upfilesurls.com/yMcmJOj?auth=eyJpdiI6IjF6RWtueXB1cVhKb2cyTkRpK0s5TlE9PSIsInZhbHVlIjoiYjAza0xzNzVYQlQ5VEJoNk9hMVlrQT09IiwibWFjIjoiYzdkZjlhNThkYzJhMGFjOWYxOWZjMGIzZGFlOTY3M2ExZmNhNGRmNDk5YmUxMTAwMTFmODliNGI5NDQ5OGU5OCIsInRhZyI6IiJ9
104.26.8.138301 Moved Permanently 0 B URL HTTP/1.1 upfilesurls.com/yMcmJOj?auth=eyJpdiI6IjF6RWtueXB1cVhKb2cyTkRpK0s5TlE9PSIsInZhbHVlIjoiYjAza0xzNzVYQlQ5VEJoNk9hMVlrQT09IiwibWFjIjoiYzdkZjlhNThkYzJhMGFjOWYxOWZjMGIzZGFlOTY3M2ExZmNhNGRmNDk5YmUxMTAwMTFmODliNGI5NDQ5OGU5OCIsInRhZyI6IiJ9
IP 104.26.8.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /yMcmJOj?auth=eyJpdiI6IjF6RWtueXB1cVhKb2cyTkRpK0s5TlE9PSIsInZhbHVlIjoiYjAza0xzNzVYQlQ5VEJoNk9hMVlrQT09IiwibWFjIjoiYzdkZjlhNThkYzJhMGFjOWYxOWZjMGIzZGFlOTY3M2ExZmNhNGRmNDk5YmUxMTAwMTFmODliNGI5NDQ5OGU5OCIsInRhZyI6IiJ9 HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 23 Mar 2023 07:02:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 23 Mar 2023 08:02:36 GMT
Location: https://upfilesurls.com/yMcmJOj?auth=eyJpdiI6IjF6RWtueXB1cVhKb2cyTkRpK0s5TlE9PSIsInZhbHVlIjoiYjAza0xzNzVYQlQ5VEJoNk9hMVlrQT09IiwibWFjIjoiYzdkZjlhNThkYzJhMGFjOWYxOWZjMGIzZGFlOTY3M2ExZmNhNGRmNDk5YmUxMTAwMTFmODliNGI5NDQ5OGU5OCIsInRhZyI6IiJ9
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GDznvp5%2FoyMRnDk0jBXFVqGP0EGpIF30KX4VcMGv9hiaw5fFttBNQCsp4zTkvoQbmdwNVYAwGKRr3sAYIi4o9fn7oDfgKjL9bEEhXICfowK9HHfecXglty9J9cWpyA%2BGGw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ac4cf4e3a2f0b3d-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bea3185dd820a31c1981317f37c3456d
1a548a5d27270fc11df9011837a7149571cedd78
469b97bf9f57401b3c9571039483589f2815f4794212b75c7c85cfefe0ae71e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "469B97BF9F57401B3C9571039483589F2815F4794212B75C7C85CFEFE0AE71E9"
Last-Modified: Wed, 22 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9931
Expires: Thu, 23 Mar 2023 09:48:07 GMT
Date: Thu, 23 Mar 2023 07:02:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 65fc860bc043f3fb83bdc3debdcd322d
418010755deae099ef1284e402813c5837a10f42
d93d50c523c7f735987aba09db628259441eb75efe713a2df3c214e1fb8b5171
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D93D50C523C7F735987ABA09DB628259441EB75EFE713A2DF3C214E1FB8B5171"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18158
Expires: Thu, 23 Mar 2023 12:05:14 GMT
Date: Thu, 23 Mar 2023 07:02:36 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 23 Mar 2023 06:15:05 GMT
content-type: application/json
age: 2851
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 51a5d4696a6090c295850554508b51ce
c44e143c2223546e64b19f543b8101aaf3b11e97
8794223d5e8d4d276c35e2fdcc24bf99694240634dd749cd9b5bf874dec055cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8794223D5E8D4D276C35E2FDCC24BF99694240634DD749CD9B5BF874DEC055CF"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4915
Expires: Thu, 23 Mar 2023 08:24:31 GMT
Date: Thu, 23 Mar 2023 07:02:36 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: SOqRJYGuJ2ENvC0YwaA1bdmkmUMrd7/zA9+f6rhtQhx2OgVoOy8A5BCfDKW5+iYGoukLDHTNOoI=
x-amz-request-id: DZNJT6ND6MZJSCV4
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 23 Mar 2023 06:53:57 GMT
age: 519
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 07:02:36 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Last-Modified, Retry-After, Content-Length, Alert, Cache-Control, Expires, Content-Type, Backoff, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 23 Mar 2023 06:17:23 GMT
age: 2714
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 23c054d3aee551b6fdc42a5a472a7040
b1a46c12ac7d65c979fd1998bdb243f3dba8f956
9e8b91ab91da9ea20dfb5f90c1c06239d2872b0eb80785534d0c59c3b51de404
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 07:02:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 342da587101df62e3e8f03dc4a87f93d
897c40f31b24adf281b804bbca7f0ffba5b86816
f6b8dde2c506c3ec03517324e93c04058e44e345dae5a52e5f49c97d77455aec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 07:02:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-197252557-1
142.250.74.168200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-197252557-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (2206)
Hash 0f4b1d395f740ffe65e974f2051e6aaf
a409cef2ca833dc46fd72a68c3abfaa7cc7834b7
0a2214a8fd4ab8d870031074d9d4fba5ea46c8c607237f045e05c9cd83dfcfa5
GET /gtag/js?id=UA-197252557-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 23 Mar 2023 07:02:37 GMT
expires: Thu, 23 Mar 2023 07:02:37 GMT
cache-control: private, max-age=900
last-modified: Thu, 23 Mar 2023 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44715
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 050ca4dc2182e0a27573b0d9f32b7834
bec14dc5af0d0b32210470673511acd8db404308
b6129b9d1848f75265dca4446c5399927bdaf15c7b49c083765847b0fe276eaf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B6129B9D1848F75265DCA4446C5399927BDAF15C7B49C083765847B0FE276EAF"
Last-Modified: Wed, 22 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4344
Expires: Thu, 23 Mar 2023 08:15:01 GMT
Date: Thu, 23 Mar 2023 07:02:37 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 23c054d3aee551b6fdc42a5a472a7040
b1a46c12ac7d65c979fd1998bdb243f3dba8f956
9e8b91ab91da9ea20dfb5f90c1c06239d2872b0eb80785534d0c59c3b51de404
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 07:02:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2bf720e7071dad850fc429477099930e
f0e7993448f05e0fc34d5af3460dbd709a2168aa
e55ea63fda175f8ebbd5485b96f2a0bdb5107508779a3dc93a416424aac72a8a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E55EA63FDA175F8EBBD5485B96F2A0BDB5107508779A3DC93A416424AAC72A8A"
Last-Modified: Wed, 22 Mar 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3892
Expires: Thu, 23 Mar 2023 08:07:29 GMT
Date: Thu, 23 Mar 2023 07:02:37 GMT
Connection: keep-alive
d18kg2zy9x3t96.cloudfront.net/?yzgkd=978153
54.230.245.57200 OK 101 kB URL HTTP/2 d18kg2zy9x3t96.cloudfront.net/?yzgkd=978153
IP 54.230.245.57:0
File type Unicode text, UTF-8 text, with very long lines (15948)
Size 101 kB (100903 bytes)
Hash a2c3d0b47b5d89f27ae439b596391f26
d15a656ac7d0e2fa64c92f575910f04a2a54328b
435fa219edc055d7da9e1dbb504efd2830be599a00eaa10e0ed5b5a6fbebbc18
GET /?yzgkd=978153 HTTP/1.1
Host: d18kg2zy9x3t96.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 100903
date: Thu, 23 Mar 2023 07:02:37 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -0pEV-sf4mvoYwOP6k-yiHtKxj0ZfsDyijomTSqzjA1ZCtfVdqdMUA==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 342da587101df62e3e8f03dc4a87f93d
897c40f31b24adf281b804bbca7f0ffba5b86816
f6b8dde2c506c3ec03517324e93c04058e44e345dae5a52e5f49c97d77455aec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 07:02:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cschyogh.com/1clkn/34742
142.91.159.92200 OK 26 B IP 142.91.159.92:0
File type ASCII text, with no line terminators
Hash 414a242a6fee8464282857e475d3ef61
f669890350347f53aa9bd19c1a355692e8d17d2f
d4914e81dd0b4c1d8ee8e789f6b369d107b93ac886f862930e1a98580e79aafa
GET /1clkn/34742 HTTP/1.1
Host: cschyogh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 07:02:37 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Fri, 24-Mar-2023 07:02:37 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJw9i7sOgkAURAENEQXMJH6APyA%2BgoWtWhoojPUG8Wo2wl7Crg%2F8elETq5mcOWNZljMK4cgK%2FmoerWZRvIjmyxidCzGcJIWf802ZuhEqKwluwvUja%2BDWdJGsAgx%2BReR8IvSTdHJQV8UP9R8%2BtwDdXJomgPeJrxv20JG6Qrgu5HO85%2BJmWlvDU2SErohO8DbZsaDpdr9D%2BKffs2ujJ7Woan42bR8aWdKLFQk%2BnzWZFtl313kDsc5BIg%3D%3D; expires=Fri, 24-Mar-2023 07:02:37 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
upfilesurls.com/js/ads.js
104.26.8.138200 OK 2.1 kB URL HTTP/2 upfilesurls.com/js/ads.js
IP 104.26.8.138:0
File type ASCII text, with very long lines (1544), with no line terminators
Hash 5e26852b6a75cdd284982f5f2f4f79ba
dfd720a5132af2da4c514140048c7541997aad6e
baaded73b795b0ac15bc8090a028fab2bd5ae5978ca9f146af44becf96e0d520
Analyzer Verdict Alert fortinet Malware
GET /js/ads.js HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/yMcmJOj
Cookie: auth=eyJpdiI6IjF6RWtueXB1cVhKb2cyTkRpK0s5TlE9PSIsInZhbHVlIjoiYjAza0xzNzVYQlQ5VEJoNk9hMVlrQT09IiwibWFjIjoiYzdkZjlhNThkYzJhMGFjOWYxOWZjMGIzZGFlOTY3M2ExZmNhNGRmNDk5YmUxMTAwMTFmODliNGI5NDQ5OGU5OCIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6ImQzclBNOUZPSmdlS1JOWTd2dUdxY1E9PSIsInZhbHVlIjoiZVRsam9uckt3QnJQVHkyc09aWTFuVVFkeHRaVnhHZDZDRVBZeDFzcUlHNkttUllRaVVaQ0YzYjcydUdDb1hlTGZ3UUVBVFcvWGlVM0xBSXlCZ1dqSG1sVWF0OEk2aVVzQklFaCt1SFdldWgyS0tFeCtYSTBPN3hoa0VFb0x0SHYiLCJtYWMiOiJiMmZjYjJiODJmY2FjZjYzNTgwNWRkY2RhYmM2MWJiYzc1MDFiZjQ2ZTcxMjJhZTg1OTNlNzhiNGU2Mzg3OWNkIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6IlNseFZEN05rN3NLbnpJZEY5djY3SEE9PSIsInZhbHVlIjoibisxSVlha3diajc5Ly9QY1FXc1YrOFAxL1VORkVWakx5Vk1iQ0ZsZERRWlhrT1JsZ2liRHVOa3ZwME1hODZRdHZDelAxR2x2dlJONlh2MXVVK2xmNFRBNzZvUzhXWjRuQ011Z2dtT1hOY2l0NDdZRnZubzB6Z2xlZGQwTktFM2QiLCJtYWMiOiI0ZGE1MTkzYzQyOWI5YmM1NmUyOWY5NzZjYzE5YmQ2NTFmY2ZjNjkwYTAxMWI3NTM4YjQyYzQyOGYzODU3NzJlIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 07:02:37 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-bgj: minify
etag: W/"63baab19-608"
last-modified: Sun, 08 Jan 2023 11:38:01 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Accept-Encoding
cf-cache-status: HIT
age: 1151901
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g0LUitwGZi09Oy9g%2BkxR8%2BVWR0acYRfwW5Sbw3PuCE2kYlW1IgAO8%2BD2e54%2Fw5djNU618Vnd2qKJXTVGbvZytDlVttojUeCXfxaCdvvg9ygfDKFa4q9YgLYrCeLTJ3nYKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ac4cf525efcb4ed-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfilesurls.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Mar 2023 18:05:11 GMT
expires: Thu, 21 Mar 2024 18:05:11 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 46646
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 097d447e049e3b41f92a4695b1b0c3c7
f39c9ef8d22bee41d940bf719c75b2cfae9291d5
459e0e586fca9a4720e4e25fa59978368c9d373ee86575a7b40d0ef4262043ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 07:02:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 097d447e049e3b41f92a4695b1b0c3c7
f39c9ef8d22bee41d940bf719c75b2cfae9291d5
459e0e586fca9a4720e4e25fa59978368c9d373ee86575a7b40d0ef4262043ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 07:02:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 097d447e049e3b41f92a4695b1b0c3c7
f39c9ef8d22bee41d940bf719c75b2cfae9291d5
459e0e586fca9a4720e4e25fa59978368c9d373ee86575a7b40d0ef4262043ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 07:02:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfilesurls.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 20 Mar 2023 14:12:20 GMT
expires: Tue, 19 Mar 2024 14:12:20 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 233417
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
216.58.207.227200 OK 38 kB URL HTTP/2 fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 37924, version 1.0\012- data
Hash e08be6d5d433944f7ad52902e4d24db5
e2600c1d60d12d397b3ee44411a021231d71e974
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
GET /s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfilesurls.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 37924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Mar 2023 18:05:11 GMT
expires: Thu, 21 Mar 2024 18:05:11 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
content-type: font/woff2
age: 46646
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 097d447e049e3b41f92a4695b1b0c3c7
f39c9ef8d22bee41d940bf719c75b2cfae9291d5
459e0e586fca9a4720e4e25fa59978368c9d373ee86575a7b40d0ef4262043ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 07:02:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfilesurls.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Mar 2023 18:05:11 GMT
expires: Thu, 21 Mar 2024 18:05:11 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 46646
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
upfilesurls.com/images/arrow-down.png?c98e5283a69cb508d054d30256af43c6
104.26.8.138200 OK 208 B URL HTTP/2 upfilesurls.com/images/arrow-down.png?c98e5283a69cb508d054d30256af43c6
IP 104.26.8.138:0
File type PNG image data, 6 x 12, 8-bit/color RGBA, non-interlaced\012- data
Hash 31f073499665afb237f3294219d2d7c6
c1ada0510e31f661dab66203c15a3d6c8f5468d0
59b7ad6d6f457b624e25d22959edc7c83af2ac52edba32fd6648c97af0d1780c
Analyzer Verdict Alert fortinet Malware
GET /images/arrow-down.png?c98e5283a69cb508d054d30256af43c6 HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/css/frontend.css?id=2396ffb76e738e465b53
Cookie: auth=eyJpdiI6IjF6RWtueXB1cVhKb2cyTkRpK0s5TlE9PSIsInZhbHVlIjoiYjAza0xzNzVYQlQ5VEJoNk9hMVlrQT09IiwibWFjIjoiYzdkZjlhNThkYzJhMGFjOWYxOWZjMGIzZGFlOTY3M2ExZmNhNGRmNDk5YmUxMTAwMTFmODliNGI5NDQ5OGU5OCIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6ImQzclBNOUZPSmdlS1JOWTd2dUdxY1E9PSIsInZhbHVlIjoiZVRsam9uckt3QnJQVHkyc09aWTFuVVFkeHRaVnhHZDZDRVBZeDFzcUlHNkttUllRaVVaQ0YzYjcydUdDb1hlTGZ3UUVBVFcvWGlVM0xBSXlCZ1dqSG1sVWF0OEk2aVVzQklFaCt1SFdldWgyS0tFeCtYSTBPN3hoa0VFb0x0SHYiLCJtYWMiOiJiMmZjYjJiODJmY2FjZjYzNTgwNWRkY2RhYmM2MWJiYzc1MDFiZjQ2ZTcxMjJhZTg1OTNlNzhiNGU2Mzg3OWNkIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6IlNseFZEN05rN3NLbnpJZEY5djY3SEE9PSIsInZhbHVlIjoibisxSVlha3diajc5Ly9QY1FXc1YrOFAxL1VORkVWakx5Vk1iQ0ZsZERRWlhrT1JsZ2liRHVOa3ZwME1hODZRdHZDelAxR2x2dlJONlh2MXVVK2xmNFRBNzZvUzhXWjRuQ011Z2dtT1hOY2l0NDdZRnZubzB6Z2xlZGQwTktFM2QiLCJtYWMiOiI0ZGE1MTkzYzQyOWI5YmM1NmUyOWY5NzZjYzE5YmQ2NTFmY2ZjNjkwYTAxMWI3NTM4YjQyYzQyOGYzODU3NzJlIiwidGFnIjoiIn0%3D; ab=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 07:02:37 GMT
content-type: image/png
content-length: 208
last-modified: Fri, 08 Apr 2022 10:55:45 GMT
etag: "625014b1-d0"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 2387243
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UlYwSGC%2FJXWmyeZAk9wnl3BytrfB46zSI7xVHgb7GEj5vdCfy9kYemYbomSFcD9aLiUWpodr7BLsnc8pl4Ffuff5%2BNdoqdOF50D88wHIuJzt4rcyEpROY%2BBlp0f8dtxqyA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac4cf552a6eb4ed-OSL
X-Firefox-Spdy: h2
ishedtotigai.info/eVJOYURWbS0SeR1idycSPioGBSoBORk0Hkw2fCsgKzx/Fh1INWgVLR1vd1ZwT2B6RzQQNnNQYgomLxUxCm9/Ry0XNCFcYg9vf093TXx9U2pLdDtcdV8mPgAjRGNoETANPnNQck5re1RwQGR6WHZO
104.21.11.226204 No Content 0 B URL HTTP/2 ishedtotigai.info/eVJOYURWbS0SeR1idycSPioGBSoBORk0Hkw2fCsgKzx/Fh1INWgVLR1vd1ZwT2B6RzQQNnNQYgomLxUxCm9/Ry0XNCFcYg9vf093TXx9U2pLdDtcdV8mPgAjRGNoETANPnNQck5re1RwQGR6WHZO
IP 104.21.11.226:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /eVJOYURWbS0SeR1idycSPioGBSoBORk0Hkw2fCsgKzx/Fh1INWgVLR1vd1ZwT2B6RzQQNnNQYgomLxUxCm9/Ry0XNCFcYg9vf093TXx9U2pLdDtcdV8mPgAjRGNoETANPnNQck5re1RwQGR6WHZO HTTP/1.1
Host: ishedtotigai.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 23 Mar 2023 07:02:37 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FVxrV7C5O34fZIjRiq2OvIYWjsLBes5WH4%2F%2BD2WQbHJw6J1q%2BBjSA%2BUKM5Cx1G1BKx3BME1WGGU9Bc7krUBvB%2BIX7IzWEhp85NFiU%2F8l3jlzC1k9z8QT%2BQLa2JcFDkf2ph2JZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ac4cf54cf84b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ishedtotigai.info/S3k3aGtkRlQbVikxVFg+ID9SPBwzEFNZGxs7cCYTHBJyIAolEhEcAi9EDl9TekwEThsiHQpZTTgNVhweOEQGTgIlH1hVTT1EBkZYf1cEWkV5X0JVWm0NRwkMdkgRGB8/FQpZXXxAAl1fck8DUVtz
104.21.11.226204 No Content 0 B URL HTTP/2 ishedtotigai.info/S3k3aGtkRlQbVikxVFg+ID9SPBwzEFNZGxs7cCYTHBJyIAolEhEcAi9EDl9TekwEThsiHQpZTTgNVhweOEQGTgIlH1hVTT1EBkZYf1cEWkV5X0JVWm0NRwkMdkgRGB8/FQpZXXxAAl1fck8DUVtz
IP 104.21.11.226:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /S3k3aGtkRlQbVikxVFg+ID9SPBwzEFNZGxs7cCYTHBJyIAolEhEcAi9EDl9TekwEThsiHQpZTTgNVhweOEQGTgIlH1hVTT1EBkZYf1cEWkV5X0JVWm0NRwkMdkgRGB8/FQpZXXxAAl1fck8DUVtz HTTP/1.1
Host: ishedtotigai.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 23 Mar 2023 07:02:37 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GZrntYXLhhS%2BGmh3SosBvlzEPmg1WuRD0RtzXywte0QGna5NF2cBZ61oXVPMLNsPFX0VhMfqvcsRgH800ldhFrGGq1c9%2BCIObK0IK7za9Rl2iXvwdUtvR5xnqea04iGFQE61Og%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ac4cf54bf75b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.34.229.200101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.34.229.200:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: xJva4DQeOiSrDkeQ97HWJA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: dc02PhAluiKn4AqgaZYjuHhwXgc=
tanceteventu.com/MVNqMnFQMQlfTlBuCBQEQz9XF0N3dlh0FQBrAVVDSypTSkJFalwcEl08H1YXQzwERl9fNh4XQ3c1CFkrXAQHXT96Ag0KJ2M8HHMcVQc9ajtgMiwHOH0RPwMzc2ZddBhaJSJISGQbEAIcaBEjVTVdHVhjNWgfK3E3UzUrCjB7BR5AJXBrA3A2VTY5djhmHTt0JX0RIwIzWWNScwtoHS5lMGUcW1E1egEdSDNWGgRjQ1YgPQAZZjVbWhRTOy9IM3A8GnciXQMyeih4HwELElU/DkMjd2YAZCNZAzJ6KGMeHWAoUjgkQjp0J1pkGHswPV8/ZxQvCxJVO0djAmViWnonAyMMYzlrAwwDGVQaO39EcAIsWCdzKzNqH1UEC14FVDdafB5mNA1EN3VrJ3MlBBcLcQlXNwZ8QWY4DUgmAyBMWAJePRoPAUIWG0tDdAQi
18.66.147.117200 OK 1.2 kB URL HTTP/2 tanceteventu.com/MVNqMnFQMQlfTlBuCBQEQz9XF0N3dlh0FQBrAVVDSypTSkJFalwcEl08H1YXQzwERl9fNh4XQ3c1CFkrXAQHXT96Ag0KJ2M8HHMcVQc9ajtgMiwHOH0RPwMzc2ZddBhaJSJISGQbEAIcaBEjVTVdHVhjNWgfK3E3UzUrCjB7BR5AJXBrA3A2VTY5djhmHTt0JX0RIwIzWWNScwtoHS5lMGUcW1E1egEdSDNWGgRjQ1YgPQAZZjVbWhRTOy9IM3A8GnciXQMyeih4HwELElU/DkMjd2YAZCNZAzJ6KGMeHWAoUjgkQjp0J1pkGHswPV8/ZxQvCxJVO0djAmViWnonAyMMYzlrAwwDGVQaO39EcAIsWCdzKzNqH1UEC14FVDdafB5mNA1EN3VrJ3MlBBcLcQlXNwZ8QWY4DUgmAyBMWAJePRoPAUIWG0tDdAQi
IP 18.66.147.117:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3035), with no line terminators
Hash f3b9feca8e4d14687685264b5334fa86
0b828e025f8cf7fab9a543f075cfbc6756d7c336
a403c4635fbbd7436a1ae9a859c4fc7ef8b830599ab8a0a0f3336101d5050165
GET /MVNqMnFQMQlfTlBuCBQEQz9XF0N3dlh0FQBrAVVDSypTSkJFalwcEl08H1YXQzwERl9fNh4XQ3c1CFkrXAQHXT96Ag0KJ2M8HHMcVQc9ajtgMiwHOH0RPwMzc2ZddBhaJSJISGQbEAIcaBEjVTVdHVhjNWgfK3E3UzUrCjB7BR5AJXBrA3A2VTY5djhmHTt0JX0RIwIzWWNScwtoHS5lMGUcW1E1egEdSDNWGgRjQ1YgPQAZZjVbWhRTOy9IM3A8GnciXQMyeih4HwELElU/DkMjd2YAZCNZAzJ6KGMeHWAoUjgkQjp0J1pkGHswPV8/ZxQvCxJVO0djAmViWnonAyMMYzlrAwwDGVQaO39EcAIsWCdzKzNqH1UEC14FVDdafB5mNA1EN3VrJ3MlBBcLcQlXNwZ8QWY4DUgmAyBMWAJePRoPAUIWG0tDdAQi HTTP/1.1
Host: tanceteventu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1186
date: Thu, 23 Mar 2023 07:02:37 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: XO9FtqeTkTWATW91W_zQoInx2Gf43uie0CIdRwhxvkNRCv4fwwZLpg==
X-Firefox-Spdy: h2
tanceteventu.com/a0FWNFUKIzVZagp8NBIgGS1rEWctZGRyMVp5PVNnEThvTGYfeGAaNgcuI1AzGS44QHsFJCIRZy0pB2IlIRU9QzwlEjVbNhEULHgNJXAyWR9fJGUNOyYFOVwcAQc4dyw6ZGR2MSlxLHIsA3UbBzkEDhJHcFkDMnxgGg0CRzsgGRBaBRIiIlcNKXkddzoeJxEBIyQrIUEYMxA9exZTcxleBBsNAgQkCgU9Uw8SED56PAxzHGdsGyIuTG0yCS5fNCMtO3ssDHEaZxBcDDgNYg0oHwUzWDVzBhcNGRAEMDw1cwYTKnJvAzMBMjl6HVJ3N2wcMiMeTG0kFi4NNFh5ElJmRjVzBhc7KzIRZy0kMQ1sCBZvWjMGFz1VHQAxHWccEws7QHBZAxQGPV4nZUwtCnI6EWctIA56JCc4NRFnKQsSQzglLDpOHSMpcwYXDhZvRTcRNS5XFE0rJVs7G3wUXideBixtMVIoZg
18.66.147.117200 OK 1.2 kB URL HTTP/2 tanceteventu.com/a0FWNFUKIzVZagp8NBIgGS1rEWctZGRyMVp5PVNnEThvTGYfeGAaNgcuI1AzGS44QHsFJCIRZy0pB2IlIRU9QzwlEjVbNhEULHgNJXAyWR9fJGUNOyYFOVwcAQc4dyw6ZGR2MSlxLHIsA3UbBzkEDhJHcFkDMnxgGg0CRzsgGRBaBRIiIlcNKXkddzoeJxEBIyQrIUEYMxA9exZTcxleBBsNAgQkCgU9Uw8SED56PAxzHGdsGyIuTG0yCS5fNCMtO3ssDHEaZxBcDDgNYg0oHwUzWDVzBhcNGRAEMDw1cwYTKnJvAzMBMjl6HVJ3N2wcMiMeTG0kFi4NNFh5ElJmRjVzBhc7KzIRZy0kMQ1sCBZvWjMGFz1VHQAxHWccEws7QHBZAxQGPV4nZUwtCnI6EWctIA56JCc4NRFnKQsSQzglLDpOHSMpcwYXDhZvRTcRNS5XFE0rJVs7G3wUXideBixtMVIoZg
IP 18.66.147.117:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3040), with no line terminators
Hash 1049d29c6a58b3a2b069b0a8d7b9d738
7c103473451538c88e171d14cdefdc3ce3365daa
a657de345c5e5e58efb120b1ca0e849099579abe30da986b589f46b0b4473211
GET /a0FWNFUKIzVZagp8NBIgGS1rEWctZGRyMVp5PVNnEThvTGYfeGAaNgcuI1AzGS44QHsFJCIRZy0pB2IlIRU9QzwlEjVbNhEULHgNJXAyWR9fJGUNOyYFOVwcAQc4dyw6ZGR2MSlxLHIsA3UbBzkEDhJHcFkDMnxgGg0CRzsgGRBaBRIiIlcNKXkddzoeJxEBIyQrIUEYMxA9exZTcxleBBsNAgQkCgU9Uw8SED56PAxzHGdsGyIuTG0yCS5fNCMtO3ssDHEaZxBcDDgNYg0oHwUzWDVzBhcNGRAEMDw1cwYTKnJvAzMBMjl6HVJ3N2wcMiMeTG0kFi4NNFh5ElJmRjVzBhc7KzIRZy0kMQ1sCBZvWjMGFz1VHQAxHWccEws7QHBZAxQGPV4nZUwtCnI6EWctIA56JCc4NRFnKQsSQzglLDpOHSMpcwYXDhZvRTcRNS5XFE0rJVs7G3wUXideBixtMVIoZg HTTP/1.1
Host: tanceteventu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1192
date: Thu, 23 Mar 2023 07:02:37 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: FAkMKmenxE61bdH8STwS23oUv6FN1sbZ7yi2HpOLx5cEbBWVFtJQPg==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f2291e02f435b0bdb6011e603864baad
19ae57ac8d9ea408223585681b9e2817e1f62bc7
d5663bc90dbebbaf53efee21e092f700f54a4b7325cb1b6592143b1b91b17034
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 07:02:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f2291e02f435b0bdb6011e603864baad
19ae57ac8d9ea408223585681b9e2817e1f62bc7
d5663bc90dbebbaf53efee21e092f700f54a4b7325cb1b6592143b1b91b17034
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 07:02:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 2.1 kB IP 142.250.74.131:0
Hash 37ffe057c979e6590553db6af80315a8
14cecd13785830f98587103053758576f9bc10ac
f7437b71e48920519aa7585888ea0a18255937576e01812c5c2a3c3788f57024
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 07:02:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b78428feb1b60ffd0c930406179e032d
760a2c90acadf62dd810122c1e8bc3db13d41ab7
8b0dbe256fc4333e2d40deb9dd378ea320638289d926b0b59cdc83862b873766
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 07:02:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 6e965ba75b84abf96ca0d83da48d2fbb
4c2eb4c06cabee4d0f0606e88e9e074e2f767168
4b39bfe671df590e9c5baf75008d76f4272d8ffbafd7108e7592f8165b6806c6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1845
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 07:02:37 GMT
Etag: "641b0ce4-1d7"
Last-Modified: Thu, 23 Mar 2023 06:31:52 GMT
Server: ECAcc (ska/F756)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d09ed5b5ccfa429cf3ded7d6634ce586
e1d26f666c2b0ecf75aa847b3ee907c41514b588
b5536c7e81811b1a5ffeb8dcc80a08f14b4c5ed5ddb2c53b4b52f84c721beeed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 07:02:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
142.250.74.131200 OK 585 B URL HTTP/2 www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
IP 142.250.74.131:0
File type ASCII text, with very long lines (921), with no line terminators
Hash 7c54c4f36e9734741609896c481b17ac
2795d605aa890621f38a3c3749e82e06e1957750
731a247e8bc1bf4be584ea494c58a7940ed75a36d6e306d008a524ad69661253
GET /recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit HTTP/1.1
Host: www.recaptcha.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Thu, 23 Mar 2023 07:02:37 GMT
date: Thu, 23 Mar 2023 07:02:37 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 585
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
172.217.21.162200 OK 165 B URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 172.217.21.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9fa69d93276429f7961258e2e4b77177
5afbb7e191208161d183cbbaec3fe7e1a21f9d2b
c919a0f408f644621f7c2c3ae07ab2ff205e1d7daae14ce12d5e3f4bd586e285
HEAD /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 23 Mar 2023 07:02:37 GMT
expires: Thu, 23 Mar 2023 07:02:37 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 7073304282953736469
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 48724
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tanceteventu.com/utx?cb=y8pVVRWWNjaW&top=upfilesurls.com&tid=974624
18.66.147.117204 No Content 0 B URL HTTP/2 tanceteventu.com/utx?cb=y8pVVRWWNjaW&top=upfilesurls.com&tid=974624
IP 18.66.147.117:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=y8pVVRWWNjaW&top=upfilesurls.com&tid=974624 HTTP/1.1
Host: tanceteventu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 23 Mar 2023 07:02:37 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://upfilesurls.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Thu, 23 Mar 2023 07:03:37 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: DYU1WdRRy-tw4CVGVDqRsNC5LWeLA67aKzATpQKBY8umE6Cj_HJ7vQ==
X-Firefox-Spdy: h2
tanceteventu.com/utx?cb=ImudybxciNbO&top=upfilesurls.com&tid=978153
18.66.147.117204 No Content 0 B URL HTTP/2 tanceteventu.com/utx?cb=ImudybxciNbO&top=upfilesurls.com&tid=978153
IP 18.66.147.117:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=ImudybxciNbO&top=upfilesurls.com&tid=978153 HTTP/1.1
Host: tanceteventu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 23 Mar 2023 07:02:37 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://upfilesurls.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Thu, 23 Mar 2023 07:03:37 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: 7CLb0hPhuRv7pNbMvwLKzWe7DInLcT4_pmcLU_7OmFxfmL6K8oFT-Q==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b78428feb1b60ffd0c930406179e032d
760a2c90acadf62dd810122c1e8bc3db13d41ab7
8b0dbe256fc4333e2d40deb9dd378ea320638289d926b0b59cdc83862b873766
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 07:02:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9f0607231b4674d2bfb5a6798b0b4093
6c14f5c952e413365703144951b09b7126ff8e2d
869816689cb9507d294d69f953e8ea33452a177d405816ad86f729b123ceaa98
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 07:02:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d09ed5b5ccfa429cf3ded7d6634ce586
e1d26f666c2b0ecf75aa847b3ee907c41514b588
b5536c7e81811b1a5ffeb8dcc80a08f14b4c5ed5ddb2c53b4b52f84c721beeed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 07:02:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d18kg2zy9x3t96.cloudfront.net/fbkZmWmoNKQg8VRovAmdTWXJQaF5ILBU1BB57FikvHz9UHz0mYBIgDlN2QDYLACFbfA8AJVtrTA8iBGdeSDIWNQFTLBI0Bh08AzYNDWATO1cDKRwzBgInQ2gsW2hWf1hebhEzBAopESlPXHYILk9cdldqRF5jVRhPXHYRMwRYckNpKEt0ViJcWmNVGE9cdh-QsT10HV2pfQHZPf1heIQM5AQFjVBxYXndWalted0NoWggvFD8MAT5DaCxfdlN0WkgzW2s
54.230.245.57200 OK 597 B URL HTTP/2 d18kg2zy9x3t96.cloudfront.net/fbkZmWmoNKQg8VRovAmdTWXJQaF5ILBU1BB57FikvHz9UHz0mYBIgDlN2QDYLACFbfA8AJVtrTA8iBGdeSDIWNQFTLBI0Bh08AzYNDWATO1cDKRwzBgInQ2gsW2hWf1hebhEzBAopESlPXHYILk9cdldqRF5jVRhPXHYRMwRYckNpKEt0ViJcWmNVGE9cdh-QsT10HV2pfQHZPf1heIQM5AQFjVBxYXndWalted0NoWggvFD8MAT5DaCxfdlN0WkgzW2s
IP 54.230.245.57:0
File type ASCII text, with very long lines (833), with no line terminators
Hash 037de337d5d5fa3a8d8dbd9cd16a2e3e
7d04db19e913a7ae8e4f788fc9b4279f716162dd
5e3b349e53725e279477decbc8bae33bac4079efad01eba50e3bc4b36f78aa9f
GET /fbkZmWmoNKQg8VRovAmdTWXJQaF5ILBU1BB57FikvHz9UHz0mYBIgDlN2QDYLACFbfA8AJVtrTA8iBGdeSDIWNQFTLBI0Bh08AzYNDWATO1cDKRwzBgInQ2gsW2hWf1hebhEzBAopESlPXHYILk9cdldqRF5jVRhPXHYRMwRYckNpKEt0ViJcWmNVGE9cdh-QsT10HV2pfQHZPf1heIQM5AQFjVBxYXndWalted0NoWggvFD8MAT5DaCxfdlN0WkgzW2s HTTP/1.1
Host: d18kg2zy9x3t96.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tanceteventu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 597
date: Thu, 23 Mar 2023 07:02:37 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tUuk3ANFrRuknrxfoVSsuFEDMIGS_FDMn4VaziIxCvkCjLTFa3r5-A==
X-Firefox-Spdy: h2
d18kg2zy9x3t96.cloudfront.net/hQVpJTkwiNScoczUzLXN1dmJ4e39nMDohIjFnCyQ+dB0zFyh4M3loODs+dH5qLTsnKXFnPyctcXB8KCoufG5vOjwuMXQkOC82OjQpLT0qaDkgZyQhNig2JS9pcxx8YHxkaHlmOyg0LSE7Mn97fiI1f3t+fXF0eWt/A397fjsoNH96aXIYbHx8OWx9a38Df3-t+Pjd/eg99cW9nfmVkaHkpKSIxJmt+B2h5f3xxa3l/aXNqLyc+JDwmNmlzHHh+eW9qbztxcA
54.230.245.57200 OK 584 B URL HTTP/2 d18kg2zy9x3t96.cloudfront.net/hQVpJTkwiNScoczUzLXN1dmJ4e39nMDohIjFnCyQ+dB0zFyh4M3loODs+dH5qLTsnKXFnPyctcXB8KCoufG5vOjwuMXQkOC82OjQpLT0qaDkgZyQhNig2JS9pcxx8YHxkaHlmOyg0LSE7Mn97fiI1f3t+fXF0eWt/A397fjsoNH96aXIYbHx8OWx9a38Df3-t+Pjd/eg99cW9nfmVkaHkpKSIxJmt+B2h5f3xxa3l/aXNqLyc+JDwmNmlzHHh+eW9qbztxcA
IP 54.230.245.57:0
File type ASCII text, with very long lines (819), with no line terminators
Hash 4994f07278792acd6bcc40d59dbd22ae
7599144f7673b2d3b33ac6991dafbfba74fa3473
2bd89d58da1485857fd56c1fdc39080d65dd717900362a8dae3375ebb8c4b93d
GET /hQVpJTkwiNScoczUzLXN1dmJ4e39nMDohIjFnCyQ+dB0zFyh4M3loODs+dH5qLTsnKXFnPyctcXB8KCoufG5vOjwuMXQkOC82OjQpLT0qaDkgZyQhNig2JS9pcxx8YHxkaHlmOyg0LSE7Mn97fiI1f3t+fXF0eWt/A397fjsoNH96aXIYbHx8OWx9a38Df3-t+Pjd/eg99cW9nfmVkaHkpKSIxJmt+B2h5f3xxa3l/aXNqLyc+JDwmNmlzHHh+eW9qbztxcA HTTP/1.1
Host: d18kg2zy9x3t96.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tanceteventu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 584
date: Thu, 23 Mar 2023 07:02:37 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: AZsSEjk-cPyY6cDDW-ndsLD2MBNfTKgiWoF5W0L8e6awtDghcmH7zA==
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 6e965ba75b84abf96ca0d83da48d2fbb
4c2eb4c06cabee4d0f0606e88e9e074e2f767168
4b39bfe671df590e9c5baf75008d76f4272d8ffbafd7108e7592f8165b6806c6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3089
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 07:02:37 GMT
Last-Modified: Thu, 23 Mar 2023 06:11:08 GMT
Server: ECAcc (ska/F6AF)
X-Cache: HIT
Content-Length: 471
d18kg2zy9x3t96.cloudfront.net/?yzgkd=978153
54.230.245.57200 OK 101 kB URL HTTP/2 d18kg2zy9x3t96.cloudfront.net/?yzgkd=978153
IP 54.230.245.57:0
File type Unicode text, UTF-8 text, with very long lines (15948)
Size 101 kB (100906 bytes)
Hash d037037b6604bc015f6fde1fc7ee7ba6
36ebeaba3a41862736e98535dd4ea105651929ae
5f42bbc77a6133380ba0725f6f60f0bd7c1a86163ffcdb27a3bb75f84285f366
GET /?yzgkd=978153 HTTP/1.1
Host: d18kg2zy9x3t96.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Origin: https://upfilesurls.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 100906
date: Thu, 23 Mar 2023 07:02:37 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://upfilesurls.com
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: V7HBmDdpymd_ZoVhEQILoaNMUTx9sjae-FL4iJhFGfOTe5qjT_59-Q==
X-Firefox-Spdy: h2
upfilesurls.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1679544000
104.26.8.138200 OK 33 kB URL HTTP/2 upfilesurls.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1679544000
IP 104.26.8.138:0
File type ASCII text, with very long lines (27707), with no line terminators
Hash 48ae64e2fa261e7e8ad0a0a05e6745a5
186b5fa1fbc1f773d080ba4311e4cdfcc46c11de
f9244d15b60a2046c0dbf0bc28a42c9ac870fffed2b385b7dbe42ef8ac07e58d
GET /cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1679544000 HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: auth=eyJpdiI6IjF6RWtueXB1cVhKb2cyTkRpK0s5TlE9PSIsInZhbHVlIjoiYjAza0xzNzVYQlQ5VEJoNk9hMVlrQT09IiwibWFjIjoiYzdkZjlhNThkYzJhMGFjOWYxOWZjMGIzZGFlOTY3M2ExZmNhNGRmNDk5YmUxMTAwMTFmODliNGI5NDQ5OGU5OCIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6ImQzclBNOUZPSmdlS1JOWTd2dUdxY1E9PSIsInZhbHVlIjoiZVRsam9uckt3QnJQVHkyc09aWTFuVVFkeHRaVnhHZDZDRVBZeDFzcUlHNkttUllRaVVaQ0YzYjcydUdDb1hlTGZ3UUVBVFcvWGlVM0xBSXlCZ1dqSG1sVWF0OEk2aVVzQklFaCt1SFdldWgyS0tFeCtYSTBPN3hoa0VFb0x0SHYiLCJtYWMiOiJiMmZjYjJiODJmY2FjZjYzNTgwNWRkY2RhYmM2MWJiYzc1MDFiZjQ2ZTcxMjJhZTg1OTNlNzhiNGU2Mzg3OWNkIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6IlNseFZEN05rN3NLbnpJZEY5djY3SEE9PSIsInZhbHVlIjoibisxSVlha3diajc5Ly9QY1FXc1YrOFAxL1VORkVWakx5Vk1iQ0ZsZERRWlhrT1JsZ2liRHVOa3ZwME1hODZRdHZDelAxR2x2dlJONlh2MXVVK2xmNFRBNzZvUzhXWjRuQ011Z2dtT1hOY2l0NDdZRnZubzB6Z2xlZGQwTktFM2QiLCJtYWMiOiI0ZGE1MTkzYzQyOWI5YmM1NmUyOWY5NzZjYzE5YmQ2NTFmY2ZjNjkwYTAxMWI3NTM4YjQyYzQyOGYzODU3NzJlIiwidGFnIjoiIn0%3D; ab=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 07:02:37 GMT
content-type: application/javascript; charset=UTF-8
vary: accept-encoding
x-control-type-options: nosniff
cache-control: max-age=14400, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x78ZtFBPRH5I96G%2BqU5p6wxrKUb3gPK%2FINhabWzCbkmJM19LFlMINM6whrm%2FuFfoo5Kt8V6HaJH30iNLmS4uYYvUZh4q8qiFFeeas8XxuiJixvyKzqYrGSIEYaOnsXOZcA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ac4cf555aaeb4ed-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/recaptcha__en.js
142.250.74.35200 OK 165 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/recaptcha__en.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (576)
Size 165 kB (164678 bytes)
Hash f22f07ee02fbeed3958345c90b52b818
2aa44ea19d580589c06c2170103b4d0505e18cdb
dc1eadf37f70bef92766d0c316d1da7af283b84e5c309a4732d8ed35d7bbfb84
GET /recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 164678
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Mar 2023 08:21:26 GMT
expires: Thu, 21 Mar 2024 08:21:26 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 13 Mar 2023 02:02:14 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 81672
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j99&a=668509402&t=pageview&_s=1&dl=https%3A%2F%2Fupfilesurls.com%2FyMcmJOj&ul=en-us&de=UTF-8&dt=pics%2Bvideo.rar&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=85165405&gjid=99290839&cid=21738377.1679554965&tid=UA-197252557-1&_gid=482112653.1679554965&_r=1>m=457e33k0&z=1351654596
216.58.207.206200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j99&a=668509402&t=pageview&_s=1&dl=https%3A%2F%2Fupfilesurls.com%2FyMcmJOj&ul=en-us&de=UTF-8&dt=pics%2Bvideo.rar&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=85165405&gjid=99290839&cid=21738377.1679554965&tid=UA-197252557-1&_gid=482112653.1679554965&_r=1>m=457e33k0&z=1351654596
IP 216.58.207.206:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j99&a=668509402&t=pageview&_s=1&dl=https%3A%2F%2Fupfilesurls.com%2FyMcmJOj&ul=en-us&de=UTF-8&dt=pics%2Bvideo.rar&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=85165405&gjid=99290839&cid=21738377.1679554965&tid=UA-197252557-1&_gid=482112653.1679554965&_r=1>m=457e33k0&z=1351654596 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://upfilesurls.com
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://upfilesurls.com
date: Thu, 23 Mar 2023 07:02:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash e9bd56ab98487bb6df221796285583f1
0dc4e02c5617d9a0233a140f063091b716ba8c82
47a456985111d11f3ab04caceede05709cc539d5e43d189e1b7642713ce0c656
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 23 Mar 2023 07:02:38 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 20 Mar 2023 02:07:07 GMT
Expires: Mon, 27 Mar 2023 02:07:06 GMT
Etag: "0dc4e02c5617d9a0233a140f063091b716ba8c82"
Cache-Control: max-age=327267,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7ac4cf56cd51b4ff-OSL
datatechone.com/log/add?cid=099bff94-57af-4b2b-a42c-300c65c51697
37.48.68.71200 OK 2 B URL HTTP/1.1 datatechone.com/log/add?cid=099bff94-57af-4b2b-a42c-300c65c51697
IP 37.48.68.71:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /log/add?cid=099bff94-57af-4b2b-a42c-300c65c51697 HTTP/1.1
Host: datatechone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1206
Origin: https://upfilesurls.com
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Thu, 23 Mar 2023 07:02:38 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://upfilesurls.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
securepubads.g.doubleclick.net/tag/js/gpt.js
142.250.74.130200 OK 29 kB URL HTTP/2 securepubads.g.doubleclick.net/tag/js/gpt.js
IP 142.250.74.130:0
Hash 963ea5992aaa462c9a4d1a02655395b6
32b9b492f4b10876a60afda7f8df72a1b740945e
2a49694ec2aac09f920bd21adc2371f5d5caf735277c1001c8c0eff4f1307237
GET /tag/js/gpt.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27498
date: Thu, 23 Mar 2023 07:02:38 GMT
expires: Thu, 23 Mar 2023 07:02:38 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1519 / 579 of 1000 / last-modified: 1679523446"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9f0607231b4674d2bfb5a6798b0b4093
6c14f5c952e413365703144951b09b7126ff8e2d
869816689cb9507d294d69f953e8ea33452a177d405816ad86f729b123ceaa98
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 07:02:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8795e5b287f501dc39ee441cd6bd7125
9d420cfc40477940eff7fcfc1aee2c7731fd17a5
a2f6bc52d276e1f73a3e823606457e033bccf8eca8631940a55c298f952451ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 07:02:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=upfilesurls.com
142.250.74.34200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=upfilesurls.com
IP 142.250.74.34:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=upfilesurls.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 23 Mar 2023 07:02:38 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=upfilesurls.com
142.250.74.130200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=upfilesurls.com
IP 142.250.74.130:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=upfilesurls.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 23 Mar 2023 07:02:38 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8795e5b287f501dc39ee441cd6bd7125
9d420cfc40477940eff7fcfc1aee2c7731fd17a5
a2f6bc52d276e1f73a3e823606457e033bccf8eca8631940a55c298f952451ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 07:02:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 1e0119e488c4b31ca1eb177628ed9414
2f243d2c11d4a6a1aac850b5325a85aa94c28bf2
9fdcc7cf7fc0b1afec05df8fd806d17d9a5f656166369dcb737a128ddd4e2bb6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 07:02:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
b613cf0072c8078db61d51b0f2623cec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
172.217.21.161200 OK 2.7 kB URL HTTP/2 b613cf0072c8078db61d51b0f2623cec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5657)
Hash e8ee9c011ff8e1f464e74c37113119ee
64ad72134ea05877de0f2b6503f5c0d8c3f78197
09e42988871806c7f0a897bda7bc4247f47f4d8590749eaa245b8ff1fa907303
GET /safeframe/1-0-40/html/container.html HTTP/1.1
Host: b613cf0072c8078db61d51b0f2623cec.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 2653
date: Thu, 23 Mar 2023 07:02:38 GMT
expires: Fri, 22 Mar 2024 07:02:38 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2.js
216.58.207.225200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 216.58.207.225:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Thu, 23 Mar 2023 07:02:38 GMT
expires: Thu, 23 Mar 2023 07:02:38 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
216.58.207.225200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 216.58.207.225:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Mar 2023 02:02:12 GMT
expires: Fri, 22 Mar 2024 02:02:12 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
vary: Accept-Encoding
age: 18026
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 78815ec28cdd11dab4f66f2eaab35658
c6fd7f2a657d87c6e7641be6fc69913c427cd26a
f99b9d279c7ddfe7916dde9c7390be1f225e330ffa662bd7ae603ceed76e44c3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 07:02:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
216.58.211.4200 OK 513 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 216.58.211.4:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 0f72e075f78c1df8b02e65c0bd294bed
4dfd9e5eec820a96895660008122b3ae454c16b1
e900d61170c9146e6118781aedbc5f10b02fcb597696d01927e2ead4c70f0523
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 23 Mar 2023 07:02:38 GMT
date: Thu, 23 Mar 2023 07:02:38 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-BgwwYrHrU7-Hrq62XzEeBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5553
Expires: Thu, 23 Mar 2023 08:35:11 GMT
Date: Thu, 23 Mar 2023 07:02:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5553
Expires: Thu, 23 Mar 2023 08:35:11 GMT
Date: Thu, 23 Mar 2023 07:02:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5553
Expires: Thu, 23 Mar 2023 08:35:11 GMT
Date: Thu, 23 Mar 2023 07:02:38 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d837d4e-ce18-46d7-b240-75b9b4a896bd.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d837d4e-ce18-46d7-b240-75b9b4a896bd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ba2db8d73f3c451a15890457345a7f44
fc3a53367d844a13ec4b9742fd86954e8c187245
da47b2bde2a7bbca671b6d39f193ff4aaf4ef64d7e6586a62a8c026094ade6c7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d837d4e-ce18-46d7-b240-75b9b4a896bd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12642
x-amzn-requestid: 4bd678ba-79b1-4dc1-a58a-a7fe6e2e933b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CBFV8EQfoAMFs5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6416b5bf-3a673c87370eede03c329782;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 07:11:59 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: KOg5BN0h_1GUN1VZwRZGujervaMsYOVLKZuOMX9Ccu4tNkopImo4mg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 de2dd11312f7d5ad3bcd0cb112c7fd0e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 10:38:51 GMT
age: 73427
etag: "fc3a53367d844a13ec4b9742fd86954e8c187245"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F772d9c75-9796-494f-9fc4-91d04e2bac53.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F772d9c75-9796-494f-9fc4-91d04e2bac53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 90f64fe111aa6e90ebf52e0335d21b75
4f25bdbffca3803b02c196c38491223684d36b4d
37894e16112286470b7fd2e0bbd5ca74944e6cb5ca6e8aff189c4515122a0d40
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F772d9c75-9796-494f-9fc4-91d04e2bac53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4905
x-amzn-requestid: f2297c3e-1187-48f5-bffb-c5ea1a79a10b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CBFgcF4_oAMFd6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6416b602-02696af01c0d586c631c5b45;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 07:13:06 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: R9mjcik3i0kISOeO4gVZP6XhhvZO00mriabAtJ8vv1kNhRpz_lfsHQ==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 618052a0d9c86c1a3bf663f82d041d1c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 07:39:55 GMT
age: 84163
etag: "4f25bdbffca3803b02c196c38491223684d36b4d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 85351059b67b0a42eda7e69a31b3b4b4
b798268806dc2f79f033e5872676019faf0e0cc1
86e163b7159b197d6358ab01333ac6da221de0ebe1c5da8d5cef2977d38625fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4000
x-amzn-requestid: 68dc01d7-3eed-48f6-8532-8efaa96cc1ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJpraEqyoAMFgNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a2315-3852cc8961365a560d1fa02f;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:17 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: k6VaCG5oTQnKOvKJnleVqxIIc9yOgdOL0oPcL0ZSVw7DZQ8_GzFoZQ==
via: 1.1 288c777a01e22425da9494dad7a69734.cloudfront.net (CloudFront), 1.1 4d8620b80ebe37d366388e117039aa8e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:47:43 GMT
age: 33295
etag: "b798268806dc2f79f033e5872676019faf0e0cc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F26aea22c-e627-45d1-bce6-55eaa4acfd06.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F26aea22c-e627-45d1-bce6-55eaa4acfd06.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f3aa18378fc5715083fb26bd0d62f382
ee683e481a4501d2ab8ca63d1426d6fab6f2b064
8aade71c4b55f6a9daab28a05a90bcc3c6c01b700aa48d2f8ccdb1992fa5ee81
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F26aea22c-e627-45d1-bce6-55eaa4acfd06.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10816
x-amzn-requestid: 60a537d2-1b8a-4ae2-967c-a7e57c818cc6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B9xY0EHqoAMFrrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6415629e-1be08f9f3a13492717fdaa48;Sampled=0
x-amzn-remapped-date: Sat, 18 Mar 2023 07:05:02 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: pFf9EtVQUyRcUOT6Aj_L88__ZyBlVX61cOmPi70WnyxxPteVUFFXEw==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 3f3347264bcaae7af741e2a2f692c6a0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 20:21:35 GMT
age: 38463
etag: "ee683e481a4501d2ab8ca63d1426d6fab6f2b064"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a816157-9568-4e7f-a034-14b2f1982949.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a816157-9568-4e7f-a034-14b2f1982949.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f4a771935927950222124e14b56046df
d07fe53e4ac41048497b2732c017f6666c3eda9e
4e8388626074646c2336711be0a170ceab367c343648a32d2389dd87640251d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a816157-9568-4e7f-a034-14b2f1982949.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4912
x-amzn-requestid: d8fcf495-12af-42ae-ad69-0ea07b1a8669
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM8H3Fl1IAMFYgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b73cb-01cbd1981a57e53b3d3cde93;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:31:55 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: soxgrR0B6Rz79QysB7qbMTsNYmkYfG8doOMPpTEd9uLlrE6WTcDKdw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:47:44 GMT
age: 33294
etag: "d07fe53e4ac41048497b2732c017f6666c3eda9e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F261caab9-983c-4eb1-9fca-fd73dc738e9e.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F261caab9-983c-4eb1-9fca-fd73dc738e9e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e89d0b1281259e7399294fb5fa19d2b
5035ed41f497c97faefae9cdaf42dc07ab468557
f404d286deab5b4759be6e554e6488faab3b4f7988a86eb57520dac4e0d6a192
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F261caab9-983c-4eb1-9fca-fd73dc738e9e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10284
x-amzn-requestid: 672e5b15-9c0c-45e0-9c7b-bcf8403859fd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CBFarEW6oAMFW-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6416b5dd-6a8ddbde77a15cf91f5d411e;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 07:12:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: uA55p7FpwrkKSmMXMQl2rQEu5yLHWIDe81khrzVE96mrqYuQW-wYSw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 5c35539543902c678280929df206948c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 07:54:24 GMT
age: 83294
etag: "5035ed41f497c97faefae9cdaf42dc07ab468557"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
151.101.1.229200 OK 439 B URL HTTP/2 cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
IP 151.101.1.229:0
File type ASCII text, with very long lines (693)
Hash 0440929e9bfe21325bb9de6de158fba8
d175fec033c76d665a06513ce31e2c90d2c828e7
2621408bc9d3c95b7e24b8257993a2f433ee7f03e1c61ac77ed2d4f1e3e486b6
GET /gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: master
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
content-encoding: br
accept-ranges: bytes
date: Thu, 23 Mar 2023 07:02:38 GMT
age: 21771
x-served-by: cache-fra-eddf8230042-FRA, cache-bma1655-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 104.18.20.226:0
Hash 698104ba773dd3ad1161da00f6d5332c
aa56300252fba6b07948280e6eb67abee3f7c034
e47c03cf541aa1f9ed70e1fe5b83089f7a6b7851f0d55b240ccfc5244689d50b
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 23 Mar 2023 07:02:39 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "B528D74BD852C06DC1CC4D6A46910A6797B17861"
Expires: Thu, 23 Mar 2023 17:00:00 GMT
Last-Modified: Thu, 23 Mar 2023 05:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2806
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ac4cf5dccb10b59-OSL
cdn.prod.uidapi.com/uid2SecureSignal.js
54.230.80.236200 OK 1.9 kB URL HTTP/1.1 cdn.prod.uidapi.com/uid2SecureSignal.js
IP 54.230.80.236:0
File type ASCII text, with very long lines (1859), with no line terminators
Hash aded621b17723f487b3c9d0e43cf2f94
90fbec381aa4a6ae2a2bb37eb082291432a1ab18
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde
GET /uid2SecureSignal.js HTTP/1.1
Host: cdn.prod.uidapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 1859
Connection: keep-alive
Last-Modified: Mon, 23 Jan 2023 04:07:36 GMT
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Server: AmazonS3
Date: Thu, 23 Mar 2023 05:18:44 GMT
ETag: "aded621b17723f487b3c9d0e43cf2f94"
X-Cache: Hit from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Zv5KwjQIYYtjR5HAZv-XkvuwM2FpQHjFYpz6nJEUZOmVGZhcGOWyyA==
Age: 6235
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 72415b0198633e751a6a5d1c4da995d1
03d0d63ac41749e284052d68c8be50ea42571cd4
81a88ddd6c124ad911d359194117be6ce84e1e3e2124caf659c9fa12a21cd03f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 07:02:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 72415b0198633e751a6a5d1c4da995d1
03d0d63ac41749e284052d68c8be50ea42571cd4
81a88ddd6c124ad911d359194117be6ce84e1e3e2124caf659c9fa12a21cd03f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 07:02:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 72415b0198633e751a6a5d1c4da995d1
03d0d63ac41749e284052d68c8be50ea42571cd4
81a88ddd6c124ad911d359194117be6ce84e1e3e2124caf659c9fa12a21cd03f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 07:02:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 72415b0198633e751a6a5d1c4da995d1
03d0d63ac41749e284052d68c8be50ea42571cd4
81a88ddd6c124ad911d359194117be6ce84e1e3e2124caf659c9fa12a21cd03f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 07:02:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 1.1 kB IP 142.250.74.131:0
File type gzip compressed data, max compression\012- data
Hash 00f4a270dcb6574e7729ea6233de73ee
9abc1e513f6a6db1811596f556e616d2b366adc3
30783713e473b0cd6c8ad26110e4ce685cd57953db1ea8b907b43dfea8454dc0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 07:02:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
142.250.74.66200 OK 50 kB URL HTTP/2 www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
IP 142.250.74.66:0
File type ASCII text, with very long lines (3399)
Hash e10b94532cf57d50b3f614af1972bd8f
dba839ab2119cee49bd296363e2f22e22f48a037
76540438c979b26383237b2e268d62668c4e0bdd8db4241af876e0b94e22c266
GET /activeview/js/current/rx_lidar.js?cache=r20110914 HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b613cf0072c8078db61d51b0f2623cec.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
timing-allow-origin: *
content-length: 49540
date: Thu, 23 Mar 2023 07:02:39 GMT
expires: Thu, 23 Mar 2023 07:02:39 GMT
cache-control: private, max-age=3000
etag: "1679312138029146"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012302271541000/v0/amp-form-0.1.mjs
142.250.74.1200 OK 13 kB URL HTTP/2 cdn.ampproject.org/rtv/012302271541000/v0/amp-form-0.1.mjs
IP 142.250.74.1:0
File type Unicode text, UTF-8 text, with very long lines (41068)
Hash 29e6ca8d9edc05b4a956dcce746de287
01e641dc83f7983e17ddaf615178cd01cf68da48
5ed7c51df3267031660c777660ef695cceb8c82e22b1a417e07a4a6f9de2330f
GET /rtv/012302271541000/v0/amp-form-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 12965
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Mar 2023 19:09:02 GMT
expires: Thu, 21 Mar 2024 19:09:02 GMT
cache-control: public, max-age=31536000
age: 42817
etag: "2e1a930b1f14d060"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.id5-sync.com/api/1.0/esp.js
104.22.52.86200 OK 22 kB URL HTTP/2 cdn.id5-sync.com/api/1.0/esp.js
IP 104.22.52.86:0
Hash dbc12fdeb6ff03340e6ce37ca04e4dee
c48d7c75189b772075775cb48f13b41d27253987
9ea7e55efff5434a69617d01783e3e332a9db881f481db511fc550f9f8102aa2
GET /api/1.0/esp.js HTTP/1.1
Host: cdn.id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 07:02:39 GMT
content-type: text/javascript;charset=utf-8
x-amz-id-2: ZjWvYdCQ+n+8pVPo4fgjrkJtLsHSUGhVHJHK8qr0o38/ZNHeA+tbvOrvX+a5AuqVu4Tgr//ghOk=
x-amz-request-id: PETS1203JXCZQ7S0
last-modified: Mon, 13 Feb 2023 11:21:55 GMT
etag: W/"b988c8d91b8a22dcd50f129d3a9d67f1"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
cf-cache-status: HIT
age: 3194
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 7ac4cf5e2c371bfe-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
tags.crwdcntrl.net/lt/c/16589/sync.min.js
54.230.111.4200 OK 40 kB URL HTTP/2 tags.crwdcntrl.net/lt/c/16589/sync.min.js
IP 54.230.111.4:0
Hash aed9ee7c2502f700901f3e3e60c861e3
57f3481c3c6be696992d3f4c57c9fd9321536e94
7a5bb6a18058ae8f81351e6dc2f86743b6eb1e2a4e3ccf7dc89711bdb161441d
GET /lt/c/16589/sync.min.js HTTP/1.1
Host: tags.crwdcntrl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
date: Wed, 22 Mar 2023 22:50:07 GMT
last-modified: Wed, 22 Mar 2023 22:36:59 GMT
etag: W/"4fd6c99ca40fed5d11cbd9e1b76a92f1"
x-amz-server-side-encryption: AES256
cache-control: max-age: 86400
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: c8e-Zp0-ohBsg9BmyVe5vcK00dSUTRbUER91BINB0j-GVW7nXi0n6w==
age: 29553
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012302271541000/v0/amp-fit-text-0.1.mjs
142.250.74.1200 OK 1.9 kB URL HTTP/2 cdn.ampproject.org/rtv/012302271541000/v0/amp-fit-text-0.1.mjs
IP 142.250.74.1:0
File type ASCII text, with very long lines (5021)
Hash 29310274e55382559cb128e7210c3290
c4ee1bfdccf9bcdb6c3f3522021c698233ed11f5
f0ec8e4452c0078c6f320b8f9117ebae510dd5732e1ab6abb8cf2d71ec52cdab
GET /rtv/012302271541000/v0/amp-fit-text-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 1898
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Mar 2023 11:58:23 GMT
expires: Fri, 15 Mar 2024 11:58:23 GMT
cache-control: public, max-age=31536000
etag: "aaf5c93962f41d5e"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 587056
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4f15fa8e4a82ad09307e5087f5caa462
33045627c4fd7e850fa35cd6ef0aa7df3b00190d
f9acdaf4f76526f96fd273608ffc118a009b7592096f1bbe0014eb9e6d8b61a3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F9ACDAF4F76526F96FD273608FFC118A009B7592096F1BBE0014EB9E6D8B61A3"
Last-Modified: Wed, 22 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8160
Expires: Thu, 23 Mar 2023 09:18:39 GMT
Date: Thu, 23 Mar 2023 07:02:39 GMT
Connection: keep-alive
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230320_RC00/outstream.min.js
142.250.74.170200 OK 132 kB URL HTTP/2 imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230320_RC00/outstream.min.js
IP 142.250.74.170:0
File type ASCII text, with very long lines (3098)
Size 132 kB (131667 bytes)
Hash c93c7a79ac90ae8d3b3b84f45127bbaf
bcb60ff794ecb55f173bdb646f24d25626ca9994
8d5e9562821ab49857c5648f4bf95abd3483b171aaf8f54df87ae06c3a1b31ea
GET /formats/outstream/versioned/prod2/outstream_web_client_20230320_RC00/outstream.min.js HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b613cf0072c8078db61d51b0f2623cec.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
timing-allow-origin: *
content-length: 131667
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 20 Mar 2023 12:52:32 GMT
expires: Tue, 19 Mar 2024 12:52:32 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 20 Mar 2023 10:37:45 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 238207
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230320_RC00/outstream.min.css
142.250.74.170200 OK 2.8 kB URL HTTP/2 imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230320_RC00/outstream.min.css
IP 142.250.74.170:0
File type ASCII text, with very long lines (14567), with no line terminators
Hash 0ea7c62c1ffefe2c0695008097779f30
30701f1fa6b52c2a2216b540f189d654c2a6c458
07686fcb89f2ba27df013c73b4ad2ebf0d28e3103fd0f835450606d0a832c941
GET /formats/outstream/versioned/prod2/outstream_web_client_20230320_RC00/outstream.min.css HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b613cf0072c8078db61d51b0f2623cec.safeframe.googlesyndication.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
timing-allow-origin: *
content-length: 2798
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 20 Mar 2023 12:52:32 GMT
expires: Tue, 19 Mar 2024 12:52:32 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 20 Mar 2023 10:37:45 GMT
content-type: text/css
vary: Accept-Encoding
age: 238207
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 72415b0198633e751a6a5d1c4da995d1
03d0d63ac41749e284052d68c8be50ea42571cd4
81a88ddd6c124ad911d359194117be6ce84e1e3e2124caf659c9fa12a21cd03f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 07:02:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bcp.crwdcntrl.net/6/map
52.49.217.141200 OK 927 B IP 52.49.217.141:0
File type gzip compressed data, max compression\012- data
Hash 7bf86298337419642385efae6c3567ca
8b2a2c3ba695e0cc47285dcb7ccbd7289a681a28
09852a09db8f0dabcc580b9057bf2c91198c82e0b215304875741924915f1023
POST /6/map HTTP/1.1
Host: bcp.crwdcntrl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 50
Origin: https://upfilesurls.com
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 07:02:39 GMT
content-type: application/json;charset=utf-8
content-length: 60
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.10.1
access-control-allow-credentials: true
access-control-allow-origin: https://upfilesurls.com
server: Jetty(9.4.38.v20210224)
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5cd8c9b1a21861daf74c130682cea34e
32ceecbbe8fdfc999e4169771cf7633fdaa1f083
328369b9dcb3b3b19b031dd350a02c7cbe5fb250ba4748bf8d055da5342f0837
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 07:02:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-ByjV9sP0iorTy5R9ND3Ux3k8YG3BVflB8TKfuFlC0TT0C9bxfPs01Q4nmrNeE0UtWeeT7BPWXcdo-HTItgeu_zXrVpAg&cry=1&dbm_d=AKAmf-C2CDfN2rnvDVqAUSMiOnTMNm5KBftTGrJ8JxUiDyZk5n2ule5xlyR9axua-tprG08CF0tMNpAy41yA5uRXJeDMK5OcvI8dWZ7-StXnuo8hkYCzZYCrVeBWRTTdD0MWS1nowY7vh83-WDD_TcjIscuImfhhyYIBqBiJosRKmCmu5lDPvNwYUiWRKHGBlcADHeVinCLaQD7ulAbW83Y4QkMLAQZ1r0GENWgY6HYW_ZmqSjiYLCbkKkyphwQi62VVofk7Oh8uP8MEO9eqkIRwIwf9aN9DpfuT2q-Od57E71RWKvJYq36c6N96nxWIU2mFqCnutjd6G2UZ0LerFqdP9qgNjHV8VAuwAsNWIQSjVye8e_2YEdRCRyFQOrN7q9g09baSvucb5ceSswySqnwGiTVzT4apE5gN60zf5aVgcO8_z3t0bB_CpMQKSAF4YY1CcmrGFf1FmP0MBt5W6TEBtCx0JA0CM10fE_MlPm-k6949C6xDGgUIv50dP7GBMx0s5nYFMnozT3Hz1-j5SZYgE2rsSifWuoRT055CD3OoAwAilst-BsTSfTypBxYOBmVpyk0bKMJQNrtPvCdgoWMIXdYKxXh-DGXVyY21SHPkR0EpIY1fipf65oeFfdgGDSi4h8LcwIOlyrJY-OhwH0l7Jzb0IgV1qn-G_RM6GyYnzYQPXXS3QNR82eRa284PnFh3-TwvFaeKMTiMgkZc1Wx7qslnbGdmEAHT8leDxKBXYRlIggNNINhenpphvwozoUMiaCuB8kQWjOL0d0aZvpUZib8WXI9knmY7baSb4GtG39iNP8eT04XP_CTPGPNJYh3isCy27qKtt-APDwEuboK1O5rg_d7m9BBWnsIXASbjTb7ae9WTOGRFKNWPGBrzGlbU13Uql_c76RPBsDoIjZ453U2jYubCPoNa-FqIH6VNsxQSMO2C-BiAHLAgkbRdIDkny-hZb5wlvEckBaSEK_cxgb8tUo4EI69v98ZcB6C_zpF3JHC6369tSsy2I9BTnWkD-ZhHMBYxlL23GLd0xJ9Ftq8nlyr1Ycz-s8GgTankUFUcm1PDRVrJbO7jNyO1JxGkYJm5EPVV_9N9pvf9j-o5Kq-Ny3oCXgdnlJQZodsS1h_khhRknyJAtB4lEITIxBqhjgHkf2q7lboJA46ejQ47gx_g5uHbB1IwpLd0Jo0hKvWYMluIDSPWf5JMXCP09b5q7t3x2JtsGCc5A8fGSfLulTrvpyojDkXtUi4-Jfa8nNTGC3N6xv3Za-3hGVyrQjccZGSwtuZSrYeT7_HVrLl90oDufl6fgdXi6LhoSMhIr4R5LJWPiqA8oVFsU43Az_lYEWJOjw-sCbbsIOTTm71BLoRBIpKQnKPhtxrp1kaw0NamuyWQdCIJ38wPaIIFabZ-h9_8HQIhI3h2IkYLSeXLTiyF_fvxCbPOnWZER6Z83kfO1hLIlDBV2doktzjTmruI3WnfkK4I4v01qQ20lUWE0vxk7zsr74M32eea2b4x9Q0srBufTrYmExKGHhmuv8jk8sP9n2_f1Z5kzNEDDLQQV2VbBYQmJeKtZ0a7dCZcKra115RtQxLLXwywLn1mSHVCC2YFEijI5mWWQlsojnNRFZjy_8s_JsUS4BY46h3ZmtKS0u5W7CVZrI7J21O6kpZGFxAR34huSOwZKPTffUlyD9VaKbL_FfyWqvwleVAwFCxsFc7dtFsVttsgLo4f_8bwayYkMg1AThe42OUaFw0C_GdezR2U5X_xFrqSqw3OhJSFFEQWfqZ0vZuwZwBrpq5y9Q_TfduoAL6hdsUDC7fOrEVjyrHSbnvGAUzrtHtn1V8ZCa3I8xdcTO102esY8DNox_LMPF4cOoTdNxHqcm7HT2W1n5gzyzOrT2LonX0WQg_7kwVP-h94by5zGzfnLetrqne9pLEDdkDoi6p-Lt3wr9Qz41-IYlL54O025Q94c8Rnce-lvXTszmOTojXgvhojzcDQGiZt5r8MHN3_sfWN56n5plmC21en8A73WQHCKD0vlFXyZPHMJsEe6rdMoi7D9DWCWNtO7HkHnDLoqJWPNU5HeynOzBenNjMvdLTyYmlGJdglVlAfqb7yy0kD5zqXVKlvstokUtPQsOoiaPf4-pJ9z6aWD08K1U6lDpxLyzeFTfaKsQnWHUIr0O7My2oki4nRPsICFkkexFrMxUF2rv7CiYMg4v9sGcvNKRgk6A-opmWITGXUhPN2I3OdcpWiOECgoTbLoV_4ntkFcSJdD8RAj9E2RaNqtZ5SXW3ib-ofbo6M4cE96lAvG_cHvzkpHkUbgvD-2HjiTHXOquTG1ns0eXcsWU1oPSgRXMy58DkU6YW29AucwNtjIdlgNrasl71qL3YhyFrlLM9IUwoUwJQ490tkMZP1dES9w-JvcfM93031LSwShPnn7QFzziToktNXj3cD4tbulq4LxCFf2yBvVR-kLKWX2jEy5AAQL6iv8aaVTyd_MxA3SNViz0hJs8XmPAMbNmZnPfMS0EP-SxLk2GW-dtA1rAK_2Cng2-EFFRPRoN-aDBXQft8mKkNiYT-9EoJKQ85asGyy1gQbAw7raKvbKA6NwYVti8d2M1gbm_istOArw8yioqQmb0jxGDb9a32f6S7ZXWBfJAiw66GDg4E8VRwvxmon6UAYiP1eJBW6o92DxpsjRflgiEGjRDv1-rKVrd2KUNaHejQr_T6sJCad_csplk1ZwqkB2hPKOra2kqfw6_Yw4TJtutfFLG52XLzb-LpaJIjxgSTPcyJaQmTbL1Bv129nerwytl1RquS83iomfP4HGUK7lioFCP7zCmIT6Yx7Qpti67SNYeXGoL-62M60pyAyk0_C-wgHalNAWber2mVdGl4aRQFZJ0qUiaZKdVnGJ0eWD1KY0qA-mdMtAMhxnltqtNb6LJmQUi0IIoqO7IDTPnIEN5ZeSxk-0oWbySKndr3b60giUPuwmB7en-tcub9zumXwg_ljeOxgzhMc2-w2EEiciwiec88F3TP4NMIdevApR-0W4ePgh5himpqBCgmnFC1mDShm0BvaDhLT1s3sf7YRHODMiyFKvrnmY4CGmYAPYEgRrLNe5ZAvYBfB2CTORerjjgkxCIVUwtM78nUpIiO12JrkXoQK_QbME057_sAxfTLGq0NTd9XAC8bbxIEMLdqsVWSehmDkfmI7O0XORk8QUqqFntXJVN46dqzQ5BgEKRWN5NQA9E4fpaH72Sfumlr1_soLJ583ZH8I6k9v0bHwKqjWP7MJSu6CiBgVsUWZdJvK26XgJBT8rmDRuYze2EC9YHmzBPEjZ0M7JmPwS4Zko-GRwp1fGUyt&cid=CAQSSwDUE5ymLfmCeSn3akJJ9FIAFiEF5EvQwDiATLaj88LbIgo7WpA1bDOH9yGt9YhkiPtO3QbsfgY0EEadZ4JeZ41_4wvYuDImAvvc3BgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
64.233.162.156200 OK 16 kB URL HTTP/2 bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-ByjV9sP0iorTy5R9ND3Ux3k8YG3BVflB8TKfuFlC0TT0C9bxfPs01Q4nmrNeE0UtWeeT7BPWXcdo-HTItgeu_zXrVpAg&cry=1&dbm_d=AKAmf-C2CDfN2rnvDVqAUSMiOnTMNm5KBftTGrJ8JxUiDyZk5n2ule5xlyR9axua-tprG08CF0tMNpAy41yA5uRXJeDMK5OcvI8dWZ7-StXnuo8hkYCzZYCrVeBWRTTdD0MWS1nowY7vh83-WDD_TcjIscuImfhhyYIBqBiJosRKmCmu5lDPvNwYUiWRKHGBlcADHeVinCLaQD7ulAbW83Y4QkMLAQZ1r0GENWgY6HYW_ZmqSjiYLCbkKkyphwQi62VVofk7Oh8uP8MEO9eqkIRwIwf9aN9DpfuT2q-Od57E71RWKvJYq36c6N96nxWIU2mFqCnutjd6G2UZ0LerFqdP9qgNjHV8VAuwAsNWIQSjVye8e_2YEdRCRyFQOrN7q9g09baSvucb5ceSswySqnwGiTVzT4apE5gN60zf5aVgcO8_z3t0bB_CpMQKSAF4YY1CcmrGFf1FmP0MBt5W6TEBtCx0JA0CM10fE_MlPm-k6949C6xDGgUIv50dP7GBMx0s5nYFMnozT3Hz1-j5SZYgE2rsSifWuoRT055CD3OoAwAilst-BsTSfTypBxYOBmVpyk0bKMJQNrtPvCdgoWMIXdYKxXh-DGXVyY21SHPkR0EpIY1fipf65oeFfdgGDSi4h8LcwIOlyrJY-OhwH0l7Jzb0IgV1qn-G_RM6GyYnzYQPXXS3QNR82eRa284PnFh3-TwvFaeKMTiMgkZc1Wx7qslnbGdmEAHT8leDxKBXYRlIggNNINhenpphvwozoUMiaCuB8kQWjOL0d0aZvpUZib8WXI9knmY7baSb4GtG39iNP8eT04XP_CTPGPNJYh3isCy27qKtt-APDwEuboK1O5rg_d7m9BBWnsIXASbjTb7ae9WTOGRFKNWPGBrzGlbU13Uql_c76RPBsDoIjZ453U2jYubCPoNa-FqIH6VNsxQSMO2C-BiAHLAgkbRdIDkny-hZb5wlvEckBaSEK_cxgb8tUo4EI69v98ZcB6C_zpF3JHC6369tSsy2I9BTnWkD-ZhHMBYxlL23GLd0xJ9Ftq8nlyr1Ycz-s8GgTankUFUcm1PDRVrJbO7jNyO1JxGkYJm5EPVV_9N9pvf9j-o5Kq-Ny3oCXgdnlJQZodsS1h_khhRknyJAtB4lEITIxBqhjgHkf2q7lboJA46ejQ47gx_g5uHbB1IwpLd0Jo0hKvWYMluIDSPWf5JMXCP09b5q7t3x2JtsGCc5A8fGSfLulTrvpyojDkXtUi4-Jfa8nNTGC3N6xv3Za-3hGVyrQjccZGSwtuZSrYeT7_HVrLl90oDufl6fgdXi6LhoSMhIr4R5LJWPiqA8oVFsU43Az_lYEWJOjw-sCbbsIOTTm71BLoRBIpKQnKPhtxrp1kaw0NamuyWQdCIJ38wPaIIFabZ-h9_8HQIhI3h2IkYLSeXLTiyF_fvxCbPOnWZER6Z83kfO1hLIlDBV2doktzjTmruI3WnfkK4I4v01qQ20lUWE0vxk7zsr74M32eea2b4x9Q0srBufTrYmExKGHhmuv8jk8sP9n2_f1Z5kzNEDDLQQV2VbBYQmJeKtZ0a7dCZcKra115RtQxLLXwywLn1mSHVCC2YFEijI5mWWQlsojnNRFZjy_8s_JsUS4BY46h3ZmtKS0u5W7CVZrI7J21O6kpZGFxAR34huSOwZKPTffUlyD9VaKbL_FfyWqvwleVAwFCxsFc7dtFsVttsgLo4f_8bwayYkMg1AThe42OUaFw0C_GdezR2U5X_xFrqSqw3OhJSFFEQWfqZ0vZuwZwBrpq5y9Q_TfduoAL6hdsUDC7fOrEVjyrHSbnvGAUzrtHtn1V8ZCa3I8xdcTO102esY8DNox_LMPF4cOoTdNxHqcm7HT2W1n5gzyzOrT2LonX0WQg_7kwVP-h94by5zGzfnLetrqne9pLEDdkDoi6p-Lt3wr9Qz41-IYlL54O025Q94c8Rnce-lvXTszmOTojXgvhojzcDQGiZt5r8MHN3_sfWN56n5plmC21en8A73WQHCKD0vlFXyZPHMJsEe6rdMoi7D9DWCWNtO7HkHnDLoqJWPNU5HeynOzBenNjMvdLTyYmlGJdglVlAfqb7yy0kD5zqXVKlvstokUtPQsOoiaPf4-pJ9z6aWD08K1U6lDpxLyzeFTfaKsQnWHUIr0O7My2oki4nRPsICFkkexFrMxUF2rv7CiYMg4v9sGcvNKRgk6A-opmWITGXUhPN2I3OdcpWiOECgoTbLoV_4ntkFcSJdD8RAj9E2RaNqtZ5SXW3ib-ofbo6M4cE96lAvG_cHvzkpHkUbgvD-2HjiTHXOquTG1ns0eXcsWU1oPSgRXMy58DkU6YW29AucwNtjIdlgNrasl71qL3YhyFrlLM9IUwoUwJQ490tkMZP1dES9w-JvcfM93031LSwShPnn7QFzziToktNXj3cD4tbulq4LxCFf2yBvVR-kLKWX2jEy5AAQL6iv8aaVTyd_MxA3SNViz0hJs8XmPAMbNmZnPfMS0EP-SxLk2GW-dtA1rAK_2Cng2-EFFRPRoN-aDBXQft8mKkNiYT-9EoJKQ85asGyy1gQbAw7raKvbKA6NwYVti8d2M1gbm_istOArw8yioqQmb0jxGDb9a32f6S7ZXWBfJAiw66GDg4E8VRwvxmon6UAYiP1eJBW6o92DxpsjRflgiEGjRDv1-rKVrd2KUNaHejQr_T6sJCad_csplk1ZwqkB2hPKOra2kqfw6_Yw4TJtutfFLG52XLzb-LpaJIjxgSTPcyJaQmTbL1Bv129nerwytl1RquS83iomfP4HGUK7lioFCP7zCmIT6Yx7Qpti67SNYeXGoL-62M60pyAyk0_C-wgHalNAWber2mVdGl4aRQFZJ0qUiaZKdVnGJ0eWD1KY0qA-mdMtAMhxnltqtNb6LJmQUi0IIoqO7IDTPnIEN5ZeSxk-0oWbySKndr3b60giUPuwmB7en-tcub9zumXwg_ljeOxgzhMc2-w2EEiciwiec88F3TP4NMIdevApR-0W4ePgh5himpqBCgmnFC1mDShm0BvaDhLT1s3sf7YRHODMiyFKvrnmY4CGmYAPYEgRrLNe5ZAvYBfB2CTORerjjgkxCIVUwtM78nUpIiO12JrkXoQK_QbME057_sAxfTLGq0NTd9XAC8bbxIEMLdqsVWSehmDkfmI7O0XORk8QUqqFntXJVN46dqzQ5BgEKRWN5NQA9E4fpaH72Sfumlr1_soLJ583ZH8I6k9v0bHwKqjWP7MJSu6CiBgVsUWZdJvK26XgJBT8rmDRuYze2EC9YHmzBPEjZ0M7JmPwS4Zko-GRwp1fGUyt&cid=CAQSSwDUE5ymLfmCeSn3akJJ9FIAFiEF5EvQwDiATLaj88LbIgo7WpA1bDOH9yGt9YhkiPtO3QbsfgY0EEadZ4JeZ41_4wvYuDImAvvc3BgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
IP 64.233.162.156:0
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (16143)
Hash ac6b223faffaf7fb29a22fe1d0d41dae
d8c0c040c550ff7f5c2b7327d21553c3b7155d6f
e4e7ec4ef91345d2a4d62f396bdf8a7b253f4e334e4174e45b839a7649206233
GET /dbm/vast?dbm_c=AKAmf-ByjV9sP0iorTy5R9ND3Ux3k8YG3BVflB8TKfuFlC0TT0C9bxfPs01Q4nmrNeE0UtWeeT7BPWXcdo-HTItgeu_zXrVpAg&cry=1&dbm_d=AKAmf-C2CDfN2rnvDVqAUSMiOnTMNm5KBftTGrJ8JxUiDyZk5n2ule5xlyR9axua-tprG08CF0tMNpAy41yA5uRXJeDMK5OcvI8dWZ7-StXnuo8hkYCzZYCrVeBWRTTdD0MWS1nowY7vh83-WDD_TcjIscuImfhhyYIBqBiJosRKmCmu5lDPvNwYUiWRKHGBlcADHeVinCLaQD7ulAbW83Y4QkMLAQZ1r0GENWgY6HYW_ZmqSjiYLCbkKkyphwQi62VVofk7Oh8uP8MEO9eqkIRwIwf9aN9DpfuT2q-Od57E71RWKvJYq36c6N96nxWIU2mFqCnutjd6G2UZ0LerFqdP9qgNjHV8VAuwAsNWIQSjVye8e_2YEdRCRyFQOrN7q9g09baSvucb5ceSswySqnwGiTVzT4apE5gN60zf5aVgcO8_z3t0bB_CpMQKSAF4YY1CcmrGFf1FmP0MBt5W6TEBtCx0JA0CM10fE_MlPm-k6949C6xDGgUIv50dP7GBMx0s5nYFMnozT3Hz1-j5SZYgE2rsSifWuoRT055CD3OoAwAilst-BsTSfTypBxYOBmVpyk0bKMJQNrtPvCdgoWMIXdYKxXh-DGXVyY21SHPkR0EpIY1fipf65oeFfdgGDSi4h8LcwIOlyrJY-OhwH0l7Jzb0IgV1qn-G_RM6GyYnzYQPXXS3QNR82eRa284PnFh3-TwvFaeKMTiMgkZc1Wx7qslnbGdmEAHT8leDxKBXYRlIggNNINhenpphvwozoUMiaCuB8kQWjOL0d0aZvpUZib8WXI9knmY7baSb4GtG39iNP8eT04XP_CTPGPNJYh3isCy27qKtt-APDwEuboK1O5rg_d7m9BBWnsIXASbjTb7ae9WTOGRFKNWPGBrzGlbU13Uql_c76RPBsDoIjZ453U2jYubCPoNa-FqIH6VNsxQSMO2C-BiAHLAgkbRdIDkny-hZb5wlvEckBaSEK_cxgb8tUo4EI69v98ZcB6C_zpF3JHC6369tSsy2I9BTnWkD-ZhHMBYxlL23GLd0xJ9Ftq8nlyr1Ycz-s8GgTankUFUcm1PDRVrJbO7jNyO1JxGkYJm5EPVV_9N9pvf9j-o5Kq-Ny3oCXgdnlJQZodsS1h_khhRknyJAtB4lEITIxBqhjgHkf2q7lboJA46ejQ47gx_g5uHbB1IwpLd0Jo0hKvWYMluIDSPWf5JMXCP09b5q7t3x2JtsGCc5A8fGSfLulTrvpyojDkXtUi4-Jfa8nNTGC3N6xv3Za-3hGVyrQjccZGSwtuZSrYeT7_HVrLl90oDufl6fgdXi6LhoSMhIr4R5LJWPiqA8oVFsU43Az_lYEWJOjw-sCbbsIOTTm71BLoRBIpKQnKPhtxrp1kaw0NamuyWQdCIJ38wPaIIFabZ-h9_8HQIhI3h2IkYLSeXLTiyF_fvxCbPOnWZER6Z83kfO1hLIlDBV2doktzjTmruI3WnfkK4I4v01qQ20lUWE0vxk7zsr74M32eea2b4x9Q0srBufTrYmExKGHhmuv8jk8sP9n2_f1Z5kzNEDDLQQV2VbBYQmJeKtZ0a7dCZcKra115RtQxLLXwywLn1mSHVCC2YFEijI5mWWQlsojnNRFZjy_8s_JsUS4BY46h3ZmtKS0u5W7CVZrI7J21O6kpZGFxAR34huSOwZKPTffUlyD9VaKbL_FfyWqvwleVAwFCxsFc7dtFsVttsgLo4f_8bwayYkMg1AThe42OUaFw0C_GdezR2U5X_xFrqSqw3OhJSFFEQWfqZ0vZuwZwBrpq5y9Q_TfduoAL6hdsUDC7fOrEVjyrHSbnvGAUzrtHtn1V8ZCa3I8xdcTO102esY8DNox_LMPF4cOoTdNxHqcm7HT2W1n5gzyzOrT2LonX0WQg_7kwVP-h94by5zGzfnLetrqne9pLEDdkDoi6p-Lt3wr9Qz41-IYlL54O025Q94c8Rnce-lvXTszmOTojXgvhojzcDQGiZt5r8MHN3_sfWN56n5plmC21en8A73WQHCKD0vlFXyZPHMJsEe6rdMoi7D9DWCWNtO7HkHnDLoqJWPNU5HeynOzBenNjMvdLTyYmlGJdglVlAfqb7yy0kD5zqXVKlvstokUtPQsOoiaPf4-pJ9z6aWD08K1U6lDpxLyzeFTfaKsQnWHUIr0O7My2oki4nRPsICFkkexFrMxUF2rv7CiYMg4v9sGcvNKRgk6A-opmWITGXUhPN2I3OdcpWiOECgoTbLoV_4ntkFcSJdD8RAj9E2RaNqtZ5SXW3ib-ofbo6M4cE96lAvG_cHvzkpHkUbgvD-2HjiTHXOquTG1ns0eXcsWU1oPSgRXMy58DkU6YW29AucwNtjIdlgNrasl71qL3YhyFrlLM9IUwoUwJQ490tkMZP1dES9w-JvcfM93031LSwShPnn7QFzziToktNXj3cD4tbulq4LxCFf2yBvVR-kLKWX2jEy5AAQL6iv8aaVTyd_MxA3SNViz0hJs8XmPAMbNmZnPfMS0EP-SxLk2GW-dtA1rAK_2Cng2-EFFRPRoN-aDBXQft8mKkNiYT-9EoJKQ85asGyy1gQbAw7raKvbKA6NwYVti8d2M1gbm_istOArw8yioqQmb0jxGDb9a32f6S7ZXWBfJAiw66GDg4E8VRwvxmon6UAYiP1eJBW6o92DxpsjRflgiEGjRDv1-rKVrd2KUNaHejQr_T6sJCad_csplk1ZwqkB2hPKOra2kqfw6_Yw4TJtutfFLG52XLzb-LpaJIjxgSTPcyJaQmTbL1Bv129nerwytl1RquS83iomfP4HGUK7lioFCP7zCmIT6Yx7Qpti67SNYeXGoL-62M60pyAyk0_C-wgHalNAWber2mVdGl4aRQFZJ0qUiaZKdVnGJ0eWD1KY0qA-mdMtAMhxnltqtNb6LJmQUi0IIoqO7IDTPnIEN5ZeSxk-0oWbySKndr3b60giUPuwmB7en-tcub9zumXwg_ljeOxgzhMc2-w2EEiciwiec88F3TP4NMIdevApR-0W4ePgh5himpqBCgmnFC1mDShm0BvaDhLT1s3sf7YRHODMiyFKvrnmY4CGmYAPYEgRrLNe5ZAvYBfB2CTORerjjgkxCIVUwtM78nUpIiO12JrkXoQK_QbME057_sAxfTLGq0NTd9XAC8bbxIEMLdqsVWSehmDkfmI7O0XORk8QUqqFntXJVN46dqzQ5BgEKRWN5NQA9E4fpaH72Sfumlr1_soLJ583ZH8I6k9v0bHwKqjWP7MJSu6CiBgVsUWZdJvK26XgJBT8rmDRuYze2EC9YHmzBPEjZ0M7JmPwS4Zko-GRwp1fGUyt&cid=CAQSSwDUE5ymLfmCeSn3akJJ9FIAFiEF5EvQwDiATLaj88LbIgo7WpA1bDOH9yGt9YhkiPtO3QbsfgY0EEadZ4JeZ41_4wvYuDImAvvc3BgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1 HTTP/1.1
Host: bid.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://b613cf0072c8078db61d51b0f2623cec.safeframe.googlesyndication.com
Connection: keep-alive
Referer: https://b613cf0072c8078db61d51b0f2623cec.safeframe.googlesyndication.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 07:02:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://b613cf0072c8078db61d51b0f2623cec.safeframe.googlesyndication.com
content-type: text/xml; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 16368
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 23-Mar-2023 07:17:39 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
t.6sc.co/img.gif?event=imp&mcid=84453&cb=4160631691&pid=185113266&cid=29134379
23.36.79.9200 OK 43 B URL HTTP/1.1 t.6sc.co/img.gif?event=imp&mcid=84453&cb=4160631691&pid=185113266&cid=29134379
IP 23.36.79.9:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /img.gif?event=imp&mcid=84453&cb=4160631691&pid=185113266&cid=29134379 HTTP/1.1
Host: t.6sc.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b613cf0072c8078db61d51b0f2623cec.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Content-Type: image/gif
ETag: "60bb2e1b-2b"
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Last-Modified: Sat, 05 Jun 2021 07:56:11 GMT
Pragma: no-cache
Server: nginx/1.14.0 (Ubuntu)
X-Content-Type-Options: nosniff
Content-Length: 43
Date: Thu, 23 Mar 2023 07:02:39 GMT
Connection: keep-alive
Set-Cookie: 6suuid=054f24178e5200008ff91b648e030000a0c30200; expires=Sat, 22-Mar-2025 07:02:39 GMT; path=/; domain=.6sc.co; SameSite=None; secure
Access-Control-Allow-Origin:
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5cd8c9b1a21861daf74c130682cea34e
32ceecbbe8fdfc999e4169771cf7633fdaa1f083
328369b9dcb3b3b19b031dd350a02c7cbe5fb250ba4748bf8d055da5342f0837
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 07:02:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
live.demand.supply/up.js
104.16.133.22200 OK 2.6 kB IP 104.16.133.22:0
File type ASCII text, with very long lines (3472)
Hash 0cb448c333148b92d412a18452a83572
20ded6542697aab3195673f12e49132f933f362c
08409c3c52b337c06414f47d7aaf97662009e44d6eb92bf59f2f6d32b5a79a50
GET /up.js HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 07:02:37 GMT
content-type: application/javascript; charset=UTF-8
cf-ray: 7ac4cf54293eb4ed-OSL
age: 909
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
etag: W/"80cb6d37c081c52264f3bc093c1c886c-ssl-df"
link: <https://live.demand.supply/impl.v16.5.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v16-2-0/dXBmaWxlc3VybHMuY29tLw==>; rel=preload; as=script
vary: Accept-Encoding
cf-cache-status: HIT
cf-bgj: minify
cf-polished: origSize=4391
timing-allow-origin: *
x-nf-request-id: 01GSTTFB4JV28SJ9RRAV4DKHJV
set-cookie: demandSupplyTi=683e5ba6-50cb-4e93-8367-847ea641b13b; demandSupplyTc = null; demandSupplyTcI = null; SameSite=None; Secure; Max-Age=63072000
__cf_bm=Ui93KJRy3cvC0HhLMVROiJz68U_T5ls9H7TfDh5FNNk-1679554957-0-Ab3N97hnhFMkrmMuTZMZ4LXhW5sFUrSz1k36xb7o/M7IEEpwBzeo4f3cdWYSFb3dfAeichZHa9RVt4H2DUWx6ic=; path=/; expires=Thu, 23-Mar-23 07:32:37 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s0.2mdn.net/simgad/14021012917093821847
142.250.74.70200 OK 16 kB URL HTTP/2 s0.2mdn.net/simgad/14021012917093821847
IP 142.250.74.70:0
File type PNG image data, 728 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash dc98e5ab2b26ba305a0db8f6ef757eb2
9041f4c94e58d2d70c005702c4baf492c5e80b20
b994572039dd7cc2d7e695d2a923388ff3819ebdb188b1dd0acfe27ad73616bf
GET /simgad/14021012917093821847 HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b613cf0072c8078db61d51b0f2623cec.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 15520
x-content-type-options: nosniff
x-dns-prefetch-control: off
server: sffe
x-xss-protection: 0
date: Sat, 18 Mar 2023 20:16:21 GMT
expires: Sun, 17 Mar 2024 20:16:21 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 06 Jan 2023 14:16:47 GMT
content-type: image/png
age: 384379
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
gcdn.2mdn.net/videoplayback/id/cdad11bd52b8c081/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3808053372/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/264E07C3D72806650DF878481066A09D6FA5900E.2D4A6128D37D33D56B3C24397E4A32E3878E656/key/ck2/file/file.mp4
142.250.74.78302 Found 0 B URL HTTP/2 gcdn.2mdn.net/videoplayback/id/cdad11bd52b8c081/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3808053372/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/264E07C3D72806650DF878481066A09D6FA5900E.2D4A6128D37D33D56B3C24397E4A32E3878E656/key/ck2/file/file.mp4
IP 142.250.74.78:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /videoplayback/id/cdad11bd52b8c081/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3808053372/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/264E07C3D72806650DF878481066A09D6FA5900E.2D4A6128D37D33D56B3C24397E4A32E3878E656/key/ck2/file/file.mp4 HTTP/1.1
Host: gcdn.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b613cf0072c8078db61d51b0f2623cec.safeframe.googlesyndication.com/
Origin: https://b613cf0072c8078db61d51b0f2623cec.safeframe.googlesyndication.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 23 Mar 2023 07:02:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
access-control-allow-origin: https://b613cf0072c8078db61d51b0f2623cec.safeframe.googlesyndication.com
access-control-allow-credentials: true
timing-allow-origin: https://b613cf0072c8078db61d51b0f2623cec.safeframe.googlesyndication.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
location: https://r3---sn-5go7ynlk.c.2mdn.net/videoplayback/id/cdad11bd52b8c081/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3808053372/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/36EC754F69872325B114D142CDA313C921606479.6530B4005BC4BC19AB0EEC99C68EDFCA10EFA030/key/cms1/cms_redirect/yes/mh/TU/mip/91.90.42.154/mm/42/mn/sn-5go7ynlk/ms/onc/mt/1679554603/mv/m/mvi/3/pl/21/file/file.mp4
content-type: text/html; charset=UTF-8
server: ClientMapServer
content-length: 642
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv1RkARDqeEc8A7tD1Qvp3C72t9Q02GScliOvCREN0qFY86LlPnP-ZN8xHXtK7dqH8xZ6l6VRxY_0QAzf1RmK_8OqToan2SAOfBDcsHh_JKoo5pqNNlI105kqPK7OLHlHNrCWPbzOugzW2s2Id7d_uxPHAloeewGSrCyDkF2BgpPv6H8kInekVQPU7Y34wS1Sy9I0Z_z5s5rsSRuloOUH5FIa1ewYyDn186n_plFwex06b-QFnL8A2i70ed7gGbLi9iPsv-JwZuIjBAEBCuLkFH291VALSEh98u_szx73zXIESrnD-2OY9KCf4nzhElOmx9ZZiI1iJRltwdcUkxxXrSji2ltOIQ1zSAFa40ipdusEhdpZuJSP-19OzlBoLJ5dXVmN9WMFLt3hB1ZSq3ENA0NzD0JZeXGcW1Ki2a40KJp2GdzoldNhNQTm8XdXQxN5WGxweHuAu0yrcoyS0EiF2bXAH-WNTq62NvcB0vNOQf5oivr5ISK86FYGuSNm3Mkg8JynqJ_6Bpo7xy0Wm8q4OYtYhPaJluXldcY4aCPTmpBj58KBdXUxBAn92OXMSvurJ3fqwgXQfjfh3W_DNwMnIARCiiIAefvFIaYAVtf83LXSxLD32Lzb5E9fU1XX-1vYUfiVfaQEPsPFk-TZWeiiDj-aYAEL8i6C4Xvdjddei5NoWZB5mHpobo4JgV_eOh3CQ5TDyGb81_wm8vKRLYdzRh4DG45sg2eU0iLWuL5TRsN2kUrNdfga6lz2GjvwVT_PAikOvs8a4YCmDytwpW-Hjw82E9ZODi4YsmAxKCtmcJ7-5tisXm-RjyUsDKaOldDJUNqxoWZjndxxC4M8zY7mYROW7MheFT3HKsQB3-L_4eYkGa_jMPE-u6o0oIPR-N6nIwGoMxe1iIZU9oYA-bsR5VA2VRNcoLnt5Vbci83vyhQ9J0pgoY-7aTw0-I6XoTF9VTI6O1yqDUZ3RuKZ_KKH97w2c-RElB9alZqP0fWJVdqbNwqbfhc29E816gDOQknb3hnF18c9-HIvFSJ-cG7WIOYQFYHOyANGpUMUA0lA7-EuP25oTuZNDa5hsudrAH2ccOGaNxeS1QiFZfUulk1KirGI26acQNPeLyXZrbfcPGeTXNWB3NZs9ux59N7h-gQOIls-Pi8KUU4bW2aBXPt7elmpjdbdAc7NgAXzUmZprB8S81QUqVnRU0zjIU2A_YfWRCLc0&sai=AMfl-YSRJEzSDwQg7HI_irtcutBR-0yJtPCnV_3sKYLVfp3f0Zh7zGpHDaCe2--P_9QnthPU2SkQtbFtlL5a8qvTftuRfG8TWqW9WgR4oqv2kvWsrMwkl_reyP7tSXVm2ulGggotapWcoBmb3X62d2fcgTCevrhSK_JkAOITFU-mODRy9kW4_mht_6hO_wgnoc8T7hf7NB-cZfKbl1x88pt0HQ3xwcmJLBK2njJBIGIo_7Vwf1LomnFyvbNzpOcrAwwXbmCngrb49zH5Zx8M8xgasxIhd0uwi2jQxFW59-EL2Tdg-Q&sig=Cg0ArKJSzOXa2TCNB58OEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230321.21442&arae=0&ftch=1&adurl=
216.58.207.226200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv1RkARDqeEc8A7tD1Qvp3C72t9Q02GScliOvCREN0qFY86LlPnP-ZN8xHXtK7dqH8xZ6l6VRxY_0QAzf1RmK_8OqToan2SAOfBDcsHh_JKoo5pqNNlI105kqPK7OLHlHNrCWPbzOugzW2s2Id7d_uxPHAloeewGSrCyDkF2BgpPv6H8kInekVQPU7Y34wS1Sy9I0Z_z5s5rsSRuloOUH5FIa1ewYyDn186n_plFwex06b-QFnL8A2i70ed7gGbLi9iPsv-JwZuIjBAEBCuLkFH291VALSEh98u_szx73zXIESrnD-2OY9KCf4nzhElOmx9ZZiI1iJRltwdcUkxxXrSji2ltOIQ1zSAFa40ipdusEhdpZuJSP-19OzlBoLJ5dXVmN9WMFLt3hB1ZSq3ENA0NzD0JZeXGcW1Ki2a40KJp2GdzoldNhNQTm8XdXQxN5WGxweHuAu0yrcoyS0EiF2bXAH-WNTq62NvcB0vNOQf5oivr5ISK86FYGuSNm3Mkg8JynqJ_6Bpo7xy0Wm8q4OYtYhPaJluXldcY4aCPTmpBj58KBdXUxBAn92OXMSvurJ3fqwgXQfjfh3W_DNwMnIARCiiIAefvFIaYAVtf83LXSxLD32Lzb5E9fU1XX-1vYUfiVfaQEPsPFk-TZWeiiDj-aYAEL8i6C4Xvdjddei5NoWZB5mHpobo4JgV_eOh3CQ5TDyGb81_wm8vKRLYdzRh4DG45sg2eU0iLWuL5TRsN2kUrNdfga6lz2GjvwVT_PAikOvs8a4YCmDytwpW-Hjw82E9ZODi4YsmAxKCtmcJ7-5tisXm-RjyUsDKaOldDJUNqxoWZjndxxC4M8zY7mYROW7MheFT3HKsQB3-L_4eYkGa_jMPE-u6o0oIPR-N6nIwGoMxe1iIZU9oYA-bsR5VA2VRNcoLnt5Vbci83vyhQ9J0pgoY-7aTw0-I6XoTF9VTI6O1yqDUZ3RuKZ_KKH97w2c-RElB9alZqP0fWJVdqbNwqbfhc29E816gDOQknb3hnF18c9-HIvFSJ-cG7WIOYQFYHOyANGpUMUA0lA7-EuP25oTuZNDa5hsudrAH2ccOGaNxeS1QiFZfUulk1KirGI26acQNPeLyXZrbfcPGeTXNWB3NZs9ux59N7h-gQOIls-Pi8KUU4bW2aBXPt7elmpjdbdAc7NgAXzUmZprB8S81QUqVnRU0zjIU2A_YfWRCLc0&sai=AMfl-YSRJEzSDwQg7HI_irtcutBR-0yJtPCnV_3sKYLVfp3f0Zh7zGpHDaCe2--P_9QnthPU2SkQtbFtlL5a8qvTftuRfG8TWqW9WgR4oqv2kvWsrMwkl_reyP7tSXVm2ulGggotapWcoBmb3X62d2fcgTCevrhSK_JkAOITFU-mODRy9kW4_mht_6hO_wgnoc8T7hf7NB-cZfKbl1x88pt0HQ3xwcmJLBK2njJBIGIo_7Vwf1LomnFyvbNzpOcrAwwXbmCngrb49zH5Zx8M8xgasxIhd0uwi2jQxFW59-EL2Tdg-Q&sig=Cg0ArKJSzOXa2TCNB58OEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230321.21442&arae=0&ftch=1&adurl=
IP 216.58.207.226:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjsv1RkARDqeEc8A7tD1Qvp3C72t9Q02GScliOvCREN0qFY86LlPnP-ZN8xHXtK7dqH8xZ6l6VRxY_0QAzf1RmK_8OqToan2SAOfBDcsHh_JKoo5pqNNlI105kqPK7OLHlHNrCWPbzOugzW2s2Id7d_uxPHAloeewGSrCyDkF2BgpPv6H8kInekVQPU7Y34wS1Sy9I0Z_z5s5rsSRuloOUH5FIa1ewYyDn186n_plFwex06b-QFnL8A2i70ed7gGbLi9iPsv-JwZuIjBAEBCuLkFH291VALSEh98u_szx73zXIESrnD-2OY9KCf4nzhElOmx9ZZiI1iJRltwdcUkxxXrSji2ltOIQ1zSAFa40ipdusEhdpZuJSP-19OzlBoLJ5dXVmN9WMFLt3hB1ZSq3ENA0NzD0JZeXGcW1Ki2a40KJp2GdzoldNhNQTm8XdXQxN5WGxweHuAu0yrcoyS0EiF2bXAH-WNTq62NvcB0vNOQf5oivr5ISK86FYGuSNm3Mkg8JynqJ_6Bpo7xy0Wm8q4OYtYhPaJluXldcY4aCPTmpBj58KBdXUxBAn92OXMSvurJ3fqwgXQfjfh3W_DNwMnIARCiiIAefvFIaYAVtf83LXSxLD32Lzb5E9fU1XX-1vYUfiVfaQEPsPFk-TZWeiiDj-aYAEL8i6C4Xvdjddei5NoWZB5mHpobo4JgV_eOh3CQ5TDyGb81_wm8vKRLYdzRh4DG45sg2eU0iLWuL5TRsN2kUrNdfga6lz2GjvwVT_PAikOvs8a4YCmDytwpW-Hjw82E9ZODi4YsmAxKCtmcJ7-5tisXm-RjyUsDKaOldDJUNqxoWZjndxxC4M8zY7mYROW7MheFT3HKsQB3-L_4eYkGa_jMPE-u6o0oIPR-N6nIwGoMxe1iIZU9oYA-bsR5VA2VRNcoLnt5Vbci83vyhQ9J0pgoY-7aTw0-I6XoTF9VTI6O1yqDUZ3RuKZ_KKH97w2c-RElB9alZqP0fWJVdqbNwqbfhc29E816gDOQknb3hnF18c9-HIvFSJ-cG7WIOYQFYHOyANGpUMUA0lA7-EuP25oTuZNDa5hsudrAH2ccOGaNxeS1QiFZfUulk1KirGI26acQNPeLyXZrbfcPGeTXNWB3NZs9ux59N7h-gQOIls-Pi8KUU4bW2aBXPt7elmpjdbdAc7NgAXzUmZprB8S81QUqVnRU0zjIU2A_YfWRCLc0&sai=AMfl-YSRJEzSDwQg7HI_irtcutBR-0yJtPCnV_3sKYLVfp3f0Zh7zGpHDaCe2--P_9QnthPU2SkQtbFtlL5a8qvTftuRfG8TWqW9WgR4oqv2kvWsrMwkl_reyP7tSXVm2ulGggotapWcoBmb3X62d2fcgTCevrhSK_JkAOITFU-mODRy9kW4_mht_6hO_wgnoc8T7hf7NB-cZfKbl1x88pt0HQ3xwcmJLBK2njJBIGIo_7Vwf1LomnFyvbNzpOcrAwwXbmCngrb49zH5Zx8M8xgasxIhd0uwi2jQxFW59-EL2Tdg-Q&sig=Cg0ArKJSzOXa2TCNB58OEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230321.21442&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b613cf0072c8078db61d51b0f2623cec.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-security-policy: script-src 'none'; object-src 'none'
access-control-allow-origin: *
cache-control: private
content-type: image/gif
x-content-type-options: nosniff
date: Thu, 23 Mar 2023 07:02:40 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 23-Mar-2023 07:17:40 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 23 Mar 2023 07:02:40 GMT
X-Firefox-Spdy: h2
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv1RkARDqeEc8A7tD1Qvp3C72t9Q02GScliOvCREN0qFY86LlPnP-ZN8xHXtK7dqH8xZ6l6VRxY_0QAzf1RmK_8OqToan2SAOfBDcsHh_JKoo5pqNNlI105kqPK7OLHlHNrCWPbzOugzW2s2Id7d_uxPHAloeewGSrCyDkF2BgpPv6H8kInekVQPU7Y34wS1Sy9I0Z_z5s5rsSRuloOUH5FIa1ewYyDn186n_plFwex06b-QFnL8A2i70ed7gGbLi9iPsv-JwZuIjBAEBCuLkFH291VALSEh98u_szx73zXIESrnD-2OY9KCf4nzhElOmx9ZZiI1iJRltwdcUkxxXrSji2ltOIQ1zSAFa40ipdusEhdpZuJSP-19OzlBoLJ5dXVmN9WMFLt3hB1ZSq3ENA0NzD0JZeXGcW1Ki2a40KJp2GdzoldNhNQTm8XdXQxN5WGxweHuAu0yrcoyS0EiF2bXAH-WNTq62NvcB0vNOQf5oivr5ISK86FYGuSNm3Mkg8JynqJ_6Bpo7xy0Wm8q4OYtYhPaJluXldcY4aCPTmpBj58KBdXUxBAn92OXMSvurJ3fqwgXQfjfh3W_DNwMnIARCiiIAefvFIaYAVtf83LXSxLD32Lzb5E9fU1XX-1vYUfiVfaQEPsPFk-TZWeiiDj-aYAEL8i6C4Xvdjddei5NoWZB5mHpobo4JgV_eOh3CQ5TDyGb81_wm8vKRLYdzRh4DG45sg2eU0iLWuL5TRsN2kUrNdfga6lz2GjvwVT_PAikOvs8a4YCmDytwpW-Hjw82E9ZODi4YsmAxKCtmcJ7-5tisXm-RjyUsDKaOldDJUNqxoWZjndxxC4M8zY7mYROW7MheFT3HKsQB3-L_4eYkGa_jMPE-u6o0oIPR-N6nIwGoMxe1iIZU9oYA-bsR5VA2VRNcoLnt5Vbci83vyhQ9J0pgoY-7aTw0-I6XoTF9VTI6O1yqDUZ3RuKZ_KKH97w2c-RElB9alZqP0fWJVdqbNwqbfhc29E816gDOQknb3hnF18c9-HIvFSJ-cG7WIOYQFYHOyANGpUMUA0lA7-EuP25oTuZNDa5hsudrAH2ccOGaNxeS1QiFZfUulk1KirGI26acQNPeLyXZrbfcPGeTXNWB3NZs9ux59N7h-gQOIls-Pi8KUU4bW2aBXPt7elmpjdbdAc7NgAXzUmZprB8S81QUqVnRU0zjIU2A_YfWRCLc0&sai=AMfl-YSRJEzSDwQg7HI_irtcutBR-0yJtPCnV_3sKYLVfp3f0Zh7zGpHDaCe2--P_9QnthPU2SkQtbFtlL5a8qvTftuRfG8TWqW9WgR4oqv2kvWsrMwkl_reyP7tSXVm2ulGggotapWcoBmb3X62d2fcgTCevrhSK_JkAOITFU-mODRy9kW4_mht_6hO_wgnoc8T7hf7NB-cZfKbl1x88pt0HQ3xwcmJLBK2njJBIGIo_7Vwf1LomnFyvbNzpOcrAwwXbmCngrb49zH5Zx8M8xgasxIhd0uwi2jQxFW59-EL2Tdg-Q&sig=Cg0ArKJSzOXa2TCNB58OEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=537&vt=11&dtpt=536&dett=2&cstd=0&cisv=r20230321.21442&arae=0&ftch=1&adurl=
216.58.207.226200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv1RkARDqeEc8A7tD1Qvp3C72t9Q02GScliOvCREN0qFY86LlPnP-ZN8xHXtK7dqH8xZ6l6VRxY_0QAzf1RmK_8OqToan2SAOfBDcsHh_JKoo5pqNNlI105kqPK7OLHlHNrCWPbzOugzW2s2Id7d_uxPHAloeewGSrCyDkF2BgpPv6H8kInekVQPU7Y34wS1Sy9I0Z_z5s5rsSRuloOUH5FIa1ewYyDn186n_plFwex06b-QFnL8A2i70ed7gGbLi9iPsv-JwZuIjBAEBCuLkFH291VALSEh98u_szx73zXIESrnD-2OY9KCf4nzhElOmx9ZZiI1iJRltwdcUkxxXrSji2ltOIQ1zSAFa40ipdusEhdpZuJSP-19OzlBoLJ5dXVmN9WMFLt3hB1ZSq3ENA0NzD0JZeXGcW1Ki2a40KJp2GdzoldNhNQTm8XdXQxN5WGxweHuAu0yrcoyS0EiF2bXAH-WNTq62NvcB0vNOQf5oivr5ISK86FYGuSNm3Mkg8JynqJ_6Bpo7xy0Wm8q4OYtYhPaJluXldcY4aCPTmpBj58KBdXUxBAn92OXMSvurJ3fqwgXQfjfh3W_DNwMnIARCiiIAefvFIaYAVtf83LXSxLD32Lzb5E9fU1XX-1vYUfiVfaQEPsPFk-TZWeiiDj-aYAEL8i6C4Xvdjddei5NoWZB5mHpobo4JgV_eOh3CQ5TDyGb81_wm8vKRLYdzRh4DG45sg2eU0iLWuL5TRsN2kUrNdfga6lz2GjvwVT_PAikOvs8a4YCmDytwpW-Hjw82E9ZODi4YsmAxKCtmcJ7-5tisXm-RjyUsDKaOldDJUNqxoWZjndxxC4M8zY7mYROW7MheFT3HKsQB3-L_4eYkGa_jMPE-u6o0oIPR-N6nIwGoMxe1iIZU9oYA-bsR5VA2VRNcoLnt5Vbci83vyhQ9J0pgoY-7aTw0-I6XoTF9VTI6O1yqDUZ3RuKZ_KKH97w2c-RElB9alZqP0fWJVdqbNwqbfhc29E816gDOQknb3hnF18c9-HIvFSJ-cG7WIOYQFYHOyANGpUMUA0lA7-EuP25oTuZNDa5hsudrAH2ccOGaNxeS1QiFZfUulk1KirGI26acQNPeLyXZrbfcPGeTXNWB3NZs9ux59N7h-gQOIls-Pi8KUU4bW2aBXPt7elmpjdbdAc7NgAXzUmZprB8S81QUqVnRU0zjIU2A_YfWRCLc0&sai=AMfl-YSRJEzSDwQg7HI_irtcutBR-0yJtPCnV_3sKYLVfp3f0Zh7zGpHDaCe2--P_9QnthPU2SkQtbFtlL5a8qvTftuRfG8TWqW9WgR4oqv2kvWsrMwkl_reyP7tSXVm2ulGggotapWcoBmb3X62d2fcgTCevrhSK_JkAOITFU-mODRy9kW4_mht_6hO_wgnoc8T7hf7NB-cZfKbl1x88pt0HQ3xwcmJLBK2njJBIGIo_7Vwf1LomnFyvbNzpOcrAwwXbmCngrb49zH5Zx8M8xgasxIhd0uwi2jQxFW59-EL2Tdg-Q&sig=Cg0ArKJSzOXa2TCNB58OEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=537&vt=11&dtpt=536&dett=2&cstd=0&cisv=r20230321.21442&arae=0&ftch=1&adurl=
IP 216.58.207.226:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjsv1RkARDqeEc8A7tD1Qvp3C72t9Q02GScliOvCREN0qFY86LlPnP-ZN8xHXtK7dqH8xZ6l6VRxY_0QAzf1RmK_8OqToan2SAOfBDcsHh_JKoo5pqNNlI105kqPK7OLHlHNrCWPbzOugzW2s2Id7d_uxPHAloeewGSrCyDkF2BgpPv6H8kInekVQPU7Y34wS1Sy9I0Z_z5s5rsSRuloOUH5FIa1ewYyDn186n_plFwex06b-QFnL8A2i70ed7gGbLi9iPsv-JwZuIjBAEBCuLkFH291VALSEh98u_szx73zXIESrnD-2OY9KCf4nzhElOmx9ZZiI1iJRltwdcUkxxXrSji2ltOIQ1zSAFa40ipdusEhdpZuJSP-19OzlBoLJ5dXVmN9WMFLt3hB1ZSq3ENA0NzD0JZeXGcW1Ki2a40KJp2GdzoldNhNQTm8XdXQxN5WGxweHuAu0yrcoyS0EiF2bXAH-WNTq62NvcB0vNOQf5oivr5ISK86FYGuSNm3Mkg8JynqJ_6Bpo7xy0Wm8q4OYtYhPaJluXldcY4aCPTmpBj58KBdXUxBAn92OXMSvurJ3fqwgXQfjfh3W_DNwMnIARCiiIAefvFIaYAVtf83LXSxLD32Lzb5E9fU1XX-1vYUfiVfaQEPsPFk-TZWeiiDj-aYAEL8i6C4Xvdjddei5NoWZB5mHpobo4JgV_eOh3CQ5TDyGb81_wm8vKRLYdzRh4DG45sg2eU0iLWuL5TRsN2kUrNdfga6lz2GjvwVT_PAikOvs8a4YCmDytwpW-Hjw82E9ZODi4YsmAxKCtmcJ7-5tisXm-RjyUsDKaOldDJUNqxoWZjndxxC4M8zY7mYROW7MheFT3HKsQB3-L_4eYkGa_jMPE-u6o0oIPR-N6nIwGoMxe1iIZU9oYA-bsR5VA2VRNcoLnt5Vbci83vyhQ9J0pgoY-7aTw0-I6XoTF9VTI6O1yqDUZ3RuKZ_KKH97w2c-RElB9alZqP0fWJVdqbNwqbfhc29E816gDOQknb3hnF18c9-HIvFSJ-cG7WIOYQFYHOyANGpUMUA0lA7-EuP25oTuZNDa5hsudrAH2ccOGaNxeS1QiFZfUulk1KirGI26acQNPeLyXZrbfcPGeTXNWB3NZs9ux59N7h-gQOIls-Pi8KUU4bW2aBXPt7elmpjdbdAc7NgAXzUmZprB8S81QUqVnRU0zjIU2A_YfWRCLc0&sai=AMfl-YSRJEzSDwQg7HI_irtcutBR-0yJtPCnV_3sKYLVfp3f0Zh7zGpHDaCe2--P_9QnthPU2SkQtbFtlL5a8qvTftuRfG8TWqW9WgR4oqv2kvWsrMwkl_reyP7tSXVm2ulGggotapWcoBmb3X62d2fcgTCevrhSK_JkAOITFU-mODRy9kW4_mht_6hO_wgnoc8T7hf7NB-cZfKbl1x88pt0HQ3xwcmJLBK2njJBIGIo_7Vwf1LomnFyvbNzpOcrAwwXbmCngrb49zH5Zx8M8xgasxIhd0uwi2jQxFW59-EL2Tdg-Q&sig=Cg0ArKJSzOXa2TCNB58OEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=537&vt=11&dtpt=536&dett=2&cstd=0&cisv=r20230321.21442&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b613cf0072c8078db61d51b0f2623cec.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cache-control: private
access-control-allow-origin: *
content-type: image/gif
x-content-type-options: nosniff
date: Thu, 23 Mar 2023 07:02:40 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 23-Mar-2023 07:17:40 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 23 Mar 2023 07:02:40 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3926268b239c5722f27fa96c1571da86
4e6460348f009035cd79f8e9b9edb2713f039542
2a08d4274e6c475d136a81181ea141eac4e12c69777e0883fd6e7cafc0174dfd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 07:02:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3926268b239c5722f27fa96c1571da86
4e6460348f009035cd79f8e9b9edb2713f039542
2a08d4274e6c475d136a81181ea141eac4e12c69777e0883fd6e7cafc0174dfd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 07:02:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
t.6sc.co/img.gif?event=imp&mcid=69941&cb=4160631691&pid=185113266&cid=29134379
23.36.79.9200 OK 43 B URL HTTP/1.1 t.6sc.co/img.gif?event=imp&mcid=69941&cb=4160631691&pid=185113266&cid=29134379
IP 23.36.79.9:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /img.gif?event=imp&mcid=69941&cb=4160631691&pid=185113266&cid=29134379 HTTP/1.1
Host: t.6sc.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b613cf0072c8078db61d51b0f2623cec.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Content-Type: image/gif
ETag: "63f02db2-2b"
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Last-Modified: Sat, 18 Feb 2023 01:45:22 GMT
Pragma: no-cache
Server: nginx/1.14.0 (Ubuntu)
X-Content-Type-Options: nosniff
Content-Length: 43
Date: Thu, 23 Mar 2023 07:02:40 GMT
Connection: keep-alive
Set-Cookie: 6suuid=054f24178e52000090f91b6464000000a4c30200; expires=Sat, 22-Mar-2025 07:02:40 GMT; path=/; domain=.6sc.co; SameSite=None; secure
Access-Control-Allow-Origin:
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 988bc7514d9559f328e3967ae2df94d2
c9c39e67138fcacc07a4b61ab5cc7d56a3882f62
d50b71ca153e46d2189a9ad0e7b3f6b1d610c029abb8e7424309a53bee570b35
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 07:02:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3---sn-5go7ynlk.c.2mdn.net/videoplayback/id/cdad11bd52b8c081/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3808053372/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/36EC754F69872325B114D142CDA313C921606479.6530B4005BC4BC19AB0EEC99C68EDFCA10EFA030/key/cms1/cms_redirect/yes/mh/TU/mip/91.90.42.154/mm/42/mn/sn-5go7ynlk/ms/onc/mt/1679554603/mv/m/mvi/3/pl/21/file/file.mp4
173.194.6.8200 OK 0 B URL HTTP/1.1 r3---sn-5go7ynlk.c.2mdn.net/videoplayback/id/cdad11bd52b8c081/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3808053372/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/36EC754F69872325B114D142CDA313C921606479.6530B4005BC4BC19AB0EEC99C68EDFCA10EFA030/key/cms1/cms_redirect/yes/mh/TU/mip/91.90.42.154/mm/42/mn/sn-5go7ynlk/ms/onc/mt/1679554603/mv/m/mvi/3/pl/21/file/file.mp4
IP 173.194.6.8:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /videoplayback/id/cdad11bd52b8c081/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3808053372/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/36EC754F69872325B114D142CDA313C921606479.6530B4005BC4BC19AB0EEC99C68EDFCA10EFA030/key/cms1/cms_redirect/yes/mh/TU/mip/91.90.42.154/mm/42/mn/sn-5go7ynlk/ms/onc/mt/1679554603/mv/m/mvi/3/pl/21/file/file.mp4 HTTP/1.1
Host: r3---sn-5go7ynlk.c.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Referer: https://b613cf0072c8078db61d51b0f2623cec.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Mon, 19 Sep 2022 16:35:59 GMT
Content-Type: video/mp4
Date: Thu, 23 Mar 2023 07:02:40 GMT
Expires: Thu, 23 Mar 2023 07:02:40 GMT
Cache-Control: private, max-age=86400
Accept-Ranges: bytes
Content-Length: 1511394
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: null
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
t.6sc.co/img.gif?event=imp&mcid=84454&cb=4160631691&pid=185113266&cid=29134379
23.36.79.9200 OK 43 B URL HTTP/1.1 t.6sc.co/img.gif?event=imp&mcid=84454&cb=4160631691&pid=185113266&cid=29134379
IP 23.36.79.9:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /img.gif?event=imp&mcid=84454&cb=4160631691&pid=185113266&cid=29134379 HTTP/1.1
Host: t.6sc.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b613cf0072c8078db61d51b0f2623cec.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Content-Type: image/gif
ETag: "63f02db2-2b"
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Last-Modified: Sat, 18 Feb 2023 01:45:22 GMT
Pragma: no-cache
Server: nginx/1.14.0 (Ubuntu)
X-Content-Type-Options: nosniff
Content-Length: 43
Date: Thu, 23 Mar 2023 07:02:40 GMT
Connection: keep-alive
Set-Cookie: 6suuid=054f24178e52000090f91b64bd000000a8c30200; expires=Sat, 22-Mar-2025 07:02:40 GMT; path=/; domain=.6sc.co; SameSite=None; secure
Access-Control-Allow-Origin:
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST
t.6sc.co/img.gif?event=imp&mcid=84452&cb=4160631691&pid=185113266&cid=29134379
23.36.79.9200 OK 43 B URL HTTP/1.1 t.6sc.co/img.gif?event=imp&mcid=84452&cb=4160631691&pid=185113266&cid=29134379
IP 23.36.79.9:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /img.gif?event=imp&mcid=84452&cb=4160631691&pid=185113266&cid=29134379 HTTP/1.1
Host: t.6sc.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b613cf0072c8078db61d51b0f2623cec.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Content-Type: image/gif
ETag: "60bb2e1b-2b"
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Last-Modified: Sat, 05 Jun 2021 07:56:11 GMT
Pragma: no-cache
Server: nginx/1.14.0 (Ubuntu)
X-Content-Type-Options: nosniff
Content-Length: 43
Date: Thu, 23 Mar 2023 07:02:40 GMT
Connection: keep-alive
Set-Cookie: 6suuid=054f24178e52000090f91b64c2000000a9c30200; expires=Sat, 22-Mar-2025 07:02:40 GMT; path=/; domain=.6sc.co; SameSite=None; secure
Access-Control-Allow-Origin:
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST
t.6sc.co/img.gif?event=imp&mcid=84456&cb=4160631691&pid=185113266&cid=29134379
23.36.79.9200 OK 43 B URL HTTP/1.1 t.6sc.co/img.gif?event=imp&mcid=84456&cb=4160631691&pid=185113266&cid=29134379
IP 23.36.79.9:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /img.gif?event=imp&mcid=84456&cb=4160631691&pid=185113266&cid=29134379 HTTP/1.1
Host: t.6sc.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b613cf0072c8078db61d51b0f2623cec.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Content-Type: image/gif
ETag: "60bb2e1b-2b"
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Last-Modified: Sat, 05 Jun 2021 07:56:11 GMT
Pragma: no-cache
Server: nginx/1.14.0 (Ubuntu)
X-Content-Type-Options: nosniff
Content-Length: 43
Date: Thu, 23 Mar 2023 07:02:40 GMT
Connection: keep-alive
Set-Cookie: 6suuid=054f24178e52000090f91b64c2000000aac30200; expires=Sat, 22-Mar-2025 07:02:40 GMT; path=/; domain=.6sc.co; SameSite=None; secure
Access-Control-Allow-Origin:
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST
t.6sc.co/img.gif?event=imp&mcid=93937&cb=4160631691&pid=185113266&cid=29134379
23.36.79.9200 OK 43 B URL HTTP/1.1 t.6sc.co/img.gif?event=imp&mcid=93937&cb=4160631691&pid=185113266&cid=29134379
IP 23.36.79.9:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /img.gif?event=imp&mcid=93937&cb=4160631691&pid=185113266&cid=29134379 HTTP/1.1
Host: t.6sc.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b613cf0072c8078db61d51b0f2623cec.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Content-Type: image/gif
ETag: "615ccf16-2b"
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Last-Modified: Tue, 05 Oct 2021 22:17:58 GMT
Pragma: no-cache
Server: nginx/1.14.0 (Ubuntu)
X-Content-Type-Options: nosniff
Content-Length: 43
Date: Thu, 23 Mar 2023 07:02:40 GMT
Connection: keep-alive
Set-Cookie: 6suuid=054f24178e52000090f91b64c7000000acc30200; expires=Sat, 22-Mar-2025 07:02:40 GMT; path=/; domain=.6sc.co; SameSite=None; secure
Access-Control-Allow-Origin:
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 988bc7514d9559f328e3967ae2df94d2
c9c39e67138fcacc07a4b61ab5cc7d56a3882f62
d50b71ca153e46d2189a9ad0e7b3f6b1d610c029abb8e7424309a53bee570b35
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 07:02:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
t.6sc.co/img.gif?event=imp&ppgid=86d67b6c&cb=4160631691
23.36.79.9200 OK 43 B URL HTTP/1.1 t.6sc.co/img.gif?event=imp&ppgid=86d67b6c&cb=4160631691
IP 23.36.79.9:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /img.gif?event=imp&ppgid=86d67b6c&cb=4160631691 HTTP/1.1
Host: t.6sc.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b613cf0072c8078db61d51b0f2623cec.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Content-Type: image/gif
ETag: "615ccf16-2b"
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Last-Modified: Tue, 05 Oct 2021 22:17:58 GMT
Pragma: no-cache
Server: nginx/1.14.0 (Ubuntu)
X-Content-Type-Options: nosniff
Content-Length: 43
Date: Thu, 23 Mar 2023 07:02:40 GMT
Connection: keep-alive
Set-Cookie: 6suuid=054f24178e52000090f91b64ee000000adc30200; expires=Sat, 22-Mar-2025 07:02:40 GMT; path=/; domain=.6sc.co; SameSite=None; secure
Access-Control-Allow-Origin:
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST
t.6sc.co/img.gif?event=imp&mcid=84455&cb=4160631691&pid=185113266&cid=29134379
23.36.79.9200 OK 43 B URL HTTP/1.1 t.6sc.co/img.gif?event=imp&mcid=84455&cb=4160631691&pid=185113266&cid=29134379
IP 23.36.79.9:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /img.gif?event=imp&mcid=84455&cb=4160631691&pid=185113266&cid=29134379 HTTP/1.1
Host: t.6sc.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b613cf0072c8078db61d51b0f2623cec.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Content-Type: image/gif
ETag: "5e502814-2b"
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Last-Modified: Fri, 21 Feb 2020 18:57:24 GMT
Pragma: no-cache
Server: nginx/1.14.0 (Ubuntu)
X-Content-Type-Options: nosniff
Content-Length: 43
Date: Thu, 23 Mar 2023 07:02:40 GMT
Connection: keep-alive
Set-Cookie: 6suuid=054f24178e52000090f91b6422010000afc30200; expires=Sat, 22-Mar-2025 07:02:40 GMT; path=/; domain=.6sc.co; SameSite=None; secure
Access-Control-Allow-Origin:
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST
t.6sc.co/img.gif?event=imp&mcid=88525&cb=4160631691&pid=185113266&cid=29134379
23.36.79.9200 OK 43 B URL HTTP/1.1 t.6sc.co/img.gif?event=imp&mcid=88525&cb=4160631691&pid=185113266&cid=29134379
IP 23.36.79.9:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /img.gif?event=imp&mcid=88525&cb=4160631691&pid=185113266&cid=29134379 HTTP/1.1
Host: t.6sc.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b613cf0072c8078db61d51b0f2623cec.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Content-Type: image/gif
ETag: "63f02db2-2b"
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Last-Modified: Sat, 18 Feb 2023 01:45:22 GMT
Pragma: no-cache
Server: nginx/1.14.0 (Ubuntu)
X-Content-Type-Options: nosniff
Content-Length: 43
Date: Thu, 23 Mar 2023 07:02:40 GMT
Connection: keep-alive
Set-Cookie: 6suuid=054f24178e52000090f91b647a010000b4c30200; expires=Sat, 22-Mar-2025 07:02:40 GMT; path=/; domain=.6sc.co; SameSite=None; secure
Access-Control-Allow-Origin:
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST
t.6sc.co/img.gif?event=imp&mcid=84455&cb=927204189&pid=185113239&cid=29134379
23.36.79.9200 OK 43 B URL HTTP/1.1 t.6sc.co/img.gif?event=imp&mcid=84455&cb=927204189&pid=185113239&cid=29134379
IP 23.36.79.9:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /img.gif?event=imp&mcid=84455&cb=927204189&pid=185113239&cid=29134379 HTTP/1.1
Host: t.6sc.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b613cf0072c8078db61d51b0f2623cec.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Content-Type: image/gif
ETag: "63f020a5-2b"
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Last-Modified: Sat, 18 Feb 2023 00:49:41 GMT
Pragma: no-cache
Server: nginx/1.14.0 (Ubuntu)
X-Content-Type-Options: nosniff
Content-Length: 43
Date: Thu, 23 Mar 2023 07:02:40 GMT
Connection: keep-alive
Set-Cookie: 6suuid=054f24178e52000090f91b6481010000b6c30200; expires=Sat, 22-Mar-2025 07:02:40 GMT; path=/; domain=.6sc.co; SameSite=None; secure
Access-Control-Allow-Origin:
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST
t.6sc.co/img.gif?event=imp&mcid=84452&cb=927204189&pid=185113239&cid=29134379
23.36.79.9200 OK 43 B URL HTTP/1.1 t.6sc.co/img.gif?event=imp&mcid=84452&cb=927204189&pid=185113239&cid=29134379
IP 23.36.79.9:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /img.gif?event=imp&mcid=84452&cb=927204189&pid=185113239&cid=29134379 HTTP/1.1
Host: t.6sc.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b613cf0072c8078db61d51b0f2623cec.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Content-Type: image/gif
ETag: "60bb2e1b-2b"
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Last-Modified: Sat, 05 Jun 2021 07:56:11 GMT
Pragma: no-cache
Server: nginx/1.14.0 (Ubuntu)
X-Content-Type-Options: nosniff
Content-Length: 43
Date: Thu, 23 Mar 2023 07:02:40 GMT
Connection: keep-alive
Set-Cookie: 6suuid=054f24178e52000090f91b6480010000b5c30200; expires=Sat, 22-Mar-2025 07:02:40 GMT; path=/; domain=.6sc.co; SameSite=None; secure
Access-Control-Allow-Origin:
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST
t.6sc.co/img.gif?event=imp&mcid=84456&cb=927204189&pid=185113239&cid=29134379
23.36.79.9200 OK 43 B URL HTTP/1.1 t.6sc.co/img.gif?event=imp&mcid=84456&cb=927204189&pid=185113239&cid=29134379
IP 23.36.79.9:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /img.gif?event=imp&mcid=84456&cb=927204189&pid=185113239&cid=29134379 HTTP/1.1
Host: t.6sc.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b613cf0072c8078db61d51b0f2623cec.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Content-Type: image/gif
ETag: "63f020a5-2b"
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Last-Modified: Sat, 18 Feb 2023 00:49:41 GMT
Pragma: no-cache
Server: nginx/1.14.0 (Ubuntu)
X-Content-Type-Options: nosniff
Content-Length: 43
Date: Thu, 23 Mar 2023 07:02:40 GMT
Connection: keep-alive
Set-Cookie: 6suuid=054f24178e52000090f91b6492010000b8c30200; expires=Sat, 22-Mar-2025 07:02:40 GMT; path=/; domain=.6sc.co; SameSite=None; secure
Access-Control-Allow-Origin:
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsug3CXu_G8w1YYS-37eImJjOjEk0iPUUXQEPjVuWdapfhDNXwz_NYM773_HuBgSg7QJE5FDwnmEXFXakGwL8uK9kt5fv0AcEZWoF5n4I4cUoQBmRUNn_UWlEL2HhRMsbW_u3t_qDFYPvBGqxqnr6gUK-W5gtkxXWVEipaXug3nqYOZ08F_a2HI8YUWKLFzDK60xPeMqRc0BiDEU_I-RsK3TbQG-RwaQopiZzVV5pmojg4TWNqDqzkNY3yQ5tFJgxe9Plu3B-qKsC-do5JXJddNZFqcS-kGCQApEXOefEyYnMtWngUu7adrJd5PC2QY1UiMdv-vljISoc7KKQA5a7lThWH9KmcSlD2aAFPKBqC-RjnMe_Mo0VvI1xtiLBcdRHMJjX0-a92byHX36VGuaFjh5-cno_yQPV1JlukBC_sOPZDvSYutqjl3kuND1OGsB0Vq-XgkXZ1z-U-ljI1PKy4pMmjnHatR_UVxuD0h4eMm4XrtTZiMEh0Z_A1tNi9DhcSCpEQNlG-CTfnwPLDuN7-LDRAcus_X3ibu9WOCwrSQDU5A3v1yywe-HQBW_MSTS1w-qPfcV5h7R5puPmptfIA4oKeiC0EP9gV_VZh2DN6bpv7D8ykkWXiBFisBfzLdqjODtA8Xas-zTOO2EdbQFJNYzNLK4ls1qdnBOUEh4rj2t-dZuu-Kq_B2T6Kxqc8ZLvMrII0OPm-KvoXdhQroD3XBfja4c1drfv613b7kARJm9lF8NcxjM8gvrtVNtRyaYPdPQoLho0m5IbcUqm8tNIJwPwDfa4QNU1acU3Grm9LN81Y-rOUfzAcLzyNA54BYI_ddUfMygVOvM27QejsnLYt2144i2qazRMlh0Ony4rRe5zV0uI-8WWff1pJLWMf23WUb4pGsVF0nUBkyEu7zaJj7OI9I1MDt-qD9-KC-X1elYdaCUyDR5dMVuOS1kCmdiWzXIAPQfUxa3Wp-m4os-rhf-3788x0hoLVpZgzLTykQsK_DFd8uhkZ8eYlHNKiqFgD47HXb1_LxcVle9Y1MHXwd-ATBILAw0ajRyG-5T0MsrgK_CM17-VJ3hYxMr6GDda0Sy6QGgG3A4u1dmH81awRDsEx8z4Fz_kKERmnmAND-Ee7xMAiADLsFUXCI58S-ipXRO1oIRJf8WNlF1m76c6MVPHApeEHkC674NlJ7huQwdG3ykxTfM2u1HDP8esMGS&sai=AMfl-YS8NRrkf6s_jvDK9Y_LFLO8h8bjVECu5YPapRyHQirSKMQZl40Sa6v6DjbA0OgFojsg-wcmZDNqWL7YFfMCdF5xLZmQm8iTYzES4nsb9AQeCs-l9Dku0Tsk0OTRu0pI_gj9kNwE644NvlCAoRP9QYPNkkNMLmjEHe8r3KWpZ7KCIIAodzc2Yyz5Fp7D-YkcYOK6vRf1Wl0is6bO-T_W-0r7ETXBTiqoA6hchcau6AD7Rwu7fQwZ1oBCz8RFjgjbVjNnEMISkPzcMdyTyY_i7bSh6ax_9n9gKyG4cB6q3zs-uA&sig=Cg0ArKJSzDrCC7hIbL1ZEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230321.32778&arae=0&ftch=1&adurl=
216.58.207.226200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsug3CXu_G8w1YYS-37eImJjOjEk0iPUUXQEPjVuWdapfhDNXwz_NYM773_HuBgSg7QJE5FDwnmEXFXakGwL8uK9kt5fv0AcEZWoF5n4I4cUoQBmRUNn_UWlEL2HhRMsbW_u3t_qDFYPvBGqxqnr6gUK-W5gtkxXWVEipaXug3nqYOZ08F_a2HI8YUWKLFzDK60xPeMqRc0BiDEU_I-RsK3TbQG-RwaQopiZzVV5pmojg4TWNqDqzkNY3yQ5tFJgxe9Plu3B-qKsC-do5JXJddNZFqcS-kGCQApEXOefEyYnMtWngUu7adrJd5PC2QY1UiMdv-vljISoc7KKQA5a7lThWH9KmcSlD2aAFPKBqC-RjnMe_Mo0VvI1xtiLBcdRHMJjX0-a92byHX36VGuaFjh5-cno_yQPV1JlukBC_sOPZDvSYutqjl3kuND1OGsB0Vq-XgkXZ1z-U-ljI1PKy4pMmjnHatR_UVxuD0h4eMm4XrtTZiMEh0Z_A1tNi9DhcSCpEQNlG-CTfnwPLDuN7-LDRAcus_X3ibu9WOCwrSQDU5A3v1yywe-HQBW_MSTS1w-qPfcV5h7R5puPmptfIA4oKeiC0EP9gV_VZh2DN6bpv7D8ykkWXiBFisBfzLdqjODtA8Xas-zTOO2EdbQFJNYzNLK4ls1qdnBOUEh4rj2t-dZuu-Kq_B2T6Kxqc8ZLvMrII0OPm-KvoXdhQroD3XBfja4c1drfv613b7kARJm9lF8NcxjM8gvrtVNtRyaYPdPQoLho0m5IbcUqm8tNIJwPwDfa4QNU1acU3Grm9LN81Y-rOUfzAcLzyNA54BYI_ddUfMygVOvM27QejsnLYt2144i2qazRMlh0Ony4rRe5zV0uI-8WWff1pJLWMf23WUb4pGsVF0nUBkyEu7zaJj7OI9I1MDt-qD9-KC-X1elYdaCUyDR5dMVuOS1kCmdiWzXIAPQfUxa3Wp-m4os-rhf-3788x0hoLVpZgzLTykQsK_DFd8uhkZ8eYlHNKiqFgD47HXb1_LxcVle9Y1MHXwd-ATBILAw0ajRyG-5T0MsrgK_CM17-VJ3hYxMr6GDda0Sy6QGgG3A4u1dmH81awRDsEx8z4Fz_kKERmnmAND-Ee7xMAiADLsFUXCI58S-ipXRO1oIRJf8WNlF1m76c6MVPHApeEHkC674NlJ7huQwdG3ykxTfM2u1HDP8esMGS&sai=AMfl-YS8NRrkf6s_jvDK9Y_LFLO8h8bjVECu5YPapRyHQirSKMQZl40Sa6v6DjbA0OgFojsg-wcmZDNqWL7YFfMCdF5xLZmQm8iTYzES4nsb9AQeCs-l9Dku0Tsk0OTRu0pI_gj9kNwE644NvlCAoRP9QYPNkkNMLmjEHe8r3KWpZ7KCIIAodzc2Yyz5Fp7D-YkcYOK6vRf1Wl0is6bO-T_W-0r7ETXBTiqoA6hchcau6AD7Rwu7fQwZ1oBCz8RFjgjbVjNnEMISkPzcMdyTyY_i7bSh6ax_9n9gKyG4cB6q3zs-uA&sig=Cg0ArKJSzDrCC7hIbL1ZEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230321.32778&arae=0&ftch=1&adurl=
IP 216.58.207.226:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjsug3CXu_G8w1YYS-37eImJjOjEk0iPUUXQEPjVuWdapfhDNXwz_NYM773_HuBgSg7QJE5FDwnmEXFXakGwL8uK9kt5fv0AcEZWoF5n4I4cUoQBmRUNn_UWlEL2HhRMsbW_u3t_qDFYPvBGqxqnr6gUK-W5gtkxXWVEipaXug3nqYOZ08F_a2HI8YUWKLFzDK60xPeMqRc0BiDEU_I-RsK3TbQG-RwaQopiZzVV5pmojg4TWNqDqzkNY3yQ5tFJgxe9Plu3B-qKsC-do5JXJddNZFqcS-kGCQApEXOefEyYnMtWngUu7adrJd5PC2QY1UiMdv-vljISoc7KKQA5a7lThWH9KmcSlD2aAFPKBqC-RjnMe_Mo0VvI1xtiLBcdRHMJjX0-a92byHX36VGuaFjh5-cno_yQPV1JlukBC_sOPZDvSYutqjl3kuND1OGsB0Vq-XgkXZ1z-U-ljI1PKy4pMmjnHatR_UVxuD0h4eMm4XrtTZiMEh0Z_A1tNi9DhcSCpEQNlG-CTfnwPLDuN7-LDRAcus_X3ibu9WOCwrSQDU5A3v1yywe-HQBW_MSTS1w-qPfcV5h7R5puPmptfIA4oKeiC0EP9gV_VZh2DN6bpv7D8ykkWXiBFisBfzLdqjODtA8Xas-zTOO2EdbQFJNYzNLK4ls1qdnBOUEh4rj2t-dZuu-Kq_B2T6Kxqc8ZLvMrII0OPm-KvoXdhQroD3XBfja4c1drfv613b7kARJm9lF8NcxjM8gvrtVNtRyaYPdPQoLho0m5IbcUqm8tNIJwPwDfa4QNU1acU3Grm9LN81Y-rOUfzAcLzyNA54BYI_ddUfMygVOvM27QejsnLYt2144i2qazRMlh0Ony4rRe5zV0uI-8WWff1pJLWMf23WUb4pGsVF0nUBkyEu7zaJj7OI9I1MDt-qD9-KC-X1elYdaCUyDR5dMVuOS1kCmdiWzXIAPQfUxa3Wp-m4os-rhf-3788x0hoLVpZgzLTykQsK_DFd8uhkZ8eYlHNKiqFgD47HXb1_LxcVle9Y1MHXwd-ATBILAw0ajRyG-5T0MsrgK_CM17-VJ3hYxMr6GDda0Sy6QGgG3A4u1dmH81awRDsEx8z4Fz_kKERmnmAND-Ee7xMAiADLsFUXCI58S-ipXRO1oIRJf8WNlF1m76c6MVPHApeEHkC674NlJ7huQwdG3ykxTfM2u1HDP8esMGS&sai=AMfl-YS8NRrkf6s_jvDK9Y_LFLO8h8bjVECu5YPapRyHQirSKMQZl40Sa6v6DjbA0OgFojsg-wcmZDNqWL7YFfMCdF5xLZmQm8iTYzES4nsb9AQeCs-l9Dku0Tsk0OTRu0pI_gj9kNwE644NvlCAoRP9QYPNkkNMLmjEHe8r3KWpZ7KCIIAodzc2Yyz5Fp7D-YkcYOK6vRf1Wl0is6bO-T_W-0r7ETXBTiqoA6hchcau6AD7Rwu7fQwZ1oBCz8RFjgjbVjNnEMISkPzcMdyTyY_i7bSh6ax_9n9gKyG4cB6q3zs-uA&sig=Cg0ArKJSzDrCC7hIbL1ZEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230321.32778&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b613cf0072c8078db61d51b0f2623cec.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-security-policy: script-src 'none'; object-src 'none'
access-control-allow-origin: *
cache-control: private
content-type: image/gif
x-content-type-options: nosniff
date: Thu, 23 Mar 2023 07:02:40 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 23-Mar-2023 07:17:40 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 23 Mar 2023 07:02:40 GMT
X-Firefox-Spdy: h2
t.6sc.co/img.gif?event=imp&mcid=84453&cb=927204189&pid=185113239&cid=29134379
23.36.79.9200 OK 43 B URL HTTP/1.1 t.6sc.co/img.gif?event=imp&mcid=84453&cb=927204189&pid=185113239&cid=29134379
IP 23.36.79.9:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /img.gif?event=imp&mcid=84453&cb=927204189&pid=185113239&cid=29134379 HTTP/1.1
Host: t.6sc.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b613cf0072c8078db61d51b0f2623cec.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Content-Type: image/gif
ETag: "63f02db2-2b"
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Last-Modified: Sat, 18 Feb 2023 01:45:22 GMT
Pragma: no-cache
Server: nginx/1.14.0 (Ubuntu)
X-Content-Type-Options: nosniff
Content-Length: 43
Date: Thu, 23 Mar 2023 07:02:40 GMT
Connection: keep-alive
Set-Cookie: 6suuid=054f24178e52000090f91b64c1010000b9c30200; expires=Sat, 22-Mar-2025 07:02:40 GMT; path=/; domain=.6sc.co; SameSite=None; secure
Access-Control-Allow-Origin:
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST
t.6sc.co/img.gif?event=imp&mcid=88525&cb=927204189&pid=185113239&cid=29134379
23.36.79.9200 OK 43 B URL HTTP/1.1 t.6sc.co/img.gif?event=imp&mcid=88525&cb=927204189&pid=185113239&cid=29134379
IP 23.36.79.9:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /img.gif?event=imp&mcid=88525&cb=927204189&pid=185113239&cid=29134379 HTTP/1.1
Host: t.6sc.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b613cf0072c8078db61d51b0f2623cec.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Content-Type: image/gif
ETag: "5e502814-2b"
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Last-Modified: Fri, 21 Feb 2020 18:57:24 GMT
Pragma: no-cache
Server: nginx/1.14.0 (Ubuntu)
X-Content-Type-Options: nosniff
Content-Length: 43
Date: Thu, 23 Mar 2023 07:02:40 GMT
Connection: keep-alive
Set-Cookie: 6suuid=054f24178e52000090f91b64e0010000bac30200; expires=Sat, 22-Mar-2025 07:02:40 GMT; path=/; domain=.6sc.co; SameSite=None; secure
Access-Control-Allow-Origin:
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST
csi.gstatic.com/csi?v=2&s=osv&puid=1~lfkrnukr&c=6065200775442&slotId=3032600387721&qqid=CO2IwuW98f0CFXoXewod-BkHkw&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
173.194.192.120204 No Content 0 B URL HTTP/2 csi.gstatic.com/csi?v=2&s=osv&puid=1~lfkrnukr&c=6065200775442&slotId=3032600387721&qqid=CO2IwuW98f0CFXoXewod-BkHkw&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
IP 173.194.192.120:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csi?v=2&s=osv&puid=1~lfkrnukr&c=6065200775442&slotId=3032600387721&qqid=CO2IwuW98f0CFXoXewod-BkHkw&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream HTTP/1.1
Host: csi.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://b613cf0072c8078db61d51b0f2623cec.safeframe.googlesyndication.com
Connection: keep-alive
Referer: https://b613cf0072c8078db61d51b0f2623cec.safeframe.googlesyndication.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: *
date: Thu, 23 Mar 2023 07:02:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
t.6sc.co/img.gif?event=imp&mcid=84454&cb=927204189&pid=185113239&cid=29134379
23.36.79.9200 OK 43 B URL HTTP/1.1 t.6sc.co/img.gif?event=imp&mcid=84454&cb=927204189&pid=185113239&cid=29134379
IP 23.36.79.9:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /img.gif?event=imp&mcid=84454&cb=927204189&pid=185113239&cid=29134379 HTTP/1.1
Host: t.6sc.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b613cf0072c8078db61d51b0f2623cec.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Content-Type: image/gif
ETag: "615ccf16-2b"
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Last-Modified: Tue, 05 Oct 2021 22:17:58 GMT
Pragma: no-cache
Server: nginx/1.14.0 (Ubuntu)
X-Content-Type-Options: nosniff
Content-Length: 43
Date: Thu, 23 Mar 2023 07:02:40 GMT
Connection: keep-alive
Set-Cookie: 6suuid=054f24178e52000090f91b6440020000c1c30200; expires=Sat, 22-Mar-2025 07:02:40 GMT; path=/; domain=.6sc.co; SameSite=None; secure
Access-Control-Allow-Origin:
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST
cdn.ampproject.org/rtv/012302271541000/amp4ads-v0.mjs
142.250.74.1200 OK 43 B URL HTTP/2 cdn.ampproject.org/rtv/012302271541000/amp4ads-v0.mjs
IP 142.250.74.1:0
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /rtv/012302271541000/amp4ads-v0.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 61845
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 18 Mar 2023 20:14:56 GMT
expires: Sun, 17 Mar 2024 20:14:56 GMT
cache-control: public, max-age=31536000
etag: "4fba9ccee66ca96a"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 384463
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
t.6sc.co/img.gif?event=imp&mcid=69941&cb=927204189&pid=185113239&cid=29134379
23.36.79.9200 OK 43 B URL HTTP/1.1 t.6sc.co/img.gif?event=imp&mcid=69941&cb=927204189&pid=185113239&cid=29134379
IP 23.36.79.9:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /img.gif?event=imp&mcid=69941&cb=927204189&pid=185113239&cid=29134379 HTTP/1.1
Host: t.6sc.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b613cf0072c8078db61d51b0f2623cec.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Content-Type: image/gif
ETag: "615ccf16-2b"
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Last-Modified: Tue, 05 Oct 2021 22:17:58 GMT
Pragma: no-cache
Server: nginx/1.14.0 (Ubuntu)
X-Content-Type-Options: nosniff
Content-Length: 43
Date: Thu, 23 Mar 2023 07:02:40 GMT
Connection: keep-alive
Set-Cookie: 6suuid=054f24178e52000090f91b6441020000c3c30200; expires=Sat, 22-Mar-2025 07:02:40 GMT; path=/; domain=.6sc.co; SameSite=None; secure
Access-Control-Allow-Origin:
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST
csi.gstatic.com/csi?v=2&s=osv&puid=2~lfkrnule&c=6065200775442&slotId=3032600387721&qqid=CO2IwuW98f0CFXoXewod-BkHkw&fb=outstream-lima&ulv=1&cll=0&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
173.194.192.120204 No Content 0 B URL HTTP/2 csi.gstatic.com/csi?v=2&s=osv&puid=2~lfkrnule&c=6065200775442&slotId=3032600387721&qqid=CO2IwuW98f0CFXoXewod-BkHkw&fb=outstream-lima&ulv=1&cll=0&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
IP 173.194.192.120:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csi?v=2&s=osv&puid=2~lfkrnule&c=6065200775442&slotId=3032600387721&qqid=CO2IwuW98f0CFXoXewod-BkHkw&fb=outstream-lima&ulv=1&cll=0&vast_v=4.0&lima_p_ich=0&lima_p_icu=0 HTTP/1.1
Host: csi.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://b613cf0072c8078db61d51b0f2623cec.safeframe.googlesyndication.com
Connection: keep-alive
Referer: https://b613cf0072c8078db61d51b0f2623cec.safeframe.googlesyndication.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: *
date: Thu, 23 Mar 2023 07:02:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
t.6sc.co/img.gif?event=imp&mcid=93937&cb=927204189&pid=185113239&cid=29134379
23.36.79.9200 OK 43 B URL HTTP/1.1 t.6sc.co/img.gif?event=imp&mcid=93937&cb=927204189&pid=185113239&cid=29134379
IP 23.36.79.9:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /img.gif?event=imp&mcid=93937&cb=927204189&pid=185113239&cid=29134379 HTTP/1.1
Host: t.6sc.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b613cf0072c8078db61d51b0f2623cec.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Content-Type: image/gif
ETag: "615ccf16-2b"
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Last-Modified: Tue, 05 Oct 2021 22:17:58 GMT
Pragma: no-cache
Server: nginx/1.14.0 (Ubuntu)
X-Content-Type-Options: nosniff
Content-Length: 43
Date: Thu, 23 Mar 2023 07:02:40 GMT
Connection: keep-alive
Set-Cookie: 6suuid=054f24178e52000090f91b6458020000c5c30200; expires=Sat, 22-Mar-2025 07:02:40 GMT; path=/; domain=.6sc.co; SameSite=None; secure
Access-Control-Allow-Origin:
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST
csi.gstatic.com/csi?v=2&s=osv&puid=3~lfkrnuma&c=6065200775442&slotId=3032600387721&qqid=CO2IwuW98f0CFXoXewod-BkHkw&fb=outstream-lima&vast_v=2.0&vmfc=7&vhc=0
173.194.192.120204 No Content 0 B URL HTTP/2 csi.gstatic.com/csi?v=2&s=osv&puid=3~lfkrnuma&c=6065200775442&slotId=3032600387721&qqid=CO2IwuW98f0CFXoXewod-BkHkw&fb=outstream-lima&vast_v=2.0&vmfc=7&vhc=0
IP 173.194.192.120:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csi?v=2&s=osv&puid=3~lfkrnuma&c=6065200775442&slotId=3032600387721&qqid=CO2IwuW98f0CFXoXewod-BkHkw&fb=outstream-lima&vast_v=2.0&vmfc=7&vhc=0 HTTP/1.1
Host: csi.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://b613cf0072c8078db61d51b0f2623cec.safeframe.googlesyndication.com
Connection: keep-alive
Referer: https://b613cf0072c8078db61d51b0f2623cec.safeframe.googlesyndication.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: *
date: Thu, 23 Mar 2023 07:02:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
t.6sc.co/img.gif?event=imp&mcid=84454&cb=3938210348&pid=184934567&cid=29139965
23.36.79.9200 OK 43 B URL HTTP/1.1 t.6sc.co/img.gif?event=imp&mcid=84454&cb=3938210348&pid=184934567&cid=29139965
IP 23.36.79.9:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /img.gif?event=imp&mcid=84454&cb=3938210348&pid=184934567&cid=29139965 HTTP/1.1
Host: t.6sc.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b613cf0072c8078db61d51b0f2623cec.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Content-Type: image/gif
ETag: "60bb2e1b-2b"
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Last-Modified: Sat, 05 Jun 2021 07:56:11 GMT
Pragma: no-cache
Server: nginx/1.14.0 (Ubuntu)
X-Content-Type-Options: nosniff
Content-Length: 43
Date: Thu, 23 Mar 2023 07:02:40 GMT
Connection: keep-alive
Set-Cookie: 6suuid=054f24178e52000090f91b6496020000c6c30200; expires=Sat, 22-Mar-2025 07:02:40 GMT; path=/; domain=.6sc.co; SameSite=None; secure
Access-Control-Allow-Origin:
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP 157.240.200.35:0
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: c3JUp6NrbzRAsJdGsZ+RfzZRjQFG7WdcZzXOIFSMpEj4jDohRbO5pq2e8+EP6y8vJKLXMYollaLfvk+pr6iCLQ==
date: Thu, 23 Mar 2023 07:02:37 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
upfilesurls.com/yMcmJOj?auth=eyJpdiI6IjF6RWtueXB1cVhKb2cyTkRpK0s5TlE9PSIsInZhbHVlIjoiYjAza0xzNzVYQlQ5VEJoNk9hMVlrQT09IiwibWFjIjoiYzdkZjlhNThkYzJhMGFjOWYxOWZjMGIzZGFlOTY3M2ExZmNhNGRmNDk5YmUxMTAwMTFmODliNGI5NDQ5OGU5OCIsInRhZyI6IiJ9
104.26.8.138302 Found 0 B URL HTTP/2 upfilesurls.com/yMcmJOj?auth=eyJpdiI6IjF6RWtueXB1cVhKb2cyTkRpK0s5TlE9PSIsInZhbHVlIjoiYjAza0xzNzVYQlQ5VEJoNk9hMVlrQT09IiwibWFjIjoiYzdkZjlhNThkYzJhMGFjOWYxOWZjMGIzZGFlOTY3M2ExZmNhNGRmNDk5YmUxMTAwMTFmODliNGI5NDQ5OGU5OCIsInRhZyI6IiJ9
IP 104.26.8.138:0
GET /yMcmJOj?auth=eyJpdiI6IjF6RWtueXB1cVhKb2cyTkRpK0s5TlE9PSIsInZhbHVlIjoiYjAza0xzNzVYQlQ5VEJoNk9hMVlrQT09IiwibWFjIjoiYzdkZjlhNThkYzJhMGFjOWYxOWZjMGIzZGFlOTY3M2ExZmNhNGRmNDk5YmUxMTAwMTFmODliNGI5NDQ5OGU5OCIsInRhZyI6IiJ9 HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Thu, 23 Mar 2023 07:02:36 GMT
content-type: text/html; charset=UTF-8
location: https://upfilesurls.com/yMcmJOj
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: auth=eyJpdiI6IjF6RWtueXB1cVhKb2cyTkRpK0s5TlE9PSIsInZhbHVlIjoiYjAza0xzNzVYQlQ5VEJoNk9hMVlrQT09IiwibWFjIjoiYzdkZjlhNThkYzJhMGFjOWYxOWZjMGIzZGFlOTY3M2ExZmNhNGRmNDk5YmUxMTAwMTFmODliNGI5NDQ5OGU5OCIsInRhZyI6IiJ9; path=/; secure; httponly; samesite=lax
XSRF-TOKEN=eyJpdiI6ImVmYkxFYnltZ3pzU1J0TXF6Ri9EelE9PSIsInZhbHVlIjoiNGc4Z0tqK1B2VjRrUUEzU1N1ajNRTkhnaGNFMUovWDVYa2dIenN2Wks5SWI3UmFwb1NyaTFrUlhKWUtUZWpOb3FoRzB3dnIrM0EweTJYT05CWnZDMnV4dko1UGwzSXM3SVhJN0U2ekdOQjArdVYzT1J4VzkzZXBDMnRzYUVLL3kiLCJtYWMiOiI1N2QxMTVkNjYxMTU3NTE2OTM2OThlYmFmMTAxYjc1YTQxMGI1MjBlMjkyYTk2NWIwYmFkMzQ0ZTdkMzUwNzYxIiwidGFnIjoiIn0%3D; expires=Thu, 23-Mar-2023 09:02:36 GMT; Max-Age=7200; path=/; samesite=lax
upfiles_session=eyJpdiI6IkJTMkZTbk5WaWVhVHQ4czkvQ3ZFQ3c9PSIsInZhbHVlIjoiL3J1TWtnZTNSVldiYVRyOUVndG5hVUloUHBsT25zelB3cTJiaVEwMzBYNzc5UXZtUTZLQlFSQWJLakdheHcvRHMvVW1VN3FsUTJaQm41VGJtazFoT3pISGZXcENSQnQwQ1dSNzVrMFpvemY1YlZKOWxKRXhZazdkOWU3TFp0emgiLCJtYWMiOiI3ZjA0OTc2ZDkyMjBlODEyYTczNmJkZjBmZjVkN2ViZDkyOTAyY2UzZDgxNzUwYTA4NzUwZGE4MmUxM2I4MWRjIiwidGFnIjoiIn0%3D; expires=Thu, 23-Mar-2023 09:02:36 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xMiNMZzALDCFrs4lrC7ZALaUl96hC0zT0EtNSy%2FD5x5owl16yC3IiqM3EnimaEtuzXeRp5Hm5ETC07abcms3q2sx%2BPDHwDOG6vBW8icK65nY7LuqJgRLOQ0w7dKrkwSvvg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ac4cf4f5a55b4ed-OSL
X-Firefox-Spdy: h2
upfilesurls.com/img/faqs-image.svg
104.26.8.138200 OK 0 B URL HTTP/2 upfilesurls.com/img/faqs-image.svg
IP 104.26.8.138:0
Analyzer Verdict Alert fortinet Malware
GET /img/faqs-image.svg HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/yMcmJOj
Cookie: auth=eyJpdiI6IjF6RWtueXB1cVhKb2cyTkRpK0s5TlE9PSIsInZhbHVlIjoiYjAza0xzNzVYQlQ5VEJoNk9hMVlrQT09IiwibWFjIjoiYzdkZjlhNThkYzJhMGFjOWYxOWZjMGIzZGFlOTY3M2ExZmNhNGRmNDk5YmUxMTAwMTFmODliNGI5NDQ5OGU5OCIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6ImQzclBNOUZPSmdlS1JOWTd2dUdxY1E9PSIsInZhbHVlIjoiZVRsam9uckt3QnJQVHkyc09aWTFuVVFkeHRaVnhHZDZDRVBZeDFzcUlHNkttUllRaVVaQ0YzYjcydUdDb1hlTGZ3UUVBVFcvWGlVM0xBSXlCZ1dqSG1sVWF0OEk2aVVzQklFaCt1SFdldWgyS0tFeCtYSTBPN3hoa0VFb0x0SHYiLCJtYWMiOiJiMmZjYjJiODJmY2FjZjYzNTgwNWRkY2RhYmM2MWJiYzc1MDFiZjQ2ZTcxMjJhZTg1OTNlNzhiNGU2Mzg3OWNkIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6IlNseFZEN05rN3NLbnpJZEY5djY3SEE9PSIsInZhbHVlIjoibisxSVlha3diajc5Ly9QY1FXc1YrOFAxL1VORkVWakx5Vk1iQ0ZsZERRWlhrT1JsZ2liRHVOa3ZwME1hODZRdHZDelAxR2x2dlJONlh2MXVVK2xmNFRBNzZvUzhXWjRuQ011Z2dtT1hOY2l0NDdZRnZubzB6Z2xlZGQwTktFM2QiLCJtYWMiOiI0ZGE1MTkzYzQyOWI5YmM1NmUyOWY5NzZjYzE5YmQ2NTFmY2ZjNjkwYTAxMWI3NTM4YjQyYzQyOGYzODU3NzJlIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 07:02:37 GMT
content-type: image/svg+xml
last-modified: Fri, 13 Jan 2023 13:29:35 GMT
vary: Accept-Encoding
etag: W/"63c15cbf-95fb"
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2387243
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BzDsum3CgOc5lhVxy7rgQIDfgx8rvRnlrEKj6ZmHdyu0SKhR1P45tcy8yJp4Q8GOZM82qKkbOLIz0WN07gZZScxupPG1IVtcCyMAgaczg8im5quaO8Z%2Bl2VuJujCxivo8w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ac4cf525ef7b4ed-OSL
content-encoding: br
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
216.58.207.205302 Found 0 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 216.58.207.205:0
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 23 Mar 2023 07:02:37 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AQMjQ7Sgk_SYDU1eJ9AqomXhO0wMrtXYs70gbBItFio-t3n4cbyNAFW-HW7O8JtQugSK7fkWGVpUHw
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-9OJSl36eVNOn9MZQLWYPtg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: unsafe-none
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/binary
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
set-cookie: __Host-GAPS=1:T1vtCZ_WMDeXfb85saV0xmwTHzEH5A:B2ktmqb0jEQndHRd; Expires=Sat, 22-Mar-2025 07:02:37 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
216.58.207.205302 Found 0 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 216.58.207.205:0
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 23 Mar 2023 07:02:37 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AQMjQ7QHEsZa00LSVaVC-f3rkdLhLG5_q1iE2pQSBXPHATA_2ntNxirRZRBOhSlXvciummGBFZBnGg
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: unsafe-none
content-security-policy: script-src 'nonce-oIebbXYELtE8tQqwt9aYXQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-resource-policy: cross-origin
content-type: application/binary
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
set-cookie: __Host-GAPS=1:krMfARWWvE7OeMjV6py5ROeQs7-w2Q:taasddQJTa5JKq7B; Expires=Sat, 22-Mar-2025 07:02:37 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.173.27200 OK 0 B IP 172.64.173.27:0
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Origin: https://upfilesurls.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 23 Mar 2023 07:02:37 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://upfilesurls.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 4768
last-modified: Thu, 23 Mar 2023 05:43:09 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1xJmvkGcohujDdl7dDkX2cp%2B5iePr8wY%2BWsJTnkgfKOQiyimGmdKaChRJMAt2LwmSb7FXyTHLRtT8dDnxrwSl9%2BBVYYjOiLxXdKCzaAwgqpraClEhrzDprX3OD3xKzR5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac4cf570cc706b2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/
172.64.173.27200 OK 0 B IP 172.64.173.27:0
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Origin: https://upfilesurls.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 07:02:37 GMT
content-type: text/plain
set-cookie: csu=902842940940313@1@1679554957; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://upfilesurls.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YWZ8N%2BoagqYyXzUqmZSSXLtqh8LKlgv4YO%2Fh0pVl2Wkovm9vSfVDQuTJDtVeTC7macCeJtN72%2BTuK%2FI0k484w9SxGWtyd2g%2BfHcpWQ0uqJXKvciXokU26dt0DHwhd%2FDe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ac4cf56ecad06b2-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
upfilesurls.com/img/menu.svg
104.26.8.138200 OK 0 B URL HTTP/2 upfilesurls.com/img/menu.svg
IP 104.26.8.138:0
Analyzer Verdict Alert fortinet Malware
GET /img/menu.svg HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/yMcmJOj
Cookie: auth=eyJpdiI6IjF6RWtueXB1cVhKb2cyTkRpK0s5TlE9PSIsInZhbHVlIjoiYjAza0xzNzVYQlQ5VEJoNk9hMVlrQT09IiwibWFjIjoiYzdkZjlhNThkYzJhMGFjOWYxOWZjMGIzZGFlOTY3M2ExZmNhNGRmNDk5YmUxMTAwMTFmODliNGI5NDQ5OGU5OCIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6ImQzclBNOUZPSmdlS1JOWTd2dUdxY1E9PSIsInZhbHVlIjoiZVRsam9uckt3QnJQVHkyc09aWTFuVVFkeHRaVnhHZDZDRVBZeDFzcUlHNkttUllRaVVaQ0YzYjcydUdDb1hlTGZ3UUVBVFcvWGlVM0xBSXlCZ1dqSG1sVWF0OEk2aVVzQklFaCt1SFdldWgyS0tFeCtYSTBPN3hoa0VFb0x0SHYiLCJtYWMiOiJiMmZjYjJiODJmY2FjZjYzNTgwNWRkY2RhYmM2MWJiYzc1MDFiZjQ2ZTcxMjJhZTg1OTNlNzhiNGU2Mzg3OWNkIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6IlNseFZEN05rN3NLbnpJZEY5djY3SEE9PSIsInZhbHVlIjoibisxSVlha3diajc5Ly9QY1FXc1YrOFAxL1VORkVWakx5Vk1iQ0ZsZERRWlhrT1JsZ2liRHVOa3ZwME1hODZRdHZDelAxR2x2dlJONlh2MXVVK2xmNFRBNzZvUzhXWjRuQ011Z2dtT1hOY2l0NDdZRnZubzB6Z2xlZGQwTktFM2QiLCJtYWMiOiI0ZGE1MTkzYzQyOWI5YmM1NmUyOWY5NzZjYzE5YmQ2NTFmY2ZjNjkwYTAxMWI3NTM4YjQyYzQyOGYzODU3NzJlIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 07:02:37 GMT
content-type: image/svg+xml
last-modified: Tue, 24 Jan 2023 16:39:42 GMT
vary: Accept-Encoding
etag: W/"63d009ce-72e"
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 2387243
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uv3u2q6B11mzCSQSepN1hfg32TGvdF3CUqgoV56EIftSh3%2BZ2qa%2FdS%2BjVot3I8QnykWze3%2FtvAmdh%2BtUKSN0cviL07ZUPFLjsUd2vxnbpNwweNh2zZgHZFhqiGANRnGm7w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ac4cf524ef3b4ed-OSL
content-encoding: br
X-Firefox-Spdy: h2
upfilesurls.com/css/frontend.css?id=2396ffb76e738e465b53
104.26.8.138200 OK 0 B URL HTTP/2 upfilesurls.com/css/frontend.css?id=2396ffb76e738e465b53
IP 104.26.8.138:0
GET /css/frontend.css?id=2396ffb76e738e465b53 HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/yMcmJOj
Cookie: auth=eyJpdiI6IjF6RWtueXB1cVhKb2cyTkRpK0s5TlE9PSIsInZhbHVlIjoiYjAza0xzNzVYQlQ5VEJoNk9hMVlrQT09IiwibWFjIjoiYzdkZjlhNThkYzJhMGFjOWYxOWZjMGIzZGFlOTY3M2ExZmNhNGRmNDk5YmUxMTAwMTFmODliNGI5NDQ5OGU5OCIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6ImQzclBNOUZPSmdlS1JOWTd2dUdxY1E9PSIsInZhbHVlIjoiZVRsam9uckt3QnJQVHkyc09aWTFuVVFkeHRaVnhHZDZDRVBZeDFzcUlHNkttUllRaVVaQ0YzYjcydUdDb1hlTGZ3UUVBVFcvWGlVM0xBSXlCZ1dqSG1sVWF0OEk2aVVzQklFaCt1SFdldWgyS0tFeCtYSTBPN3hoa0VFb0x0SHYiLCJtYWMiOiJiMmZjYjJiODJmY2FjZjYzNTgwNWRkY2RhYmM2MWJiYzc1MDFiZjQ2ZTcxMjJhZTg1OTNlNzhiNGU2Mzg3OWNkIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6IlNseFZEN05rN3NLbnpJZEY5djY3SEE9PSIsInZhbHVlIjoibisxSVlha3diajc5Ly9QY1FXc1YrOFAxL1VORkVWakx5Vk1iQ0ZsZERRWlhrT1JsZ2liRHVOa3ZwME1hODZRdHZDelAxR2x2dlJONlh2MXVVK2xmNFRBNzZvUzhXWjRuQ011Z2dtT1hOY2l0NDdZRnZubzB6Z2xlZGQwTktFM2QiLCJtYWMiOiI0ZGE1MTkzYzQyOWI5YmM1NmUyOWY5NzZjYzE5YmQ2NTFmY2ZjNjkwYTAxMWI3NTM4YjQyYzQyOGYzODU3NzJlIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 07:02:37 GMT
content-type: text/css
cf-bgj: minify
etag: W/"63a354a4-3f918"
last-modified: Wed, 21 Dec 2022 18:47:00 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cache-control: max-age=14400
cf-cache-status: HIT
age: 7571379
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=59q3i505qRNlFMJHOgbQbb6Y593qtGPpXUCwZ0qnUAm%2BC0lIEdM%2Fnk4p1KdteJP8dAUg0Zl%2FAiTLqY5h6BGemojtSDoKgVm7YOyAXDKlQSMTVtYDexI2wgy8FsYpaHx%2FRA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ac4cf524eeeb4ed-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdntechone.com/stattag.js
188.114.97.1200 OK 0 B URL HTTP/2 cdntechone.com/stattag.js
IP 188.114.97.1:0
GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 07:02:37 GMT
content-type: application/javascript
last-modified: Mon, 06 Mar 2023 09:49:58 GMT
etag: W/"6405b746-4829"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 3505
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Va2eTk73gHtYSD42VFGMlSJY3ZVk%2FotoNY1V%2BNL7URCvTmukARqj8pRjkmpQyWVSfQIcHqfHdamgHUy4dKw0j%2BKbC65zuHxU96WiY4q0BcVpJZ0RPcxmmiLOZ%2BBV7VwT9A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac4cf542b66b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
upfilesurls.com/img/logo.svg
104.26.8.138200 OK 0 B URL HTTP/2 upfilesurls.com/img/logo.svg
IP 104.26.8.138:0
Analyzer Verdict Alert fortinet Malware
GET /img/logo.svg HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/yMcmJOj
Cookie: auth=eyJpdiI6IjF6RWtueXB1cVhKb2cyTkRpK0s5TlE9PSIsInZhbHVlIjoiYjAza0xzNzVYQlQ5VEJoNk9hMVlrQT09IiwibWFjIjoiYzdkZjlhNThkYzJhMGFjOWYxOWZjMGIzZGFlOTY3M2ExZmNhNGRmNDk5YmUxMTAwMTFmODliNGI5NDQ5OGU5OCIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6ImQzclBNOUZPSmdlS1JOWTd2dUdxY1E9PSIsInZhbHVlIjoiZVRsam9uckt3QnJQVHkyc09aWTFuVVFkeHRaVnhHZDZDRVBZeDFzcUlHNkttUllRaVVaQ0YzYjcydUdDb1hlTGZ3UUVBVFcvWGlVM0xBSXlCZ1dqSG1sVWF0OEk2aVVzQklFaCt1SFdldWgyS0tFeCtYSTBPN3hoa0VFb0x0SHYiLCJtYWMiOiJiMmZjYjJiODJmY2FjZjYzNTgwNWRkY2RhYmM2MWJiYzc1MDFiZjQ2ZTcxMjJhZTg1OTNlNzhiNGU2Mzg3OWNkIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6IlNseFZEN05rN3NLbnpJZEY5djY3SEE9PSIsInZhbHVlIjoibisxSVlha3diajc5Ly9QY1FXc1YrOFAxL1VORkVWakx5Vk1iQ0ZsZERRWlhrT1JsZ2liRHVOa3ZwME1hODZRdHZDelAxR2x2dlJONlh2MXVVK2xmNFRBNzZvUzhXWjRuQ011Z2dtT1hOY2l0NDdZRnZubzB6Z2xlZGQwTktFM2QiLCJtYWMiOiI0ZGE1MTkzYzQyOWI5YmM1NmUyOWY5NzZjYzE5YmQ2NTFmY2ZjNjkwYTAxMWI3NTM4YjQyYzQyOGYzODU3NzJlIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 07:02:37 GMT
content-type: image/svg+xml
last-modified: Fri, 08 Apr 2022 10:55:45 GMT
etag: W/"625014b1-56e8"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 2387243
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5b023%2BhJM6yuQDo231ByieySqTHnE%2B6j0zi7PtUh5kM62PzVZeVWnzaBCOoOlGJrIlo1DD4UM%2B8W1tis0lwTS%2F2f75RzOeK8nGIIcpksHKUNAL1p7QqlTnRoA4VGEEbuYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac4cf524ef0b4ed-OSL
content-encoding: br
X-Firefox-Spdy: h2
upfilesurls.com/img/plane.svg
104.26.8.138200 OK 0 B URL HTTP/2 upfilesurls.com/img/plane.svg
IP 104.26.8.138:0
Analyzer Verdict Alert fortinet Malware
GET /img/plane.svg HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/yMcmJOj
Cookie: auth=eyJpdiI6IjF6RWtueXB1cVhKb2cyTkRpK0s5TlE9PSIsInZhbHVlIjoiYjAza0xzNzVYQlQ5VEJoNk9hMVlrQT09IiwibWFjIjoiYzdkZjlhNThkYzJhMGFjOWYxOWZjMGIzZGFlOTY3M2ExZmNhNGRmNDk5YmUxMTAwMTFmODliNGI5NDQ5OGU5OCIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6ImQzclBNOUZPSmdlS1JOWTd2dUdxY1E9PSIsInZhbHVlIjoiZVRsam9uckt3QnJQVHkyc09aWTFuVVFkeHRaVnhHZDZDRVBZeDFzcUlHNkttUllRaVVaQ0YzYjcydUdDb1hlTGZ3UUVBVFcvWGlVM0xBSXlCZ1dqSG1sVWF0OEk2aVVzQklFaCt1SFdldWgyS0tFeCtYSTBPN3hoa0VFb0x0SHYiLCJtYWMiOiJiMmZjYjJiODJmY2FjZjYzNTgwNWRkY2RhYmM2MWJiYzc1MDFiZjQ2ZTcxMjJhZTg1OTNlNzhiNGU2Mzg3OWNkIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6IlNseFZEN05rN3NLbnpJZEY5djY3SEE9PSIsInZhbHVlIjoibisxSVlha3diajc5Ly9QY1FXc1YrOFAxL1VORkVWakx5Vk1iQ0ZsZERRWlhrT1JsZ2liRHVOa3ZwME1hODZRdHZDelAxR2x2dlJONlh2MXVVK2xmNFRBNzZvUzhXWjRuQ011Z2dtT1hOY2l0NDdZRnZubzB6Z2xlZGQwTktFM2QiLCJtYWMiOiI0ZGE1MTkzYzQyOWI5YmM1NmUyOWY5NzZjYzE5YmQ2NTFmY2ZjNjkwYTAxMWI3NTM4YjQyYzQyOGYzODU3NzJlIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 07:02:37 GMT
content-type: image/svg+xml
last-modified: Fri, 13 Jan 2023 13:29:35 GMT
vary: Accept-Encoding
etag: W/"63c15cbf-2ac"
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2387243
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yIfYsi2Bq1L7AIGuG8kn3fiNMvBU8AoNVhSn3shSTK9tdsFgRpte3FcT9sABLXeC%2BPMLiT13tn1NKs7XYo6i7d832LumqPWvuA5M%2BHSRN5L9I5ELkwLHzaNpb3zFa0vtVA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ac4cf525efbb4ed-OSL
content-encoding: br
X-Firefox-Spdy: h2
upfilesurls.com/js/frontend.js?id=88f283c744d8a6e43cfb
104.26.8.138200 OK 0 B URL HTTP/2 upfilesurls.com/js/frontend.js?id=88f283c744d8a6e43cfb
IP 104.26.8.138:0
Analyzer Verdict Alert fortinet Malware
GET /js/frontend.js?id=88f283c744d8a6e43cfb HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/yMcmJOj
Cookie: auth=eyJpdiI6IjF6RWtueXB1cVhKb2cyTkRpK0s5TlE9PSIsInZhbHVlIjoiYjAza0xzNzVYQlQ5VEJoNk9hMVlrQT09IiwibWFjIjoiYzdkZjlhNThkYzJhMGFjOWYxOWZjMGIzZGFlOTY3M2ExZmNhNGRmNDk5YmUxMTAwMTFmODliNGI5NDQ5OGU5OCIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6ImQzclBNOUZPSmdlS1JOWTd2dUdxY1E9PSIsInZhbHVlIjoiZVRsam9uckt3QnJQVHkyc09aWTFuVVFkeHRaVnhHZDZDRVBZeDFzcUlHNkttUllRaVVaQ0YzYjcydUdDb1hlTGZ3UUVBVFcvWGlVM0xBSXlCZ1dqSG1sVWF0OEk2aVVzQklFaCt1SFdldWgyS0tFeCtYSTBPN3hoa0VFb0x0SHYiLCJtYWMiOiJiMmZjYjJiODJmY2FjZjYzNTgwNWRkY2RhYmM2MWJiYzc1MDFiZjQ2ZTcxMjJhZTg1OTNlNzhiNGU2Mzg3OWNkIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6IlNseFZEN05rN3NLbnpJZEY5djY3SEE9PSIsInZhbHVlIjoibisxSVlha3diajc5Ly9QY1FXc1YrOFAxL1VORkVWakx5Vk1iQ0ZsZERRWlhrT1JsZ2liRHVOa3ZwME1hODZRdHZDelAxR2x2dlJONlh2MXVVK2xmNFRBNzZvUzhXWjRuQ011Z2dtT1hOY2l0NDdZRnZubzB6Z2xlZGQwTktFM2QiLCJtYWMiOiI0ZGE1MTkzYzQyOWI5YmM1NmUyOWY5NzZjYzE5YmQ2NTFmY2ZjNjkwYTAxMWI3NTM4YjQyYzQyOGYzODU3NzJlIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 07:02:37 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=980842
etag: W/"63baab19-ef76a"
last-modified: Sun, 08 Jan 2023 11:38:01 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Accept-Encoding
cf-cache-status: HIT
age: 6374826
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qt7FRNSgClxC5sktdOoilDztymCliw94cxjqBNZ8E34aMlsZa5Q6JQrPFLscmWqR7yQFr7qCcNrSK9sKyPz0n9FPYXzH0h3nfAdowUWuQWMZ8NFaz7Yte2Z2GqGy8wMLEw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ac4cf525f00b4ed-OSL
content-encoding: br
X-Firefox-Spdy: h2