 23:36:57 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 11314522027290046573
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49312
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 1d6de03255d867fb8344f9dc8f732fcb
74283f272a386fbbf4cc910a990858206e198e5b
92f9d62d4714cbcd874dee5787a1d457e47f06bd9abbbb14edab0be73cf5424e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "92F9D62D4714CBCD874DEE5787A1D457E47F06BD9ABBBB14EDAB0BE73CF5424E"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3124
Expires: Fri, 24 Feb 2023 00:29:01 GMT
Date: Thu, 23 Feb 2023 23:36:57 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 1d6de03255d867fb8344f9dc8f732fcb
74283f272a386fbbf4cc910a990858206e198e5b
92f9d62d4714cbcd874dee5787a1d457e47f06bd9abbbb14edab0be73cf5424e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "92F9D62D4714CBCD874DEE5787A1D457E47F06BD9ABBBB14EDAB0BE73CF5424E"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3124
Expires: Fri, 24 Feb 2023 00:29:01 GMT
Date: Thu, 23 Feb 2023 23:36:57 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 56cd85a02d031d2f7b794f1f2cfda4eb
878162e77393da15f0a1c8bf8a83a777a6caf317
15bc2ef238d6cf940adc4a29a31bd3fa0ee1712529d89c1a2fd74fb32d5ffe5e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 23:36:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4733770bf092ca1324e01dff373722a1
1524c31178714c399a4b4751744b261768c41277
26776ee98fd94df1d3adbadb39aaad24b847a689c2119c2ed62a70640f4b5b18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 23:36:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1610587536&utmhn=www.upload-4ever.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Download%20PES%20Game%20Play%20rar&utmhid=1036344080&utmr=-&utmp=%2Foy5tg56hsz0u%2FPES%2525206%252520GamePlay.rar&utmht=1677195443313&utmac=UA-70364639-8&utmcc=__utma%3D196983016.1556750835.1677192634.1677192634.1677195443.2%3B%2B__utmz%3D196983016.1677192634.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=357391695&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
302 Found 370 B URL HTTP/2 ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1610587536&utmhn=www.upload-4ever.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Download%20PES%20Game%20Play%20rar&utmhid=1036344080&utmr=-&utmp=%2Foy5tg56hsz0u%2FPES%2525206%252520GamePlay.rar&utmht=1677195443313&utmac=UA-70364639-8&utmcc=__utma%3D196983016.1556750835.1677192634.1677192634.1677195443.2%3B%2B__utmz%3D196983016.1677192634.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=357391695&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 05ec8af15d13ead3c3018f5a1414ef8f
1c513962d6a9e485e3080098636adce4dad58b0e
ea6d518072741132c69d702f8fb05ab4d7b47e1a99b5c0d72cc9217b86c8b9ad
GET /r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1610587536&utmhn=www.upload-4ever.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Download%20PES%20Game%20Play%20rar&utmhid=1036344080&utmr=-&utmp=%2Foy5tg56hsz0u%2FPES%2525206%252520GamePlay.rar&utmht=1677195443313&utmac=UA-70364639-8&utmcc=__utma%3D196983016.1556750835.1677192634.1677192634.1677195443.2%3B%2B__utmz%3D196983016.1677192634.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=357391695&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-70364639-8&cid=1556750835.1677192634&jid=357391695&_v=5.7.2&z=1610587536
access-control-allow-origin: *
date: Thu, 23 Feb 2023 23:36:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: Golfe2
content-length: 370
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
d1j2jv7bvcsxqg.cloudfront.net/?bvjjd=976112
200 OK 117 kB URL HTTP/2 d1j2jv7bvcsxqg.cloudfront.net/?bvjjd=976112
IP
File type Unicode text, UTF-8 text, with very long lines (15948)
Size 117 kB (116589 bytes)
Hash 9a312a9701a5b4a251f947570ae0e4af
fcdbbb0917280361697b12247cda70ad00b3b4cc
02771e0a64af0271d15e7afd74547d8ee688fdfc727fd11f38457ea7e6b191d9
GET /?bvjjd=976112 HTTP/1.1
Host: d1j2jv7bvcsxqg.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload-4ever.com/
Origin: https://www.upload-4ever.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 116589
date: Thu, 23 Feb 2023 23:36:57 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.upload-4ever.com
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: m5giT3UtnH4k5BXLwO5RqpwzlbNsJxByU5_GX8KU03DlbTs84v3zmA==
X-Firefox-Spdy: h2
d1j2jv7bvcsxqg.cloudfront.net/5NnpyZEtVFRwCdEITFllyAUxDVXgQEAELJUZHOFQHDzkZMwpvChEeGXoTVBAxUkdCQidXFBVZbVMUEVl6EBsWBnYCXAcFdlsVCA0nWhtXVg0DVEJBeQZSBQ0lUhUFF24EShwQbgRKQ1RlBl9BJm4ESgUNJQBOV1cJE0hCHH0CX0EmbgRKABJuBTtDVH4YSl-tBeQYdFwcgWV9AInkGS0JUegZLV1Z7UBMAAS1ZAldWDQdKR0p7EA9PVQ
200 OK 186 B URL HTTP/2 d1j2jv7bvcsxqg.cloudfront.net/5NnpyZEtVFRwCdEITFllyAUxDVXgQEAELJUZHOFQHDzkZMwpvChEeGXoTVBAxUkdCQidXFBVZbVMUEVl6EBsWBnYCXAcFdlsVCA0nWhtXVg0DVEJBeQZSBQ0lUhUFF24EShwQbgRKQ1RlBl9BJm4ESgUNJQBOV1cJE0hCHH0CX0EmbgRKABJuBTtDVH4YSl-tBeQYdFwcgWV9AInkGS0JUegZLV1Z7UBMAAS1ZAldWDQdKR0p7EA9PVQ
IP
File type ASCII text, with no line terminators
Hash bd91651a6d6ab5f472df701157cb0022
7d1340fb7f0b12bd87f410eefcacf3de6aa73a11
4b944131de848a26e93bce497ab9fae491854553a53ecca0c6e7423788640841
GET /5NnpyZEtVFRwCdEITFllyAUxDVXgQEAELJUZHOFQHDzkZMwpvChEeGXoTVBAxUkdCQidXFBVZbVMUEVl6EBsWBnYCXAcFdlsVCA0nWhtXVg0DVEJBeQZSBQ0lUhUFF24EShwQbgRKQ1RlBl9BJm4ESgUNJQBOV1cJE0hCHH0CX0EmbgRKABJuBTtDVH4YSl-tBeQYdFwcgWV9AInkGS0JUegZLV1Z7UBMAAS1ZAldWDQdKR0p7EA9PVQ HTTP/1.1
Host: d1j2jv7bvcsxqg.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://raglassofrum.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 186
date: Thu, 23 Feb 2023 23:36:57 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mrmASJqqgFTJ80m7CsVrh7dcjk6xopNYrfJhXjRbXPocFIC-Ol4xzg==
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 9.1 kB URL HTTP/1.1 push.services.mozilla.com/
IP
Hash 855c1d7688d7b25b0d9fb95af26980c1
d05aa3f4e2774b10070df1c78c6805c44234a1f4
23e646e89375a582e5c5a19d1bb94768844a0f44f8a8825844bb6841f4e9cc48
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: KmzQm0QRmAKtHNV/2/uumQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Nk/Ebtj25Tqx/mOqEwCHp+NDxmI=
ocsp.digicert.com/
200 OK 471 B IP
Hash 0178fe0ebb0df24ee62cd67faccdc383
d25121befecd6d77962e988f68c871653cba1959
627efd1b332a0296cd7558e08374fabcd7c750683ab6ae22b9d7ab7f3b7537c1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2669
Cache-Control: max-age=111051
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 23:36:57 GMT
Etag: "63f6fcf7-1d7"
Expires: Sat, 25 Feb 2023 06:27:48 GMT
Last-Modified: Thu, 23 Feb 2023 05:43:19 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
googleads.g.doubleclick.net/pagead/html/r20230222/r20190131/zrt_lookup.html
200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20230222/r20190131/zrt_lookup.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20230222/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Thu, 23 Feb 2023 22:26:07 GMT
expires: Thu, 09 Mar 2023 22:26:07 GMT
cache-control: public, max-age=1209600
age: 4250
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
d1j2jv7bvcsxqg.cloudfront.net/ISU9zdWgqIB0TVz0mF0hRfnlCRFpvJQAaBjlyJwYQEBc+Pzx8BAAEOhAWVQESLXJDUwQoIRRITiwhEEhZby4XF1V9aQcFByJyAx8EIC0ZGRwuOFUACXQiHA8BJSMSUFoPel1FTXt/WwIBJyscAhtsfUMbHGx9Q0RYZ39WRipsfUMCASd5R1BbC2pBRRB/e1-ZGKmx9QwcebHwyRFh8YUNcTXt/FBALIiBWRy57f0JFWHh/QlBaeSkaBw0vIAtQWg9+Q0BGeWkGSFk
200 OK 519 B URL HTTP/2 d1j2jv7bvcsxqg.cloudfront.net/ISU9zdWgqIB0TVz0mF0hRfnlCRFpvJQAaBjlyJwYQEBc+Pzx8BAAEOhAWVQESLXJDUwQoIRRITiwhEEhZby4XF1V9aQcFByJyAx8EIC0ZGRwuOFUACXQiHA8BJSMSUFoPel1FTXt/WwIBJyscAhtsfUMbHGx9Q0RYZ39WRipsfUMCASd5R1BbC2pBRRB/e1-ZGKmx9QwcebHwyRFh8YUNcTXt/FBALIiBWRy57f0JFWHh/QlBaeSkaBw0vIAtQWg9+Q0BGeWkGSFk
IP
File type ASCII text, with very long lines (711), with no line terminators
Hash 2b467767569f4babb2733f494489ca99
7c0db5c2a503268fa0d4058514e5a856a9d5a675
6620170c5c4833ed4943b981be4355c7d360923a42b60d6f7bc613b5ea7b0c63
GET /ISU9zdWgqIB0TVz0mF0hRfnlCRFpvJQAaBjlyJwYQEBc+Pzx8BAAEOhAWVQESLXJDUwQoIRRITiwhEEhZby4XF1V9aQcFByJyAx8EIC0ZGRwuOFUACXQiHA8BJSMSUFoPel1FTXt/WwIBJyscAhtsfUMbHGx9Q0RYZ39WRipsfUMCASd5R1BbC2pBRRB/e1-ZGKmx9QwcebHwyRFh8YUNcTXt/FBALIiBWRy57f0JFWHh/QlBaeSkaBw0vIAtQWg9+Q0BGeWkGSFk HTTP/1.1
Host: d1j2jv7bvcsxqg.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://raglassofrum.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 519
date: Thu, 23 Feb 2023 23:36:57 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5YtmxJPGD37DHULX-glWbFhEZpKN4uYiCkpfwSuwWOx5Zcs7L9myQA==
X-Firefox-Spdy: h2
d1j2jv7bvcsxqg.cloudfront.net/BMlUwQW1ROl4nUkY8VHxUBWMEcVUUP0MuA0JoRDYFXTtKLz9ic0Q7CQ9lFi0MXDINZwhcNg1wS1MxUnxZFCFALgYPJVotBFA/XDUKRXNFIFBfOkooAV40FXMrB3sAZF8CfUcoA1Y6RzJIAGVeNUgAZQFxQwJwAwNIAGVHKAMEYRVyLxdnADlbBnADA0gAZU-I3SAEUAXFYHGUZZF8CMlUiBl1wAgdfAmQAcVwCZBVzXVQ8QiQLXS0VcysDZQVvXRQgDXA
200 OK 564 B URL HTTP/2 d1j2jv7bvcsxqg.cloudfront.net/BMlUwQW1ROl4nUkY8VHxUBWMEcVUUP0MuA0JoRDYFXTtKLz9ic0Q7CQ9lFi0MXDINZwhcNg1wS1MxUnxZFCFALgYPJVotBFA/XDUKRXNFIFBfOkooAV40FXMrB3sAZF8CfUcoA1Y6RzJIAGVeNUgAZQFxQwJwAwNIAGVHKAMEYRVyLxdnADlbBnADA0gAZU-I3SAEUAXFYHGUZZF8CMlUiBl1wAgdfAmQAcVwCZBVzXVQ8QiQLXS0VcysDZQVvXRQgDXA
IP
File type ASCII text, with very long lines (789), with no line terminators
Hash 31b9d11ca1015d0f65d777022e38795f
a5fefc7c8792c5dae6c23a1cc551610e51a86421
a39479a65c74a85bc2ceaa0b7d80304d4dd0b4fdeb225565c3ae76935b9fc907
GET /BMlUwQW1ROl4nUkY8VHxUBWMEcVUUP0MuA0JoRDYFXTtKLz9ic0Q7CQ9lFi0MXDINZwhcNg1wS1MxUnxZFCFALgYPJVotBFA/XDUKRXNFIFBfOkooAV40FXMrB3sAZF8CfUcoA1Y6RzJIAGVeNUgAZQFxQwJwAwNIAGVHKAMEYRVyLxdnADlbBnADA0gAZU-I3SAEUAXFYHGUZZF8CMlUiBl1wAgdfAmQAcVwCZBVzXVQ8QiQLXS0VcysDZQVvXRQgDXA HTTP/1.1
Host: d1j2jv7bvcsxqg.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://raglassofrum.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 564
date: Thu, 23 Feb 2023 23:36:57 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TcHMHisSqGeTOXWx4WzA4YUeTe7sQbGEkjcG6Dji5CQyz-Ep_hynLA==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8b071bc9b5482975fd106c517ecf32ce
779e5d086103fe19ae153f50606759302e88a5d9
ec5f6bf09033e5679826614f9fb79d296a69b16b755a428dee36548ca287ec69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 23:36:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 1d6de03255d867fb8344f9dc8f732fcb
74283f272a386fbbf4cc910a990858206e198e5b
92f9d62d4714cbcd874dee5787a1d457e47f06bd9abbbb14edab0be73cf5424e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "92F9D62D4714CBCD874DEE5787A1D457E47F06BD9ABBBB14EDAB0BE73CF5424E"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3124
Expires: Fri, 24 Feb 2023 00:29:01 GMT
Date: Thu, 23 Feb 2023 23:36:57 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e88c5158a176029a61adb32e89caf76d
996e3d1516ee1ce7af7f381a370509c901050146
031925a19f88298430161229d27ff7091945f35a3c294ba8441f238d7959a5fc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 23:36:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70364639-8&cid=1556750835.1677192634&jid=357391695&_v=5.7.2&z=1610587536
302 Found 807 B URL HTTP/2 www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70364639-8&cid=1556750835.1677192634&jid=357391695&_v=5.7.2&z=1610587536
IP
File type gzip compressed data, max compression\012- data
Hash 8155ce5412a1c54fa4b8b3a4ef2bb3f5
5981d6c2975177d5895dbe91f187f8bab445f903
47715cdc067239dbbc1e4bcc5feab9cee0b86979ce226daaf04cf6549c3c1b61
GET /ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70364639-8&cid=1556750835.1677192634&jid=357391695&_v=5.7.2&z=1610587536 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload-4ever.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 23 Feb 2023 23:36:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70364639-8&cid=1556750835.1677192634&jid=357391695&_v=5.7.2&z=1610587536&slf_rd=1&random=3763021252
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5c79f7689efb3e9384d23c012fbb7459
6383d131dec112059c3bb88971dc23ce47bc98f2
4bc466ff7e5773f11ef30dba2c57bb6b76b05964622a087f0fba48686b6b85f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 23:36:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70364639-8&cid=1556750835.1677192634&jid=357391695&_v=5.7.2&z=1610587536&slf_rd=1&random=3763021252
200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70364639-8&cid=1556750835.1677192634&jid=357391695&_v=5.7.2&z=1610587536&slf_rd=1&random=3763021252
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70364639-8&cid=1556750835.1677192634&jid=357391695&_v=5.7.2&z=1610587536&slf_rd=1&random=3763021252 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload-4ever.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 23 Feb 2023 23:36:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5c79f7689efb3e9384d23c012fbb7459
6383d131dec112059c3bb88971dc23ce47bc98f2
4bc466ff7e5773f11ef30dba2c57bb6b76b05964622a087f0fba48686b6b85f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 23:36:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cd04d923e6b3cbd7cac3c56d18ca9016
7d3205fb454124635afcbfcf2265ce504c778ef1
fc857fad800eb3c6f2a3f28007b1b81f2a95e4968d376f47238a681f9c958475
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC857FAD800EB3C6F2A3F28007B1B81F2A95E4968D376F47238A681F9C958475"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3075
Expires: Fri, 24 Feb 2023 00:28:13 GMT
Date: Thu, 23 Feb 2023 23:36:58 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cd04d923e6b3cbd7cac3c56d18ca9016
7d3205fb454124635afcbfcf2265ce504c778ef1
fc857fad800eb3c6f2a3f28007b1b81f2a95e4968d376f47238a681f9c958475
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC857FAD800EB3C6F2A3F28007B1B81F2A95E4968D376F47238A681F9C958475"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3075
Expires: Fri, 24 Feb 2023 00:28:13 GMT
Date: Thu, 23 Feb 2023 23:36:58 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cd04d923e6b3cbd7cac3c56d18ca9016
7d3205fb454124635afcbfcf2265ce504c778ef1
fc857fad800eb3c6f2a3f28007b1b81f2a95e4968d376f47238a681f9c958475
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC857FAD800EB3C6F2A3F28007B1B81F2A95E4968D376F47238A681F9C958475"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3075
Expires: Fri, 24 Feb 2023 00:28:13 GMT
Date: Thu, 23 Feb 2023 23:36:58 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cd04d923e6b3cbd7cac3c56d18ca9016
7d3205fb454124635afcbfcf2265ce504c778ef1
fc857fad800eb3c6f2a3f28007b1b81f2a95e4968d376f47238a681f9c958475
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC857FAD800EB3C6F2A3F28007B1B81F2A95E4968D376F47238A681F9C958475"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3075
Expires: Fri, 24 Feb 2023 00:28:13 GMT
Date: Thu, 23 Feb 2023 23:36:58 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cd04d923e6b3cbd7cac3c56d18ca9016
7d3205fb454124635afcbfcf2265ce504c778ef1
fc857fad800eb3c6f2a3f28007b1b81f2a95e4968d376f47238a681f9c958475
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC857FAD800EB3C6F2A3F28007B1B81F2A95E4968D376F47238A681F9C958475"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3075
Expires: Fri, 24 Feb 2023 00:28:13 GMT
Date: Thu, 23 Feb 2023 23:36:58 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97e8f2e-6da0-4f8b-b12c-1af676e3e4da.jpeg
200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97e8f2e-6da0-4f8b-b12c-1af676e3e4da.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2a5f3d376fe6a3a78a5d1fe136f962fb
3e9b03cc296e954d63526a4e7e75beea3130fc3b
c8cf4f1c0352102764247e4dc5a2076921e0eaa18bfd110e5b0b97a55c706690
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97e8f2e-6da0-4f8b-b12c-1af676e3e4da.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9093
x-amzn-requestid: 3fd9f8c8-cf10-4222-a2cc-5f18ff7b2e9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Az9D3HqmoAMFeBQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f7dbb2-352315613cc0c2bc7eb28e05;Sampled=0
x-amzn-remapped-date: Thu, 23 Feb 2023 21:33:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: bGDTF9U77Y1pmqtYk-yDa2GsiRraTcwCOBV-yAzDPT2PvS89NeCtZg==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Feb 2023 21:34:34 GMT
age: 7344
etag: "3e9b03cc296e954d63526a4e7e75beea3130fc3b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ea61f7d-ec68-49f4-8e9f-24d740192067.jpeg
200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ea61f7d-ec68-49f4-8e9f-24d740192067.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4cdfa9481143f83e3543012da8c2ffcc
1c7e92f2e3c72c2df007b4bc6f8abbecbd4c17d9
0c3cbd232a84ae14d60aeb9d7eeaf5b28c2e935b0e5e254de403a894a31192b6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ea61f7d-ec68-49f4-8e9f-24d740192067.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9163
x-amzn-requestid: 8eef5897-dc18-4365-999b-39e8a45913f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Az9EbHVTIAMFjQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f7dbb5-58071dfe2b930ea640069a0e;Sampled=0
x-amzn-remapped-date: Thu, 23 Feb 2023 21:33:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -jOfqGnyt4JxPT-G9GjL6hU-bBIbNo9KKuGMmBAttL3daNHyLQNAjQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Feb 2023 21:45:49 GMT
age: 6669
etag: "1c7e92f2e3c72c2df007b4bc6f8abbecbd4c17d9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3939c76f-380a-48de-973d-d40eb335f8d8.webp
200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3939c76f-380a-48de-973d-d40eb335f8d8.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e85e6677fdb28086d2e66a4eb09e94c7
1c9f1f69967b2742e0acde12b5d2b6ef1a832519
b58810cad954c4f50923c9c67a47b0dba340f0e2f9056960ed543a2063ab3fbe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3939c76f-380a-48de-973d-d40eb335f8d8.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7797
x-amzn-requestid: bff8a451-dec7-4a03-801a-02f0a5500e66
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Az9djGmZIAMFZeg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f7dc56-2b733a4d220422f86bba72f5;Sampled=0
x-amzn-remapped-date: Thu, 23 Feb 2023 21:36:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: cdSqmiadk-ay6TOaIgdtcNwqP5Z1AJCQ4NZgHVqXcqaAzSxIjQB6aw==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Feb 2023 21:41:05 GMT
etag: "1c9f1f69967b2742e0acde12b5d2b6ef1a832519"
content-type: image/jpeg
age: 6953
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff40ca96b-98d9-479f-b007-81e134852937.jpeg
200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff40ca96b-98d9-479f-b007-81e134852937.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eb7ea2ae5c57468601af7b83ba36df84
06594136d66248e22f809e704863ab093995e804
95d91fe42664b7614d85dd6166cb26f0447dcc9ccb89c9c6849c324a0beddd6c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff40ca96b-98d9-479f-b007-81e134852937.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4486
x-amzn-requestid: 2a23796a-c7b1-4030-aa4a-3082d442f09f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Az9JTFwOoAMFd5g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f7dbd4-7a3e4d161a3deba118b1a7d3;Sampled=0
x-amzn-remapped-date: Thu, 23 Feb 2023 21:34:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cnHHXn8hJ7nNG5xTnYFbqH3tWYtg9wsqcRdecg9zRH6Ahry_ebtfMQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Feb 2023 21:40:50 GMT
age: 6968
etag: "06594136d66248e22f809e704863ab093995e804"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ea4a584-48cb-47f9-b1a1-2f7ad3191105.jpeg
200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ea4a584-48cb-47f9-b1a1-2f7ad3191105.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8e25e8d8dc182454d1977519b9ca1901
9e477e320d6982a734b2d6ac0517cce246173ddf
c4a00609fa03a42e4fc919e89d5ebc0df8718ab5b533952f20fc46332a83c973
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ea4a584-48cb-47f9-b1a1-2f7ad3191105.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8334
x-amzn-requestid: 9a229987-a649-4d3b-ad76-d6d37b4d82b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Az9dPFv3oAMFchQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f7dc54-7877c44f45e497c50f21fa02;Sampled=0
x-amzn-remapped-date: Thu, 23 Feb 2023 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: PmGEEntiQDHewkPQzB3VB6rgFnY-rah9XzXN0SeBoM1jKUdwrzNulw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Feb 2023 21:41:03 GMT
etag: "9e477e320d6982a734b2d6ac0517cce246173ddf"
content-type: image/jpeg
age: 6955
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F137aee85-a8db-4c5c-b88f-0857f7ba3677.jpeg
200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F137aee85-a8db-4c5c-b88f-0857f7ba3677.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 34013daae3d217976ee1f5a9b7f339ba
2f772756bec7dea5018de069d66011fea212ac11
6a3cfb5871a65921559de5db2a58cc2de03f7ff9fa7764e3c63958d721de4639
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F137aee85-a8db-4c5c-b88f-0857f7ba3677.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7920
x-amzn-requestid: 0f05642f-9ffc-4778-8c93-591bc16d04c1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Az9M6E7aoAMFl9g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f7dbeb-1701df8b471a945211701133;Sampled=0
x-amzn-remapped-date: Thu, 23 Feb 2023 21:34:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DqGbw5IZ5QjTdQqoX0ozFMN8qZM2xc7_NwqDtWqz7BFCqAQJtk_Scg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Feb 2023 21:34:36 GMT
etag: "2f772756bec7dea5018de069d66011fea212ac11"
content-type: image/jpeg
age: 7342
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
200 OK 0 B URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: lRcUbgVBi9JJCr7EYXNutBcLEP/tO1UG5FIW/RowfUG3+TF+9USVU1ZvFAhSeM9SIcPHOoP2fILmzJCyR5lCsQ==
date: Thu, 23 Feb 2023 23:36:57 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cagothie.net/?rb=QIWOzN3BSpk3bXu5MZ1CjWEqK5FFIx9CvezN6KAq_lE2bQ_rK6zA8oMYVePhy35CWp-auLfMIC-hkiqtnqnAR-SvRT1ZUf-maoE-N99T5lFu9wuloBRyL_scc8JZoVCwHPybBHgtDYQ_BpGO14jclrtYSHnRXcnjcgHRQKPbcFw27e5nVY_jw0He4lqJq-c-l9bWge9zJ4ttUApAtcJ2gYNtvvvg99ELjMkEqYRve4VYdPgQ&request_ab2=0&zoneid=2726715&js_build=iclick-v1.491&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=4&pl=https%3A%2F%2Fwww.upload-4ever.com%2Foy5tg56hsz0u%2FPES%25206%2520GamePlay.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.491&bs=9ade92dd-e9b2-401b-b024-418bb8d7c67b&userId=221c61d526e8482787141873badcf8d0&m=link
200 OK 0 B URL HTTP/2 cagothie.net/?rb=QIWOzN3BSpk3bXu5MZ1CjWEqK5FFIx9CvezN6KAq_lE2bQ_rK6zA8oMYVePhy35CWp-auLfMIC-hkiqtnqnAR-SvRT1ZUf-maoE-N99T5lFu9wuloBRyL_scc8JZoVCwHPybBHgtDYQ_BpGO14jclrtYSHnRXcnjcgHRQKPbcFw27e5nVY_jw0He4lqJq-c-l9bWge9zJ4ttUApAtcJ2gYNtvvvg99ELjMkEqYRve4VYdPgQ&request_ab2=0&zoneid=2726715&js_build=iclick-v1.491&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=4&pl=https%3A%2F%2Fwww.upload-4ever.com%2Foy5tg56hsz0u%2FPES%25206%2520GamePlay.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.491&bs=9ade92dd-e9b2-401b-b024-418bb8d7c67b&userId=221c61d526e8482787141873badcf8d0&m=link
IP
GET /?rb=QIWOzN3BSpk3bXu5MZ1CjWEqK5FFIx9CvezN6KAq_lE2bQ_rK6zA8oMYVePhy35CWp-auLfMIC-hkiqtnqnAR-SvRT1ZUf-maoE-N99T5lFu9wuloBRyL_scc8JZoVCwHPybBHgtDYQ_BpGO14jclrtYSHnRXcnjcgHRQKPbcFw27e5nVY_jw0He4lqJq-c-l9bWge9zJ4ttUApAtcJ2gYNtvvvg99ELjMkEqYRve4VYdPgQ&request_ab2=0&zoneid=2726715&js_build=iclick-v1.491&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=4&pl=https%3A%2F%2Fwww.upload-4ever.com%2Foy5tg56hsz0u%2FPES%25206%2520GamePlay.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.491&bs=9ade92dd-e9b2-401b-b024-418bb8d7c67b&userId=221c61d526e8482787141873badcf8d0&m=link HTTP/1.1
Host: cagothie.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload-4ever.com/
Origin: https://www.upload-4ever.com
Connection: keep-alive
Cookie: OAID=221c61d526e8482787141873badcf8d0; oaidts=1677192608; syncedCookie=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 23 Feb 2023 23:36:57 GMT
content-type: application/json
x-trace-id: 7a4a2443bf6d618e636cc0cf7bf36361
access-control-allow-origin: https://www.upload-4ever.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=221c61d526e8482787141873badcf8d0; expires=Fri, 23 Feb 2024 23:36:57 GMT; path=/; secure; SameSite=None
oaidts=1677195417; expires=Fri, 23 Feb 2024 23:36:57 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Thu, 02 Mar 2023 23:36:57 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
pogothere.xyz/
200 OK 0 B IP
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload-4ever.com/
Origin: https://www.upload-4ever.com
Connection: keep-alive
Cookie: csu=1042023820949962@1@1677192608
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Feb 2023 23:36:57 GMT
content-type: text/plain
set-cookie: csu=1042023820949962@2@1677192608; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://www.upload-4ever.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KZppS6o0et%2FEhz4YNC0KnbAaKiDKoPBCc6uybJNhkh9pI5voj4X7R4pAVyPjN6znokR2bI2aqHMA%2FCzti7aafut%2FxyJz8vxgbc7i05pyG1%2Fee7yPpUMAHGmyjGTH1Sn4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79e3c95cf83e419a-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cagothie.net/5/2726715/?oo=1&aab=1
200 OK 0 B URL HTTP/2 cagothie.net/5/2726715/?oo=1&aab=1
IP
GET /5/2726715/?oo=1&aab=1 HTTP/1.1
Host: cagothie.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.upload-4ever.com
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Cookie: OAID=221c61d526e8482787141873badcf8d0; oaidts=1677192608; syncedCookie=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Feb 2023 23:36:56 GMT
content-type: application/json
x-trace-id: efe6865d875b53529b0733cd3d3ee714
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://www.upload-4ever.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=221c61d526e8482787141873badcf8d0; expires=Fri, 23 Feb 2024 23:36:56 GMT; path=/; secure; SameSite=None
oaidts=1677192608; expires=Fri, 23 Feb 2024 23:36:56 GMT; path=/; secure; SameSite=None
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
104.21.12.131
142.250.74.132
95.101.11.115
93.184.220.29
157.240.200.35