Network Analysis

GET /1ib2a7 HTTP/1.1 Host: iplogger.org Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx Date: Fri, 23 Apr 2021 01:07:48 GMT Content-Type: image/png Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: PHPSESSID=h6g3fea45tea20omfp2hctfsb0; path=/; HttpOnly Pragma: no-cache Set-Cookie: clhf03028ja=175.208.134.150; expires=Wed, 18-Jul-2029 05:49:51 GMT; Max-Age=259908123; path=/ Set-Cookie: timezone=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ Set-Cookie: timezone=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ Cache-Control: no-cache Expires: Thu, 01 Jan 1970 00:00:01 GMT Answers: whoami: 2d939b5aee78649ba5dcf483ea0aaa5e19e86948b4778e339f04998c89927566 Strict-Transport-Security: max-age=31536000; preload X-Frame-Options: DENY

POST /v1/upload/create_session HTTP/1.1 Host: up.ufile.io Content-Type: application/x-www-form-urlencoded Content-Length: 16 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Fri, 23 Apr 2021 01:07:50 GMT Content-Type: application/json; charset=utf-8 Content-Length: 43 Connection: keep-alive Set-Cookie: __cfduid=ded21f4c5f8147145d2b9fdf1a8cb446c1619140069; expires=Sun, 23-May-21 01:07:49 GMT; path=/; domain=.ufile.io; HttpOnly; SameSite=Lax; Secure Access-Control-Allow-Origin: Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method, Access-Control-Allow-Headers, x-api-key Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, PATCH, DELETE Access-Control-Allow-Credentials: true X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC cf-request-id: 099ddde0be0000eb8dca385000000001 Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ifopkls6IKTqeH6yf1qq%2FLMYRSu9OjfWHU4Os5vPsFCqGTCoEmQLbKP%2FIM6FdP6kEEpVViq1vcdkWws90pfOKiZzsd6TJcUA17EUwlGeBYI8I1zYZi3p"}]} NEL: {"report_to":"cf-nel","max_age":604800} alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 Set-Cookie: __cfduid=d09b566a8c613ca15b1f70ce1ab72e2511619140069; expires=Sun, 23-May-21 01:07:49 GMT; path=/; domain=.ufile.io; HttpOnly; SameSite=Lax; Secure Set-Cookie: __cflb=0H28vJQzgt4wRhVN8rwbSixBAYxN2M9Ho7zPmpisByn; SameSite=None; Secure; path=/; expires=Sat, 24-Apr-21 01:07:50 GMT; HttpOnly Server: cloudflare CF-RAY: 6443327acb2feb8d-LAX

POST /v1/upload/chunk HTTP/1.1 Content-Type: multipart/form-data; boundary=WebKitFormBoundaryu8FzpUGNDgydoA4z Host: up.ufile.io Content-Length: 279975 Cache-Control: no-cache Cookie: __cfduid=d09b566a8c613ca15b1f70ce1ab72e2511619140069; __cflb=0H28vJQzgt4wRhVN8rwbSixBAYxN2M9Ho7zPmpisByn

HTTP/1.1 200 OK Date: Fri, 23 Apr 2021 01:07:53 GMT Content-Type: application/json; charset=utf-8 Content-Length: 24 Connection: keep-alive Access-Control-Allow-Origin: Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method, Access-Control-Allow-Headers, x-api-key Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, PATCH, DELETE Access-Control-Allow-Credentials: true X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC cf-request-id: 099ddde61d0000362ae5399000000001 Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" Report-To: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eKn%2B%2FaKWK7cOOn1YfaG5XMmSqowOw1Cy1khwqeKnm2Zed0b0k%2FhqdKRwUs1vTUVdgw6ufnq99enetOnSKle3cQ%2Fmn59RK9NrDny92lT50URVNaHsfBiL"}],"group":"cf-nel"} NEL: {"max_age":604800,"report_to":"cf-nel"} alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 Server: cloudflare CF-RAY: 644332835c38362a-LAX

POST /v1/upload/finalise HTTP/1.1 Host: up.ufile.io Content-Type: application/x-www-form-urlencoded Content-Length: 108 Cache-Control: no-cache Cookie: __cfduid=d09b566a8c613ca15b1f70ce1ab72e2511619140069; __cflb=0H28vJQzgt4wRhVN8rwbSixBAYxN2M9Ho7zPmpisByn

HTTP/1.1 200 OK Date: Fri, 23 Apr 2021 01:07:54 GMT Content-Type: application/json; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method, Access-Control-Allow-Headers, x-api-key Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, PATCH, DELETE Access-Control-Allow-Credentials: true X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC cf-request-id: 099dddf11d000042eafba3f000000001 Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1EFKp8QO0GNep%2Ffqm7q7XWt72lVs3CdTf%2FsH2rCo2ntyRsVlhlGnezY06bDu8slBxzbc2nP7fpr2B%2BsKqLBWLpK57h%2FPERYGaUywSbf%2F7VloAw6TO3ZR"}],"group":"cf-nel","max_age":604800} NEL: {"report_to":"cf-nel","max_age":604800} alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 Server: cloudflare CF-RAY: 64433294fe3f42ea-LAX

GET /test/includes/image.php HTTP/1.1 Connection: Keep-Alive Host: hirezz.com

HTTP/1.1 200 OK Date: Fri, 23 Apr 2021 01:07:43 GMT Server: nginx/1.19.5 Content-Type: text/html; charset=UTF-8 Content-Length: 12 X-Server-Cache: true X-Proxy-Cache: HIT

GET /test/includes/image.php?id=00009CF9F2321904909678 HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: hirezz.com Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Date: Fri, 23 Apr 2021 01:07:44 GMT Server: nginx/1.19.5 Content-Type: text/html; charset=UTF-8 Vary: Accept-Encoding X-Server-Cache: false Transfer-Encoding: chunked

POST /test/includes/image.php HTTP/1.1 Content-Type: application/octet-stream Content-Encoding: binary Host: hirezz.com Content-Length: 62222 Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Date: Fri, 23 Apr 2021 01:07:46 GMT Server: Apache Content-Length: 2 Content-Type: text/html; charset=UTF-8