upfilesurls.com/zKQ4lX?auth=eyJpdiI6IlJBS2VEK3Q2enpSTW4zSFloeDlEcmc9PSIsInZhbHVlIjoic3VKajlaeDU5T1d6UWpSUlh1NGU3UT09IiwibWFjIjoiOTgyOGZiYTEzYmE0OGY3NGMyNzg3MmYyOWU3NjE5YmNhNWI5ZTY2ZWQ0MDk4Nzc1N2NkNGQ0ZTFhODQ2Njg4NyIsInRhZyI6IiJ9
104.26.9.138301 Moved Permanently 0 B URL HTTP/1.1 upfilesurls.com/zKQ4lX?auth=eyJpdiI6IlJBS2VEK3Q2enpSTW4zSFloeDlEcmc9PSIsInZhbHVlIjoic3VKajlaeDU5T1d6UWpSUlh1NGU3UT09IiwibWFjIjoiOTgyOGZiYTEzYmE0OGY3NGMyNzg3MmYyOWU3NjE5YmNhNWI5ZTY2ZWQ0MDk4Nzc1N2NkNGQ0ZTFhODQ2Njg4NyIsInRhZyI6IiJ9
IP 104.26.9.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /zKQ4lX?auth=eyJpdiI6IlJBS2VEK3Q2enpSTW4zSFloeDlEcmc9PSIsInZhbHVlIjoic3VKajlaeDU5T1d6UWpSUlh1NGU3UT09IiwibWFjIjoiOTgyOGZiYTEzYmE0OGY3NGMyNzg3MmYyOWU3NjE5YmNhNWI5ZTY2ZWQ0MDk4Nzc1N2NkNGQ0ZTFhODQ2Njg4NyIsInRhZyI6IiJ9 HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 29 Jan 2023 18:17:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 29 Jan 2023 19:17:56 GMT
Location: https://upfilesurls.com/zKQ4lX?auth=eyJpdiI6IlJBS2VEK3Q2enpSTW4zSFloeDlEcmc9PSIsInZhbHVlIjoic3VKajlaeDU5T1d6UWpSUlh1NGU3UT09IiwibWFjIjoiOTgyOGZiYTEzYmE0OGY3NGMyNzg3MmYyOWU3NjE5YmNhNWI5ZTY2ZWQ0MDk4Nzc1N2NkNGQ0ZTFhODQ2Njg4NyIsInRhZyI6IiJ9
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QIJwvBHxgPPVDZn47qWqx%2BmVAUyOPoztEeWxdlXV2QVvYbV1vw1n3rPE%2B%2FJyeE99WywtiORWzkq3oP0%2FGK1bSVI70tV5eZMz%2BZFxZCPltgzbh9%2FjHbzFvy9rkPB0IS6gCA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7913f7b06f1ab4ed-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5eb7c9bc996a0ff420e58af45526f053
8c2614832b8efe1c9da0bbd465d6f3f172d95a9e
c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5775
Expires: Sun, 29 Jan 2023 19:54:11 GMT
Date: Sun, 29 Jan 2023 18:17:56 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 3eb88dea4fe00db1182370e72683c3ab
ca520abf1e91bfd2aef40c6a1270a911071e8922
d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8002
Expires: Sun, 29 Jan 2023 20:31:18 GMT
Date: Sun, 29 Jan 2023 18:17:56 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 302c7548412192add063ad6c8b99cf3b
e5d178931a27db036ce8daae302594d3ff7050b8
fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9734
Expires: Sun, 29 Jan 2023 21:00:10 GMT
Date: Sun, 29 Jan 2023 18:17:56 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 29 Jan 2023 17:35:38 GMT
content-type: application/json
age: 2538
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 6EUE/MrUtegRYdwuyJNKlhud/+lu1b37yRA49frZjKkUB3IqnVs9kfhLa7p0avOu6N7XrHkZ/bQ=
x-amz-request-id: 48G1D6ZRSY9QW62K
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 29 Jan 2023 17:21:28 GMT
age: 3388
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/zRoRiMv3PXI
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/zRoRiMv3PXI
IP 142.250.74.131:0
Hash d603467b40fa64789d35c294857df4db
9fffcdfb4d8cb70070a8e98e7b0dcef1a71a83ff
6cb851e026b19670c2fdacaaec03ef053fd46e2e56c6e45e09cdbc800d81712e
POST /s/gts1p5/zRoRiMv3PXI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:17:56 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 18:17:56 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 29 Jan 2023 17:41:41 GMT
age: 2176
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
upfilesurls.com/img/plane.svg
104.26.8.138200 OK 883 B URL HTTP/2 upfilesurls.com/img/plane.svg
IP 104.26.8.138:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (580)
Hash 7a62557baacc5b26f6bbf858485545fe
8db27f646b4aab19b5b4d7275d087cb72a5e02c9
e0c717273cb8daaaf22a99e5e57bb9ae331d5e99bedc6d57c29d946e20c6c044
GET /img/plane.svg HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/zKQ4lX
Cookie: auth=eyJpdiI6IlJBS2VEK3Q2enpSTW4zSFloeDlEcmc9PSIsInZhbHVlIjoic3VKajlaeDU5T1d6UWpSUlh1NGU3UT09IiwibWFjIjoiOTgyOGZiYTEzYmE0OGY3NGMyNzg3MmYyOWU3NjE5YmNhNWI5ZTY2ZWQ0MDk4Nzc1N2NkNGQ0ZTFhODQ2Njg4NyIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6IjkvRTllL2plUGlSeFBDZGNCeU5wemc9PSIsInZhbHVlIjoiaE1iN3pHL1VSNGRJVXBCM2huRUdubFAwUWVzdW9nYWtsK0huSU5mbGZJcGtkdkg5dTNQV0NEMGR5MzhONmpKUmxDczhZYWl4ODV6eUVub0lDYjR5aGU0eldmTEJIQmlGY2hUYkM1NFpiV1ZvYXdOM1dORW5sT1MyQ3BFSUpPeDciLCJtYWMiOiIyZDI2YTI1YjA1YTRiM2Q3N2M5MTY2ZGViMGJlYmY3MDBkOTQ1NjQ5N2JlY2MwZTFkOGFkNDg0OWI1OWExMDE4IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InRPamlGZFlDc1NCUktkOVZPdkQ3V1E9PSIsInZhbHVlIjoiM0I4WHRiNFlIOGR0dmVFQ1ZidXlqYkRmcjdrMWtWd3FKai9FaURFM2Y5c0Y0aWR4bkxSY3ZWNU1OdlJDRkwzdjg3VTUxRUNZSUgrWUtsYWNHblNpK0FDbjFDeG9DWE42YWV4TmtEYVpITVM1bmUvVmVhTU9iVWNxbSs5bGpRM0IiLCJtYWMiOiIzN2ZiYTIwMmE5M2QzNTAwYjhmNjhhYjlmNzdiZGRiYTljN2QwYzhhMjVmOTVmODcxNDU2YzFkMDdmMWQ4M2Y2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:17:57 GMT
content-type: image/svg+xml
last-modified: Fri, 13 Jan 2023 13:29:35 GMT
vary: Accept-Encoding
etag: W/"63c15cbf-2ac"
cache-control: max-age=2592000
cf-cache-status: HIT
age: 440682
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SRsusZvXolxyDYE%2B65VJmBwMQjxIGe9Mudl8khaVprsUmBx5HQvMZGIKfCahT8v1bxJU4wlNP3lJAsqjO7Rq22nEQpNbGy%2B3f2yOucOXWX3VZ1jv8Sss74xzZoSkF8RXrA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7913f7b5f87ab521-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6594
Expires: Sun, 29 Jan 2023 20:07:51 GMT
Date: Sun, 29 Jan 2023 18:17:57 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:17:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-197252557-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-197252557-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1759)
Hash d5a226af44b34c5c42b12c707411c7ba
8adfac875a7a9bbc10b9418df44747c2abfcd4bd
721333d92191cd3cb4bcde4cce76b7c13848bd1643bea4844489303e95ce1b27
GET /gtag/js?id=UA-197252557-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 29 Jan 2023 18:17:57 GMT
expires: Sun, 29 Jan 2023 18:17:57 GMT
cache-control: private, max-age=900
last-modified: Sun, 29 Jan 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44095
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bab8a4c1e6bb2e6c9cc00222eef1235d
1a5dd108e9f9aaf33bc048b0097a9f510d295cad
fd182297a143655a9142e3ee5bbafefd76ca974094f43fb695611f6876f3ab63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:17:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 75bf326700e29b1b06e57fb96ee2b064
4f979f28905b65637a058cd44be6c25bb51a42e4
385f7a9c4112c4d674264d02229719e7f82e7039e681db8aaa6685ebab2be0c1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:17:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 4d62c00dff264740d09dd987c35ea370
c38fd85d6b4594359bb3c5c4ea9a347005103c0e
670d8603cde086549e88158c9e4e672ecfe11d847fcccc97e1ddad13e8145500
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2511
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:17:57 GMT
Last-Modified: Sun, 29 Jan 2023 17:36:06 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
upfilesurls.com/img/menu.svg
104.26.8.138200 OK 872 B URL HTTP/2 upfilesurls.com/img/menu.svg
IP 104.26.8.138:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text
Hash a2d938fb435cb5fdf83c6f48752cc97e
1aebc2daee58e25757ef571a301253ee648062f5
bdf10bddf267c8740780b6b0bf661517fb1134598de38f12040c976b3bbf82a4
GET /img/menu.svg HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/zKQ4lX
Cookie: auth=eyJpdiI6IlJBS2VEK3Q2enpSTW4zSFloeDlEcmc9PSIsInZhbHVlIjoic3VKajlaeDU5T1d6UWpSUlh1NGU3UT09IiwibWFjIjoiOTgyOGZiYTEzYmE0OGY3NGMyNzg3MmYyOWU3NjE5YmNhNWI5ZTY2ZWQ0MDk4Nzc1N2NkNGQ0ZTFhODQ2Njg4NyIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6IjkvRTllL2plUGlSeFBDZGNCeU5wemc9PSIsInZhbHVlIjoiaE1iN3pHL1VSNGRJVXBCM2huRUdubFAwUWVzdW9nYWtsK0huSU5mbGZJcGtkdkg5dTNQV0NEMGR5MzhONmpKUmxDczhZYWl4ODV6eUVub0lDYjR5aGU0eldmTEJIQmlGY2hUYkM1NFpiV1ZvYXdOM1dORW5sT1MyQ3BFSUpPeDciLCJtYWMiOiIyZDI2YTI1YjA1YTRiM2Q3N2M5MTY2ZGViMGJlYmY3MDBkOTQ1NjQ5N2JlY2MwZTFkOGFkNDg0OWI1OWExMDE4IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InRPamlGZFlDc1NCUktkOVZPdkQ3V1E9PSIsInZhbHVlIjoiM0I4WHRiNFlIOGR0dmVFQ1ZidXlqYkRmcjdrMWtWd3FKai9FaURFM2Y5c0Y0aWR4bkxSY3ZWNU1OdlJDRkwzdjg3VTUxRUNZSUgrWUtsYWNHblNpK0FDbjFDeG9DWE42YWV4TmtEYVpITVM1bmUvVmVhTU9iVWNxbSs5bGpRM0IiLCJtYWMiOiIzN2ZiYTIwMmE5M2QzNTAwYjhmNjhhYjlmNzdiZGRiYTljN2QwYzhhMjVmOTVmODcxNDU2YzFkMDdmMWQ4M2Y2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:17:57 GMT
content-type: image/svg+xml
last-modified: Fri, 13 Jan 2023 13:29:35 GMT
vary: Accept-Encoding
etag: W/"63c15cbf-6c8"
cache-control: max-age=2592000
cf-cache-status: HIT
age: 440682
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iUJ4mxF7XFGDeijwilpP5CJFEdjWqHZEOFVCr436usy9FO2d35%2Fi0fBWnruX3Or6Fcw1oLBkpJi0IPmkDUkCzm63EvxHDBMu%2B%2BD%2BAeq9fEA84Ed5zY57n4eydLD0kI4keQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7913f7b5f875b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash f43bf5882edcb4f521f2a9ad080a95a6
de744dd4414df08537c8d262073e7cb0ebfe573c
cc338e9453d9289ab1b642c9b2e4ec52a203c03e20defd7132ecbcf151969736
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4918
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:17:57 GMT
Last-Modified: Sun, 29 Jan 2023 16:55:59 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfilesurls.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 13:09:06 GMT
expires: Wed, 24 Jan 2024 13:09:06 GMT
cache-control: public, max-age=31536000
age: 450531
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:17:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:17:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:17:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
142.250.74.35200 OK 38 kB URL HTTP/2 fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 37924, version 1.0\012- data
Hash e08be6d5d433944f7ad52902e4d24db5
e2600c1d60d12d397b3ee44411a021231d71e974
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
GET /s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfilesurls.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 37924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 28 Jan 2023 09:44:08 GMT
expires: Sun, 28 Jan 2024 09:44:08 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
content-type: font/woff2
age: 117229
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfilesurls.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 19:33:54 GMT
expires: Thu, 25 Jan 2024 19:33:54 GMT
cache-control: public, max-age=31536000
age: 341043
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash f43bf5882edcb4f521f2a9ad080a95a6
de744dd4414df08537c8d262073e7cb0ebfe573c
cc338e9453d9289ab1b642c9b2e4ec52a203c03e20defd7132ecbcf151969736
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4918
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:17:57 GMT
Last-Modified: Sun, 29 Jan 2023 16:55:59 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:17:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d14zhsq5aop7ap.cloudfront.net/?qshzd=974848
54.230.245.145200 OK 102 kB URL HTTP/2 d14zhsq5aop7ap.cloudfront.net/?qshzd=974848
IP 54.230.245.145:0
File type Unicode text, UTF-8 text, with very long lines (15948)
Size 102 kB (101565 bytes)
Hash ac97e5e633965c700a3600cf925fe1f2
c11e07091a8eb189b7707230f2f584a29d957f8d
e8eec85f03edc9b811ca34868439df2a36f9801f7fe4aa868d45ecc3f79c1caa
GET /?qshzd=974848 HTTP/1.1
Host: d14zhsq5aop7ap.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 101565
date: Sun, 29 Jan 2023 18:17:57 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _EpI5TJdQ-DHNzH2m2m09F0oHqpBh5hOlgFqozyT7KVEic87bNbfBA==
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.223.234.225101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.223.234.225:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: SwzuJHJxYr6jXYydeydZbA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: pHo48vS8JD4tlovVLRB3WdexKI4=
ocsp.pki.goog/s/gts1p5/SrfVchP6P8U
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/SrfVchP6P8U
IP 142.250.74.131:0
Hash 795f17a4efb2573fc585ba0a9588f99a
028c0c3aa8b4a8074a8f7be528327d35ee299b7e
84ab72e30738f6c2870d2785435469d42888484bc666b6d02569f2ce870c2728
POST /s/gts1p5/SrfVchP6P8U HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:17:57 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash ebb52ae860e35aeb31ba6d5347b8c30f
e8cf327f2307f7da76168a2472137c0b8c45ceab
e5e692eef6fd9c2a4dd9602e3522fd18ec861c80c8f9933b76bec80e50b5c497
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 18:17:57 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 26 Jan 2023 14:07:11 GMT
Expires: Thu, 02 Feb 2023 14:07:10 GMT
Etag: "e8cf327f2307f7da76168a2472137c0b8c45ceab"
Cache-Control: max-age=329952,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7913f7b8fea00b3d-OSL
ocsp.pki.goog/s/gts1p5/SrfVchP6P8U
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/SrfVchP6P8U
IP 142.250.74.131:0
Hash 795f17a4efb2573fc585ba0a9588f99a
028c0c3aa8b4a8074a8f7be528327d35ee299b7e
84ab72e30738f6c2870d2785435469d42888484bc666b6d02569f2ce870c2728
POST /s/gts1p5/SrfVchP6P8U HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:17:57 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
upfilesurls.com/images/arrow-down.png?c98e5283a69cb508d054d30256af43c6
104.26.8.138200 OK 208 B URL HTTP/2 upfilesurls.com/images/arrow-down.png?c98e5283a69cb508d054d30256af43c6
IP 104.26.8.138:0
File type PNG image data, 6 x 12, 8-bit/color RGBA, non-interlaced\012- data
Hash 31f073499665afb237f3294219d2d7c6
c1ada0510e31f661dab66203c15a3d6c8f5468d0
59b7ad6d6f457b624e25d22959edc7c83af2ac52edba32fd6648c97af0d1780c
GET /images/arrow-down.png?c98e5283a69cb508d054d30256af43c6 HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/css/frontend.css?id=2396ffb76e738e465b53
Cookie: auth=eyJpdiI6IlJBS2VEK3Q2enpSTW4zSFloeDlEcmc9PSIsInZhbHVlIjoic3VKajlaeDU5T1d6UWpSUlh1NGU3UT09IiwibWFjIjoiOTgyOGZiYTEzYmE0OGY3NGMyNzg3MmYyOWU3NjE5YmNhNWI5ZTY2ZWQ0MDk4Nzc1N2NkNGQ0ZTFhODQ2Njg4NyIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6IjkvRTllL2plUGlSeFBDZGNCeU5wemc9PSIsInZhbHVlIjoiaE1iN3pHL1VSNGRJVXBCM2huRUdubFAwUWVzdW9nYWtsK0huSU5mbGZJcGtkdkg5dTNQV0NEMGR5MzhONmpKUmxDczhZYWl4ODV6eUVub0lDYjR5aGU0eldmTEJIQmlGY2hUYkM1NFpiV1ZvYXdOM1dORW5sT1MyQ3BFSUpPeDciLCJtYWMiOiIyZDI2YTI1YjA1YTRiM2Q3N2M5MTY2ZGViMGJlYmY3MDBkOTQ1NjQ5N2JlY2MwZTFkOGFkNDg0OWI1OWExMDE4IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InRPamlGZFlDc1NCUktkOVZPdkQ3V1E9PSIsInZhbHVlIjoiM0I4WHRiNFlIOGR0dmVFQ1ZidXlqYkRmcjdrMWtWd3FKai9FaURFM2Y5c0Y0aWR4bkxSY3ZWNU1OdlJDRkwzdjg3VTUxRUNZSUgrWUtsYWNHblNpK0FDbjFDeG9DWE42YWV4TmtEYVpITVM1bmUvVmVhTU9iVWNxbSs5bGpRM0IiLCJtYWMiOiIzN2ZiYTIwMmE5M2QzNTAwYjhmNjhhYjlmNzdiZGRiYTljN2QwYzhhMjVmOTVmODcxNDU2YzFkMDdmMWQ4M2Y2IiwidGFnIjoiIn0%3D; ab=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:17:57 GMT
content-type: image/png
content-length: 208
last-modified: Fri, 08 Apr 2022 10:55:45 GMT
etag: "625014b1-d0"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 440682
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lSQGahCEE9BkS6UyGEvat8MC3gfvwknmXWC9auMN0CtQTxkUSCO5pJqKeRQlpFeqigVfQHfBswJC2Db8Yx1BBv8H%2FwK287PNCSfx7ltvcZBMCpcBNxrtCznFbzFEPXyBdw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7913f7b95dfab521-OSL
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfilesurls.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 07:51:59 GMT
expires: Thu, 25 Jan 2024 07:51:59 GMT
cache-control: public, max-age=31536000
age: 383158
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
datatechone.com/log/add?cid=099bff94-57af-4b2b-a42c-300c65c51697
37.48.68.71200 OK 2 B URL HTTP/1.1 datatechone.com/log/add?cid=099bff94-57af-4b2b-a42c-300c65c51697
IP 37.48.68.71:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /log/add?cid=099bff94-57af-4b2b-a42c-300c65c51697 HTTP/1.1
Host: datatechone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 921
Origin: https://upfilesurls.com
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sun, 29 Jan 2023 18:17:57 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://upfilesurls.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
coonandeg.xyz/d1QzQUgWNlAsdxZpUWc9BTgOZHoxcQEHLEZgSSk7BmFSLjhANUNvKxs7RiUuBTtdNWYZMUdkejEVZCp8QgVYFH0+AlAqLR5gXRkQTmxRGSc1MF1wcD0RXDUDDiRJEiIyEHgDOC4VciIDORx2CwsvIwUQMS1gUiwgIR1KMnEULAsvAw04SQIPJj9jKD8yMF4MPSc4ajEtNBkHEBwiZ34oBhEdSnhwOGVbZHoxH3cUeCIXBzEHRSd/AwA1ZFUpMAAwawh9IhdEKQYjOHgbexMlegR5GTABMW1FEnAWMEYyAHB/LWdXMAchFUAiekImcCYKEDV7dAoTHHVkejEya2w8GTABLnAjZldzD0RseSV6AyVpOTAAMGdxOiA9WDAuRCwWcw4UHGUzLhA4SSUfAyZwcgEdGUk5Kz0XXCgpACd2JQ8HY3VyAh0YAAwBUT5ALiYHaUAyDgUAUgMKJy57CgQ
54.230.111.66200 OK 1.2 kB URL HTTP/2 coonandeg.xyz/d1QzQUgWNlAsdxZpUWc9BTgOZHoxcQEHLEZgSSk7BmFSLjhANUNvKxs7RiUuBTtdNWYZMUdkejEVZCp8QgVYFH0+AlAqLR5gXRkQTmxRGSc1MF1wcD0RXDUDDiRJEiIyEHgDOC4VciIDORx2CwsvIwUQMS1gUiwgIR1KMnEULAsvAw04SQIPJj9jKD8yMF4MPSc4ajEtNBkHEBwiZ34oBhEdSnhwOGVbZHoxH3cUeCIXBzEHRSd/AwA1ZFUpMAAwawh9IhdEKQYjOHgbexMlegR5GTABMW1FEnAWMEYyAHB/LWdXMAchFUAiekImcCYKEDV7dAoTHHVkejEya2w8GTABLnAjZldzD0RseSV6AyVpOTAAMGdxOiA9WDAuRCwWcw4UHGUzLhA4SSUfAyZwcgEdGUk5Kz0XXCgpACd2JQ8HY3VyAh0YAAwBUT5ALiYHaUAyDgUAUgMKJy57CgQ
IP 54.230.111.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3044), with no line terminators
Hash c9525a7a169844e51736c2e79a01196f
08cc86707e5e7d3fcf14add77297c081e07feb3a
847547e1bbc94b551dfc4bfe517f980a0c6046bf9ff3abbbe416831b289a468e
GET /d1QzQUgWNlAsdxZpUWc9BTgOZHoxcQEHLEZgSSk7BmFSLjhANUNvKxs7RiUuBTtdNWYZMUdkejEVZCp8QgVYFH0+AlAqLR5gXRkQTmxRGSc1MF1wcD0RXDUDDiRJEiIyEHgDOC4VciIDORx2CwsvIwUQMS1gUiwgIR1KMnEULAsvAw04SQIPJj9jKD8yMF4MPSc4ajEtNBkHEBwiZ34oBhEdSnhwOGVbZHoxH3cUeCIXBzEHRSd/AwA1ZFUpMAAwawh9IhdEKQYjOHgbexMlegR5GTABMW1FEnAWMEYyAHB/LWdXMAchFUAiekImcCYKEDV7dAoTHHVkejEya2w8GTABLnAjZldzD0RseSV6AyVpOTAAMGdxOiA9WDAuRCwWcw4UHGUzLhA4SSUfAyZwcgEdGUk5Kz0XXCgpACd2JQ8HY3VyAh0YAAwBUT5ALiYHaUAyDgUAUgMKJy57CgQ HTTP/1.1
Host: coonandeg.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1195
date: Sun, 29 Jan 2023 18:17:57 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0EPMXQfkmMZPPE6h5q3ZxPNbbAyy8dCO37nkMBJRc5Cy1s4jhMMbcQ==
X-Firefox-Spdy: h2
coonandeg.xyz/eEVTNUwZJzBYcxl4MRM5CiluEH4+YGFzKElxKV0/CXAyWjxPJCMbLxQqJlEqCio9QWIWICcQfj4EBmAeIhI5ZDUzPzANDwEQJ2UbGwsJWw4OJBJ3fzQsPAQbEQNmcyE1ADJ2OxwGNHR+ISxjUhk/PWNTNiITA0wCEyMVcGlKAxkHHgoAOXQrN3cwdCgCBCN7GkE2A2Z0ERQqeD82AStjA0oMIHo7E30YTAECEhcFIB4CO0wWPzUjUzsiLTF2eAISOWA+NCw4ZxVLFGB5JD4vN3IkCQI+cyQZLTRnFUsUJnh9CCswfTQIIT1nfhkWGnYWLwMicg4+Lzd2YQs2FmIFPiQUWg4edgFCKg8fO3w2D3ALT3kQJCtCCyEdBUUtHxM7URQAKhFxLwwOKQwfKC8rDS0wDzRRCwB1EX0vAB8URmoSNjxbPEUKagV1EAEDASs
54.230.111.66200 OK 1.2 kB URL HTTP/2 coonandeg.xyz/eEVTNUwZJzBYcxl4MRM5CiluEH4+YGFzKElxKV0/CXAyWjxPJCMbLxQqJlEqCio9QWIWICcQfj4EBmAeIhI5ZDUzPzANDwEQJ2UbGwsJWw4OJBJ3fzQsPAQbEQNmcyE1ADJ2OxwGNHR+ISxjUhk/PWNTNiITA0wCEyMVcGlKAxkHHgoAOXQrN3cwdCgCBCN7GkE2A2Z0ERQqeD82AStjA0oMIHo7E30YTAECEhcFIB4CO0wWPzUjUzsiLTF2eAISOWA+NCw4ZxVLFGB5JD4vN3IkCQI+cyQZLTRnFUsUJnh9CCswfTQIIT1nfhkWGnYWLwMicg4+Lzd2YQs2FmIFPiQUWg4edgFCKg8fO3w2D3ALT3kQJCtCCyEdBUUtHxM7URQAKhFxLwwOKQwfKC8rDS0wDzRRCwB1EX0vAB8URmoSNjxbPEUKagV1EAEDASs
IP 54.230.111.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3035), with no line terminators
Hash 82babf47d716fa225d1ddd7c20f09042
f2426fda940d64c6ae5d6ace2ca1de823b7a5011
65b22815769c3e5cb838836e2e8b2b90057365e2bbaa700f3c70b94483c61bab
GET /eEVTNUwZJzBYcxl4MRM5CiluEH4+YGFzKElxKV0/CXAyWjxPJCMbLxQqJlEqCio9QWIWICcQfj4EBmAeIhI5ZDUzPzANDwEQJ2UbGwsJWw4OJBJ3fzQsPAQbEQNmcyE1ADJ2OxwGNHR+ISxjUhk/PWNTNiITA0wCEyMVcGlKAxkHHgoAOXQrN3cwdCgCBCN7GkE2A2Z0ERQqeD82AStjA0oMIHo7E30YTAECEhcFIB4CO0wWPzUjUzsiLTF2eAISOWA+NCw4ZxVLFGB5JD4vN3IkCQI+cyQZLTRnFUsUJnh9CCswfTQIIT1nfhkWGnYWLwMicg4+Lzd2YQs2FmIFPiQUWg4edgFCKg8fO3w2D3ALT3kQJCtCCyEdBUUtHxM7URQAKhFxLwwOKQwfKC8rDS0wDzRRCwB1EX0vAB8URmoSNjxbPEUKagV1EAEDASs HTTP/1.1
Host: coonandeg.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1185
date: Sun, 29 Jan 2023 18:17:57 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5MlMAtWFijJLavJ9k9UZOhJAJrVtaPZ9kYfrM-v3d6j0CmZpodD-gQ==
X-Firefox-Spdy: h2
reerfdfgourgo.xyz/YUpCc3pOdSEARwUNdyMbJgQKJBQNKxQmPDgvLh8rNQxzVkgnEi4QXBUjJk5DVn50QU5HOisXR1BsMQcbFT8xTktHIywVFVxsNE5LT3l2XUlQZHBVD1x7ZAcKAC1/QlwRPjYfR1B8dUZKUHxwS0xSe3I
188.114.96.1204 No Content 0 B URL HTTP/2 reerfdfgourgo.xyz/YUpCc3pOdSEARwUNdyMbJgQKJBQNKxQmPDgvLh8rNQxzVkgnEi4QXBUjJk5DVn50QU5HOisXR1BsMQcbFT8xTktHIywVFVxsNE5LT3l2XUlQZHBVD1x7ZAcKAC1/QlwRPjYfR1B8dUZKUHxwS0xSe3I
IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /YUpCc3pOdSEARwUNdyMbJgQKJBQNKxQmPDgvLh8rNQxzVkgnEi4QXBUjJk5DVn50QU5HOisXR1BsMQcbFT8xTktHIywVFVxsNE5LT3l2XUlQZHBVD1x7ZAcKAC1/QlwRPjYfR1B8dUZKUHxwS0xSe3I HTTP/1.1
Host: reerfdfgourgo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 29 Jan 2023 18:17:58 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ulIPD6VBWAP%2FLCGJPpuatwy5DxlYdYJTG9wiQaFlOFSURK%2BUTWLYODQCIeeMLoPBD2efcD4x6ruiuY1PR8tD3%2BOZwhzNx6M1rleQeQLhE6xuzWnNVEsPaFq0pTIQqi%2FIV0ZtFw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7913f7b92ce5fab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
reerfdfgourgo.xyz/Vk1ic0d5cgEAejIIEhsePCkgFnY6LyNDdmAYDgAFBAUWKxIxDEQHLjJwW0RzbnlaVTc/KV9CYSU5AwcyJXBTVS44Kw1OYSBwU110YmNRQmlkaxdOdnA5EhIga3xEAzMiIV9CcWF4UkJxZHVUQX5m
188.114.96.1204 No Content 0 B URL HTTP/2 reerfdfgourgo.xyz/Vk1ic0d5cgEAejIIEhsePCkgFnY6LyNDdmAYDgAFBAUWKxIxDEQHLjJwW0RzbnlaVTc/KV9CYSU5AwcyJXBTVS44Kw1OYSBwU110YmNRQmlkaxdOdnA5EhIga3xEAzMiIV9CcWF4UkJxZHVUQX5m
IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Vk1ic0d5cgEAejIIEhsePCkgFnY6LyNDdmAYDgAFBAUWKxIxDEQHLjJwW0RzbnlaVTc/KV9CYSU5AwcyJXBTVS44Kw1OYSBwU110YmNRQmlkaxdOdnA5EhIga3xEAzMiIV9CcWF4UkJxZHVUQX5m HTTP/1.1
Host: reerfdfgourgo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 29 Jan 2023 18:17:58 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bp%2BHpg89zqKeg1X8d0%2F1IStY7igWVRX3QXxq301e2A4x0MNxOKmV9IAbm2AZ0LOI5Us3kGfbOvgXHCBipVh%2BOINT6eSEWMhXE6XjA0G02kY9EPuUNoAMhVlL1zYYn8PlbkhNNw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7913f7b95d0ffab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/SrfVchP6P8U
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/SrfVchP6P8U
IP 142.250.74.131:0
Hash 795f17a4efb2573fc585ba0a9588f99a
028c0c3aa8b4a8074a8f7be528327d35ee299b7e
84ab72e30738f6c2870d2785435469d42888484bc666b6d02569f2ce870c2728
POST /s/gts1p5/SrfVchP6P8U HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:17:58 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d14zhsq5aop7ap.cloudfront.net/AWk45QkU5IVckei4nXX98bXoBdn18JEotKypzSjEDKBpYAAcKNHEJCXw6QyZ4amhVIys9cx8nKzlzCGQkPiwEdmMuPlYpeCM4QTU3MiNfIy98O1h/KDU0UC4pO2sLBHB0fhxwdXI5UCwhNTlKZ3dqIE1nd2p/CWx1f317Z3dqOVAsc25rCgBgaH5BdHF/fX-tnd2o8T2d2G38Jd2tqZxxwdT0rWikqf3x/cHVrfglzdWtrC3IjMzxcJCoiawsEdGp7F3JjL3MI
54.230.245.145200 OK 560 B URL HTTP/2 d14zhsq5aop7ap.cloudfront.net/AWk45QkU5IVckei4nXX98bXoBdn18JEotKypzSjEDKBpYAAcKNHEJCXw6QyZ4amhVIys9cx8nKzlzCGQkPiwEdmMuPlYpeCM4QTU3MiNfIy98O1h/KDU0UC4pO2sLBHB0fhxwdXI5UCwhNTlKZ3dqIE1nd2p/CWx1f317Z3dqOVAsc25rCgBgaH5BdHF/fX-tnd2o8T2d2G38Jd2tqZxxwdT0rWikqf3x/cHVrfglzdWtrC3IjMzxcJCoiawsEdGp7F3JjL3MI
IP 54.230.245.145:0
File type ASCII text, with very long lines (781), with no line terminators
Hash 355bd03e1caa6740a068c0b25ae13d0e
a5c51fab00682a3fb1029b4b95e8097f659fa230
e25a9c04b5cc6918efd474de095297ccf4700ac0fda187090f1b8d4690795e6f
GET /AWk45QkU5IVckei4nXX98bXoBdn18JEotKypzSjEDKBpYAAcKNHEJCXw6QyZ4amhVIys9cx8nKzlzCGQkPiwEdmMuPlYpeCM4QTU3MiNfIy98O1h/KDU0UC4pO2sLBHB0fhxwdXI5UCwhNTlKZ3dqIE1nd2p/CWx1f317Z3dqOVAsc25rCgBgaH5BdHF/fX-tnd2o8T2d2G38Jd2tqZxxwdT0rWikqf3x/cHVrfglzdWtrC3IjMzxcJCoiawsEdGp7F3JjL3MI HTTP/1.1
Host: d14zhsq5aop7ap.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coonandeg.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 560
date: Sun, 29 Jan 2023 18:17:58 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Holsl_1RghvC3DuMbUiYjZL8NFc0qtRhOPcaT02y85Sk3Tp2WFO-jQ==
X-Firefox-Spdy: h2
d14zhsq5aop7ap.cloudfront.net/AUURZWjQyKzc8CyUtPWcNZnBvaAB3Lio1WiF5FmMEaCwdCgA2Yi0gUGx0fzZVPyNkfFE/J2RrEjAgO2cAdzApNV9sPS8iQyMsNDxVO2IsOwk8KyMzWD0lfGhyZGppfwZhbC4zWjUrLikRY3Q3LhFjdGhqGmFhahgRY3QuM1pncHxpdnR2aSICZWFqGBFjdC-ssEWIFaGoBf3RwfwZhIzw5Xz5haxwGYXVpagVhdXxoBDctKz9SPjx8aHJgdGx0BHcxZGs
54.230.245.145200 OK 584 B URL HTTP/2 d14zhsq5aop7ap.cloudfront.net/AUURZWjQyKzc8CyUtPWcNZnBvaAB3Lio1WiF5FmMEaCwdCgA2Yi0gUGx0fzZVPyNkfFE/J2RrEjAgO2cAdzApNV9sPS8iQyMsNDxVO2IsOwk8KyMzWD0lfGhyZGppfwZhbC4zWjUrLikRY3Q3LhFjdGhqGmFhahgRY3QuM1pncHxpdnR2aSICZWFqGBFjdC-ssEWIFaGoBf3RwfwZhIzw5Xz5haxwGYXVpagVhdXxoBDctKz9SPjx8aHJgdGx0BHcxZGs
IP 54.230.245.145:0
File type ASCII text, with very long lines (821), with no line terminators
Hash ea30d83f7ce15fb10be2b4a635fcc636
226698375e2f7ad7880790959c6e0df28405dae1
2810f0467014d1b93fb152a9dc2be1ba66ff700c606e487bca55bce55e432e1d
GET /AUURZWjQyKzc8CyUtPWcNZnBvaAB3Lio1WiF5FmMEaCwdCgA2Yi0gUGx0fzZVPyNkfFE/J2RrEjAgO2cAdzApNV9sPS8iQyMsNDxVO2IsOwk8KyMzWD0lfGhyZGppfwZhbC4zWjUrLikRY3Q3LhFjdGhqGmFhahgRY3QuM1pncHxpdnR2aSICZWFqGBFjdC-ssEWIFaGoBf3RwfwZhIzw5Xz5haxwGYXVpagVhdXxoBDctKz9SPjx8aHJgdGx0BHcxZGs HTTP/1.1
Host: d14zhsq5aop7ap.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coonandeg.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 584
date: Sun, 29 Jan 2023 18:17:58 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UUIhgnU1EDwSTqkb6ES0YXioAgaRasbP0xJLIXDtwywNIACMjDNfuw==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 631ea0b9b4e3085e98b5c5498a4c9047
ec9f6e457fdd72390b9843f217821dff325c80f8
27c2771693d65c03977ca230c70271d4105cac00b7cf855d968473c6a9eec39f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:17:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 14681339fc16ac120967600c85c37d96
589ed56dc45067e35e26a667ad3d9a12d0f61884
c7a020eb97f372e9325a03c89aa4d97d023f8583ea94af56ae1ffc2363ab8547
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2706
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:17:58 GMT
Last-Modified: Sun, 29 Jan 2023 17:32:52 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash adf097516e1f7281c6a6b4b6f7557683
de298967d2745d501eeea662a364d253e95ef837
717a4025b2c01ba3b4e2c660dcdf4de213ba42c3db15e0ee35df5e04eeb99176
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:17:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 631ea0b9b4e3085e98b5c5498a4c9047
ec9f6e457fdd72390b9843f217821dff325c80f8
27c2771693d65c03977ca230c70271d4105cac00b7cf855d968473c6a9eec39f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:17:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
upfilesurls.com/js/frontend.js?id=88f283c744d8a6e43cfb
104.26.8.138200 OK 288 kB URL HTTP/2 upfilesurls.com/js/frontend.js?id=88f283c744d8a6e43cfb
IP 104.26.8.138:0
File type Unicode text, UTF-8 text, with very long lines (65526), with no line terminators
Size 288 kB (287772 bytes)
Hash f4c0b479ef1de5e30c6d504ffe796f98
d68c84178767c74a10e3e235971c7b1338e0c888
7dc469c425bcf36f0a1592f2aba1b69e1c1d0e2ced77ddf625e8302b749a092e
GET /js/frontend.js?id=88f283c744d8a6e43cfb HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/zKQ4lX
Cookie: auth=eyJpdiI6IlJBS2VEK3Q2enpSTW4zSFloeDlEcmc9PSIsInZhbHVlIjoic3VKajlaeDU5T1d6UWpSUlh1NGU3UT09IiwibWFjIjoiOTgyOGZiYTEzYmE0OGY3NGMyNzg3MmYyOWU3NjE5YmNhNWI5ZTY2ZWQ0MDk4Nzc1N2NkNGQ0ZTFhODQ2Njg4NyIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6IjkvRTllL2plUGlSeFBDZGNCeU5wemc9PSIsInZhbHVlIjoiaE1iN3pHL1VSNGRJVXBCM2huRUdubFAwUWVzdW9nYWtsK0huSU5mbGZJcGtkdkg5dTNQV0NEMGR5MzhONmpKUmxDczhZYWl4ODV6eUVub0lDYjR5aGU0eldmTEJIQmlGY2hUYkM1NFpiV1ZvYXdOM1dORW5sT1MyQ3BFSUpPeDciLCJtYWMiOiIyZDI2YTI1YjA1YTRiM2Q3N2M5MTY2ZGViMGJlYmY3MDBkOTQ1NjQ5N2JlY2MwZTFkOGFkNDg0OWI1OWExMDE4IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InRPamlGZFlDc1NCUktkOVZPdkQ3V1E9PSIsInZhbHVlIjoiM0I4WHRiNFlIOGR0dmVFQ1ZidXlqYkRmcjdrMWtWd3FKai9FaURFM2Y5c0Y0aWR4bkxSY3ZWNU1OdlJDRkwzdjg3VTUxRUNZSUgrWUtsYWNHblNpK0FDbjFDeG9DWE42YWV4TmtEYVpITVM1bmUvVmVhTU9iVWNxbSs5bGpRM0IiLCJtYWMiOiIzN2ZiYTIwMmE5M2QzNTAwYjhmNjhhYjlmNzdiZGRiYTljN2QwYzhhMjVmOTVmODcxNDU2YzFkMDdmMWQ4M2Y2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:17:57 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=980842
etag: W/"63baab19-ef76a"
last-modified: Sun, 08 Jan 2023 11:38:01 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Accept-Encoding
cf-cache-status: HIT
age: 1836146
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HkTHhBo5OWGncfv1ZCCPk80zrCVPTgB1JJMQmTyUh3zJ0qIZ%2FQcHllF2VPSMI1eCeHoRRaq3emiL20Jm2pUw%2Bwzo7oWp7HzieTJDqM%2BebML2qZXFbDQOKqkWhd1Rr%2BafrA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7913f7b5f87db521-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ed8a8c45dceab588456b222e04775919
0242859712655caa3c3e9b936878c7c7874b7b5a
669f0691b8bf32a10fb219ce47ad69495e5cd2a11317b672aecca53f50b51de3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:17:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
95.101.11.115200 OK 346 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7241647da541f672b155263e9b22eff1
bc41fc4d6497d154ed4d4fe9d079357bbe1028c6
a69c539a138bc99adf7b08838da4b139aa59d58ce81651504993e80996620d97
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A69C539A138BC99ADF7B08838DA4B139AA59D58CE81651504993E80996620D97"
Last-Modified: Sat, 28 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4576
Expires: Sun, 29 Jan 2023 19:34:14 GMT
Date: Sun, 29 Jan 2023 18:17:58 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 346 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7241647da541f672b155263e9b22eff1
bc41fc4d6497d154ed4d4fe9d079357bbe1028c6
a69c539a138bc99adf7b08838da4b139aa59d58ce81651504993e80996620d97
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A69C539A138BC99ADF7B08838DA4B139AA59D58CE81651504993E80996620D97"
Last-Modified: Sat, 28 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4576
Expires: Sun, 29 Jan 2023 19:34:14 GMT
Date: Sun, 29 Jan 2023 18:17:58 GMT
Connection: keep-alive
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
216.58.207.237302 Found 391 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (379)
Hash e722e665578e1348c0e951fb37160e11
54b0048aff0bcfeec5787fb04a3e48d730b16f63
98d238326b1dde4c4e9c9d560c0d676dd096223ad27d5cd55631ed078e089ba0
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 29 Jan 2023 18:17:58 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S302201983%3A1675016278301925&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHffsg6CKLEsSnPNPC00M1qn7aswhJDl_-6lcpDHQZmiotR0HCz7A0K0Y_m7r6L3CeoWh8H6xQ
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-zDZxKR3QmeLF-3p_Ww7hmw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 391
server: GSE
set-cookie: __Host-GAPS=1:64QJPrQjkOGiM20KxiO8C4qb2W2cTQ:BAA13LkgcU4JSFaz;Path=/;Expires=Tue, 28-Jan-2025 18:17:58 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
142.250.74.3200 OK 586 B URL HTTP/2 www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
IP 142.250.74.3:0
File type ASCII text, with very long lines (921), with no line terminators
Hash f5663b139833f4a8e0066ac97b30d0d3
f7b0f69618c8a5d87603de62b6c68bd948e5197d
cbfc44c0dd839b503a89d290390e19f5409f38962dd8843124d7ec2a6e1beec0
GET /recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit HTTP/1.1
Host: www.recaptcha.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sun, 29 Jan 2023 18:17:58 GMT
date: Sun, 29 Jan 2023 18:17:58 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 586
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
coonandeg.xyz/utx?cb=g7DhG9y3THAq&top=upfilesurls.com&tid=974848
54.230.111.66204 No Content 0 B URL HTTP/2 coonandeg.xyz/utx?cb=g7DhG9y3THAq&top=upfilesurls.com&tid=974848
IP 54.230.111.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=g7DhG9y3THAq&top=upfilesurls.com&tid=974848 HTTP/1.1
Host: coonandeg.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 29 Jan 2023 18:17:58 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://upfilesurls.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 29 Jan 2023 18:18:58 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9RpkgDKO5K1MeW33zV-Lqysh81hTNOYwEWYfCgjTnmxCWLHJf1XYwA==
X-Firefox-Spdy: h2
coonandeg.xyz/utx?cb=MpdDhwm79SZL&top=upfilesurls.com&tid=974624
54.230.111.66204 No Content 0 B URL HTTP/2 coonandeg.xyz/utx?cb=MpdDhwm79SZL&top=upfilesurls.com&tid=974624
IP 54.230.111.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=MpdDhwm79SZL&top=upfilesurls.com&tid=974624 HTTP/1.1
Host: coonandeg.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 29 Jan 2023 18:17:58 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://upfilesurls.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 29 Jan 2023 18:18:58 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BSEhIJFQxIFG8Wx0cEmYLF5eWyoPXsHTCvGh8F5YBWR4viYl7Zv6Uw==
X-Firefox-Spdy: h2
cdntechone.com/stattag.js
104.21.29.183200 OK 5.3 kB URL HTTP/2 cdntechone.com/stattag.js
IP 104.21.29.183:0
File type ASCII text, with very long lines (13087), with no line terminators
Hash 806d7faa4aa36ef95332b1ae5effa55d
ce229f24ae017901284a49f1a1134d3f1dafcb73
56acd944ff33c36b2cd35188c07382dab9ab8074a05358f45d337f2be7eb5069
GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:17:57 GMT
content-type: application/javascript
last-modified: Thu, 29 Dec 2022 16:01:22 GMT
etag: W/"63adb9d2-331f"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 4942
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4oDRzByTQvvrSeW2MdkWFE7oxfYuvAMG7Lv%2B1CN7RRDU3pRB5II7OrfJdUxjyD143SlufJ0%2Fohk44NHnJhHETPFDPtysYCEaiaumnhwPIGTAUFeOULsEzYoJgMZbEsW2oA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7913f7b7696ab512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j99&a=1448630208&t=pageview&_s=1&dl=https%3A%2F%2Fupfilesurls.com%2FzKQ4lX&ul=en-us&de=UTF-8&dt=IMG_20221213_171039_515.jpg&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=1623113463&gjid=1795512568&cid=1096862158.1675016287&tid=UA-197252557-1&_gid=256227001.1675016287&_r=1&_slc=1>m=2ou1p0&z=1872196962
142.250.74.46200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j99&a=1448630208&t=pageview&_s=1&dl=https%3A%2F%2Fupfilesurls.com%2FzKQ4lX&ul=en-us&de=UTF-8&dt=IMG_20221213_171039_515.jpg&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=1623113463&gjid=1795512568&cid=1096862158.1675016287&tid=UA-197252557-1&_gid=256227001.1675016287&_r=1&_slc=1>m=2ou1p0&z=1872196962
IP 142.250.74.46:0
File type ASCII text, with no line terminators
Hash 38684612f0c6bb6dfa16da92f4a6878f
6fe62d0dd7db314b7f9bb945672f078e01d27f0f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
POST /j/collect?v=1&_v=j99&a=1448630208&t=pageview&_s=1&dl=https%3A%2F%2Fupfilesurls.com%2FzKQ4lX&ul=en-us&de=UTF-8&dt=IMG_20221213_171039_515.jpg&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=1623113463&gjid=1795512568&cid=1096862158.1675016287&tid=UA-197252557-1&_gid=256227001.1675016287&_r=1&_slc=1>m=2ou1p0&z=1872196962 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://upfilesurls.com
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://upfilesurls.com
date: Sun, 29 Jan 2023 18:17:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
216.58.207.237302 Found 397 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (384)
Hash 2005295f5df62a98c5f1479d41483df6
44a7cc770bd3ecfff57aaf0f1906e8d7485b0d10
8873429707f459fc7c952f27c6d94f75d068b5a6db920c60369888e1296ea31c
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 29 Jan 2023 18:17:58 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S1526915087%3A1675016278346726&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHcV_3S7hbR7q5Ndvmv_3bVzakVWgV6xOXAjbnhVcbw-ZQeLX8Bep_1siqUkZ_kiC5sQ3R3BDg
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-4teqEDtX-0VcCuJzvKDIjw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 397
server: GSE
set-cookie: __Host-GAPS=1:8P87T_omPZ1lF-8eesQ5kKXmtjMCCQ:z0IimZ5CJD2m8JaS;Path=/;Expires=Tue, 28-Jan-2025 18:17:58 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 291eb343f680f52674b4a3eb6dba6b56
ed4182b7e4c11cc523ed7de0d6b35e90df69f2dd
67887356a99866517f404e5b5d8385dd24568e1dcb34b41c6ec3d09917354eff
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:17:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ef589be52a3e55b643978f17949a73da
74545de6f144282252ff92c751f97cc835c80341
7bfa68c43e60a2627770163b5c1b96fbd7e4843984ad5ff6225c5490b8073b26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:17:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ed8a8c45dceab588456b222e04775919
0242859712655caa3c3e9b936878c7c7874b7b5a
669f0691b8bf32a10fb219ce47ad69495e5cd2a11317b672aecca53f50b51de3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:17:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d14zhsq5aop7ap.cloudfront.net/?qshzd=974848
54.230.245.145200 OK 102 kB URL HTTP/2 d14zhsq5aop7ap.cloudfront.net/?qshzd=974848
IP 54.230.245.145:0
File type Unicode text, UTF-8 text, with very long lines (15948)
Size 102 kB (101565 bytes)
Hash 30cda54187cbf1e701a661118ac2dd51
fea069de9fefa990bfb8102c014346635193a012
f4c754d8fc8eeddd425708241a90a78741f990a671f70a689d562208d73177dd
GET /?qshzd=974848 HTTP/1.1
Host: d14zhsq5aop7ap.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Origin: https://upfilesurls.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 101565
date: Sun, 29 Jan 2023 18:17:58 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://upfilesurls.com
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NwQEuxt0PUdZL4koD0klFOSmIm-6MJvpWRt22LJjVohNoo-ndww4dA==
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 4d62c00dff264740d09dd987c35ea370
c38fd85d6b4594359bb3c5c4ea9a347005103c0e
670d8603cde086549e88158c9e4e672ecfe11d847fcccc97e1ddad13e8145500
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2512
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:17:58 GMT
Last-Modified: Sun, 29 Jan 2023 17:36:06 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
live.demand.supply/e/e.js?e=ll&d=804&cs=c&dsReferer=dXBmaWxlc3VybHMuY29tL3pLUTRsWA==
104.16.133.22200 OK 0 B URL HTTP/2 live.demand.supply/e/e.js?e=ll&d=804&cs=c&dsReferer=dXBmaWxlc3VybHMuY29tL3pLUTRsWA==
IP 104.16.133.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /e/e.js?e=ll&d=804&cs=c&dsReferer=dXBmaWxlc3VybHMuY29tL3pLUTRsWA== HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:17:58 GMT
content-type: application/javascript; charset=UTF-8
content-length: 1
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=2
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
x-nf-request-id: 01GQ7H9CDYQA3SAN73KD16A0RG
cf-cache-status: HIT
age: 792101
accept-ranges: bytes
set-cookie: __cf_bm=w4xIUYSMJx6dmoKrAoAHGDqOR83YXoRHs5Xn0gAgT_E-1675016278-0-AauXbeWIG4ZRJbbQ9EXNPozQTBWoXVWYgxzHXM6yV8kI4cyiV0/JoIyErNhc00w/VnI0Dg8Uh2cmFJqX5Hxok/E=; path=/; expires=Sun, 29-Jan-23 18:47:58 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7913f7bc5e3f1c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 14681339fc16ac120967600c85c37d96
589ed56dc45067e35e26a667ad3d9a12d0f61884
c7a020eb97f372e9325a03c89aa4d97d023f8583ea94af56ae1ffc2363ab8547
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2706
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:17:58 GMT
Last-Modified: Sun, 29 Jan 2023 17:32:52 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
live.demand.supply/x/e.js?ce=fs&dsReferer=dXBmaWxlc3VybHMuY29tL3pLUTRsWA==
104.16.133.22200 OK 0 B URL HTTP/2 live.demand.supply/x/e.js?ce=fs&dsReferer=dXBmaWxlc3VybHMuY29tL3pLUTRsWA==
IP 104.16.133.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /x/e.js?ce=fs&dsReferer=dXBmaWxlc3VybHMuY29tL3pLUTRsWA== HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:17:58 GMT
content-type: application/javascript; charset=UTF-8
content-length: 1
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=2
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
x-nf-request-id: 01GQ7H9CDM1X7TBXKQH8Y72FG5
cf-cache-status: HIT
age: 792100
accept-ranges: bytes
set-cookie: __cf_bm=bor__qBrSqZE2zKfVHV2FFbO9l4le1x9GGO1vATdoZM-1675016278-0-AV/Q2lcR5VQU4z3fn936NHPnrr2bRQrzeac6O45lRC3jbaXhv08X1UFuH0hAEjCRcNvDY5L9GkUT8Sxz4dr2Eyc=; path=/; expires=Sun, 29-Jan-23 18:47:58 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7913f7bc6e481c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
95.101.11.115200 OK 346 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7241647da541f672b155263e9b22eff1
bc41fc4d6497d154ed4d4fe9d079357bbe1028c6
a69c539a138bc99adf7b08838da4b139aa59d58ce81651504993e80996620d97
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A69C539A138BC99ADF7B08838DA4B139AA59D58CE81651504993E80996620D97"
Last-Modified: Sat, 28 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4576
Expires: Sun, 29 Jan 2023 19:34:14 GMT
Date: Sun, 29 Jan 2023 18:17:58 GMT
Connection: keep-alive
www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js
216.58.211.3200 OK 164 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js
IP 216.58.211.3:0
File type ASCII text, with very long lines (771)
Size 164 kB (163774 bytes)
Hash 57c909ab73fc27ec24f737bbf1cb1de8
89b2c02e9e7a9a764518fca545d3eec2044fd6d9
7e407e2b00bb7c238c71d96472f7ab030de4e610b1048f0f77b25cb85c2d166b
GET /recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 17:09:34 GMT
expires: Tue, 23 Jan 2024 17:09:34 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 23 Jan 2023 01:02:00 GMT
content-type: text/javascript
age: 522504
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
live.demand.supply/p4/v16-2-0/dXBmaWxlc3VybHMuY29tL3pLUTRsWA==
104.16.133.22200 OK 749 B URL HTTP/2 live.demand.supply/p4/v16-2-0/dXBmaWxlc3VybHMuY29tL3pLUTRsWA==
IP 104.16.133.22:0
File type ASCII text, with very long lines (2039), with no line terminators
Hash ea36e5eabff8504a4c3a9eaa845380e7
1b34caa4c314f1401b4d18a221c37bf1c95f7b04
90562fc6246561ca6d062f2368d8130d14343ea4d68a7cac3cc6a0ff0a8cd308
GET /p4/v16-2-0/dXBmaWxlc3VybHMuY29tL3pLUTRsWA== HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Cookie: demandSupplyTi=94985241-3fb9-4d91-a5ea-f414e3d2d64e; __cf_bm=sG2X0Ru9EDAzxlyAbNFCDOkOfxFhnyrGz..0uig5Mvk-1675016278-0-Ae9G77glq8gzY2w4xZD5oIHNN63N6ycw5mpn78GpMqux90UMVKCUaLiou9VlP31P43H2+pjE0RambcpEJW+Solw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:17:58 GMT
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
vary: Accept-Encoding
server: cloudflare
cf-ray: 7913f7bc0a6ab503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
securepubads.g.doubleclick.net/tag/js/gpt.js
142.250.74.130200 OK 28 kB URL HTTP/2 securepubads.g.doubleclick.net/tag/js/gpt.js
IP 142.250.74.130:0
Hash 9755b14848267179820b8bb2b50eeb3c
4cbb1e42ba731e60ce520be265c35cc2f6f00901
423a1eac68d47081fb5a02ebdffb892ade4ae64c46ec201ef5ea4daee4c1e17c
GET /tag/js/gpt.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27569
date: Sun, 29 Jan 2023 18:17:58 GMT
expires: Sun, 29 Jan 2023 18:17:58 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1466 / 217 of 1000 / last-modified: 1674860937"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S1526915087%3A1675016278346726&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHcV_3S7hbR7q5Ndvmv_3bVzakVWgV6xOXAjbnhVcbw-ZQeLX8Bep_1siqUkZ_kiC5sQ3R3BDg
216.58.207.237403 Forbidden 1.3 kB URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S1526915087%3A1675016278346726&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHcV_3S7hbR7q5Ndvmv_3bVzakVWgV6xOXAjbnhVcbw-ZQeLX8Bep_1siqUkZ_kiC5sQ3R3BDg
IP 216.58.207.237:0
Hash 12cadb8a79ce5a875fd56dc6b066a52c
ea2a8a4959fbd5541a2a504906c5a1162abf6b48
952735b001452b9eb7d5c9ea82a4ce1d16144d56aa1ab8e0a918fa75652dbe6e
GET /v3/signin/identifier?dsh=S1526915087%3A1675016278346726&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHcV_3S7hbR7q5Ndvmv_3bVzakVWgV6xOXAjbnhVcbw-ZQeLX8Bep_1siqUkZ_kiC5sQ3R3BDg HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 29 Jan 2023 18:17:58 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-PenfqpyrEyBjmmxct9dZfw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S302201983%3A1675016278301925&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHffsg6CKLEsSnPNPC00M1qn7aswhJDl_-6lcpDHQZmiotR0HCz7A0K0Y_m7r6L3CeoWh8H6xQ
216.58.207.237403 Forbidden 1.3 kB URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S302201983%3A1675016278301925&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHffsg6CKLEsSnPNPC00M1qn7aswhJDl_-6lcpDHQZmiotR0HCz7A0K0Y_m7r6L3CeoWh8H6xQ
IP 216.58.207.237:0
Hash 89484d4556c7cdbb5de66bdcecf1ae58
98251d5305dd7e4d245d362c9c3f675c063d34e2
5105a3c34722767fc5bee25515a1066b41bb202e54b11f7bc403619d39d6c9bc
GET /v3/signin/identifier?dsh=S302201983%3A1675016278301925&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHffsg6CKLEsSnPNPC00M1qn7aswhJDl_-6lcpDHQZmiotR0HCz7A0K0Y_m7r6L3CeoWh8H6xQ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 29 Jan 2023 18:17:58 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi/external"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-A3E-qF6zWsKIeq267aEkIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=upfilesurls.com
142.250.74.34200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=upfilesurls.com
IP 142.250.74.34:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=upfilesurls.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 29 Jan 2023 18:17:58 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=upfilesurls.com
172.217.21.162200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=upfilesurls.com
IP 172.217.21.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=upfilesurls.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 29 Jan 2023 18:17:58 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b7da7d1d3e5880d5d4e313ac7fcf2a83
60a1e887ccb7c7cdae0035c65ef7df9908547fef
af17efcd17df50324c29cff05cea79f18cba79f6b1134ec0e6d1637759b5e895
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:17:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
5dcee64a4a1e19ff84bc5c1943d5bb31.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
142.250.74.97200 OK 2.7 kB URL HTTP/2 5dcee64a4a1e19ff84bc5c1943d5bb31.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
IP 142.250.74.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5657)
Hash e8ee9c011ff8e1f464e74c37113119ee
64ad72134ea05877de0f2b6503f5c0d8c3f78197
09e42988871806c7f0a897bda7bc4247f47f4d8590749eaa245b8ff1fa907303
GET /safeframe/1-0-40/html/container.html HTTP/1.1
Host: 5dcee64a4a1e19ff84bc5c1943d5bb31.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 2653
date: Sun, 29 Jan 2023 18:17:59 GMT
expires: Mon, 29 Jan 2024 18:17:59 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2621
Expires: Sun, 29 Jan 2023 19:01:40 GMT
Date: Sun, 29 Jan 2023 18:17:59 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2621
Expires: Sun, 29 Jan 2023 19:01:40 GMT
Date: Sun, 29 Jan 2023 18:17:59 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2621
Expires: Sun, 29 Jan 2023 19:01:40 GMT
Date: Sun, 29 Jan 2023 18:17:59 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2621
Expires: Sun, 29 Jan 2023 19:01:40 GMT
Date: Sun, 29 Jan 2023 18:17:59 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2621
Expires: Sun, 29 Jan 2023 19:01:40 GMT
Date: Sun, 29 Jan 2023 18:17:59 GMT
Connection: keep-alive
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023012601&st=env
172.217.21.162200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023012601&st=env
IP 172.217.21.162:0
File type JSON data\012- , ASCII text, with very long lines (14842), with no line terminators
Hash 56ed42dbf5fe6d88c76f72e4af603051
a2dad3d12adeec03c89e1bba0f4f1bf4f730287f
0a56e2729f1d7cd23dd6308366c0818b1889a7a61fe1bf41b58a0e35ff9dddd6
GET /getconfig/sodar?sv=200&tid=gpt&tv=2023012601&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Sun, 29 Jan 2023 18:17:59 GMT
server: cafe
content-length: 11203
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43c4a8e963936a8064dbd2bd3c67b905
8508727c97127c98b886833af28b3470306216c2
070c29fe7c0a227029483d675eac863904ab6b291467acdf62167f4845699c21
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8652
x-amzn-requestid: 21c734f0-cd73-4691-812e-7cd3908f8f89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fRbH4HtPIAMFUGA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d07232-291e20fb41c53db7664d04b2;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 00:05:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: j2zDtHz3pZLHJKG3-PaITyUzHOQBEELzuDIt7sbB8X_B10OxG394tg==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 06:49:29 GMT
age: 41310
etag: "8508727c97127c98b886833af28b3470306216c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d2bbd93-ce5c-4300-9ac3-8ccdde169701.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d2bbd93-ce5c-4300-9ac3-8ccdde169701.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ed721e83648418f4a5d64f9d038fd1a
7a311c79e311448941a8d624c1064b1a2d97cfbd
b961e73aaba814eec66532ceeafad5191371fc762b05338990e8cc9c8ecfcbff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d2bbd93-ce5c-4300-9ac3-8ccdde169701.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6875
x-amzn-requestid: 5fb13e91-8750-4dd9-90a2-f1218ea6009b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fS9t2E0AoAMF_LA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d10ff2-22e819312302377c4bf698ff;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 11:18:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QH_-DX5fiBhfS9MVH6pJi57mqFRRPSPf0iDbp_5BHE1jUqCZvvPesQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 08:01:17 GMT
age: 37002
etag: "7a311c79e311448941a8d624c1064b1a2d97cfbd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 10a6491e2c1dfde68c7cd7297e70700f
d0f195319825a6d3e5e50ad15b2fcab27cb65896
4d9353d5874e5ea03c25e1562db5f479c222a48db526fdd10ede7c2e6a4dd874
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11470
x-amzn-requestid: 62d61967-9380-4ca9-b11a-531425dbd2ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fIf6WFgAIAMF6gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cce042-6d9fe51029094b7f37c0a648;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 07:05:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rUIvvkZQ028ey3klplI-x9oZFugon5HsAWT-SN2GQo5hBeBJWqoMAg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 04:01:15 GMT
age: 51404
etag: "d0f195319825a6d3e5e50ad15b2fcab27cb65896"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: f644ca78-a07a-43d1-96e4-95bcdecff7fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPGLfFtOIAMFp7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf83e2-202ca7160544acd24259bd5d;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:08:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xRwqrWS66l4qJfg2HnGphN1dbrIUod9XKW3zTk_-Km9AQRPyV2UqWg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 20:46:16 GMT
age: 77503
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4c77437e3a7361861aed8bfecbfe6bd6
fefd238c13c0fdfb7d964c90fcc8a8cbbf953034
282d15c443cb6232ae0a30046a0dc24360617355a4651cdba59b11e6f7313d8a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5594
x-amzn-requestid: a13a8181-5783-42c1-9fda-1fcf8db4f0f9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVpetFv-oAMF_Kg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d222c4-68165b34525ca2a054f0b505;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 06:50:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rJbdYq3bZDatEVvC83VR5WiWOFwNwVZEB16ez21KdnQJJrgJ-yKPCg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 14:55:48 GMT
age: 12131
etag: "fefd238c13c0fdfb7d964c90fcc8a8cbbf953034"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hAzO-IMqc1CFpiBAlRl8seIYL9UonyrBMATibovyFq5kEuaweY_VyA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 21:56:46 GMT
age: 73273
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 622fef0135648b055d1691ae97508eff
535c21115ccc50934d06c70e153df6ae542f1b5c
a66508fe21cab04638a3988ee90babe52167f0399a5440e329cf397182c813b4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:17:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
216.58.211.1200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 216.58.211.1:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Sun, 29 Jan 2023 18:17:59 GMT
expires: Sun, 29 Jan 2023 18:17:59 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
216.58.211.1200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 216.58.211.1:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 10:00:29 GMT
expires: Mon, 29 Jan 2024 10:00:29 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 29850
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 86352d15c37831cf9bf1e41325029224
ac8b28bcc1e6dd026e1f62d1ef8b9f80a42eee21
154f5f5e116df41f5d3bd414c671138b2afc198071529a0f3573109277566cd8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:17:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash a6d5138adc575cfa0ad0a1a8c8cb8947
cbc8f40df06efc26094f5c19122b555b14dc0d41
e09c7cf8423058e45ab041b8ac023f7f4be8242d21e1c53ec908139543080c25
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6187
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:17:59 GMT
Last-Modified: Sun, 29 Jan 2023 16:34:52 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 280
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 512 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 74c6a6cedb76606ac712349908b025a9
81917a41d07529bc5971a4e631bdb5e4234d6f9c
1656cb653a5bc917eba1f63f2f621abe276d149618339bb966f661cc04aea768
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 29 Jan 2023 18:17:59 GMT
date: Sun, 29 Jan 2023 18:17:59 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce--9VJO3lAesioH7gnnmBpRA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
upfilesurls.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1675008000
104.26.8.138200 OK 16 kB URL HTTP/2 upfilesurls.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1675008000
IP 104.26.8.138:0
File type ASCII text, with very long lines (38544), with no line terminators
Hash 6ca6e059432b1bcf9af48f75225e221d
c274a3beec46c2a2591b80196ad06aca483ab346
05ba07d143eb45d80ef0c4890b9a3716bc75728354a26306c8ef02532c4dc7e7
GET /cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1675008000 HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: auth=eyJpdiI6IlJBS2VEK3Q2enpSTW4zSFloeDlEcmc9PSIsInZhbHVlIjoic3VKajlaeDU5T1d6UWpSUlh1NGU3UT09IiwibWFjIjoiOTgyOGZiYTEzYmE0OGY3NGMyNzg3MmYyOWU3NjE5YmNhNWI5ZTY2ZWQ0MDk4Nzc1N2NkNGQ0ZTFhODQ2Njg4NyIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6IjkvRTllL2plUGlSeFBDZGNCeU5wemc9PSIsInZhbHVlIjoiaE1iN3pHL1VSNGRJVXBCM2huRUdubFAwUWVzdW9nYWtsK0huSU5mbGZJcGtkdkg5dTNQV0NEMGR5MzhONmpKUmxDczhZYWl4ODV6eUVub0lDYjR5aGU0eldmTEJIQmlGY2hUYkM1NFpiV1ZvYXdOM1dORW5sT1MyQ3BFSUpPeDciLCJtYWMiOiIyZDI2YTI1YjA1YTRiM2Q3N2M5MTY2ZGViMGJlYmY3MDBkOTQ1NjQ5N2JlY2MwZTFkOGFkNDg0OWI1OWExMDE4IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InRPamlGZFlDc1NCUktkOVZPdkQ3V1E9PSIsInZhbHVlIjoiM0I4WHRiNFlIOGR0dmVFQ1ZidXlqYkRmcjdrMWtWd3FKai9FaURFM2Y5c0Y0aWR4bkxSY3ZWNU1OdlJDRkwzdjg3VTUxRUNZSUgrWUtsYWNHblNpK0FDbjFDeG9DWE42YWV4TmtEYVpITVM1bmUvVmVhTU9iVWNxbSs5bGpRM0IiLCJtYWMiOiIzN2ZiYTIwMmE5M2QzNTAwYjhmNjhhYjlmNzdiZGRiYTljN2QwYzhhMjVmOTVmODcxNDU2YzFkMDdmMWQ4M2Y2IiwidGFnIjoiIn0%3D; ab=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:17:58 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
vary: accept-encoding
x-control-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UtarDpbNEBrpfeqC6M8eI9nDUjWdCpwrgpBI%2BaNATtWuLZ2FP1Y%2BWTW0eS6tyViiiOsr83A%2B2%2BXoo7GCrQ1iTlwfifHTYIS1kkAoi2uR6HJqiI8xY1JuN6ZmR1Q%2FA8nHPg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7913f7b97e4bb521-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash efada10d2d3b1c0348542f4385bb0125
f7a73a926024caff1886422c930c6816192293d6
109aa85aa5895922a8c042bee431609d2c514ee08547cc0f4cbd96de9060b04f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:17:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash efada10d2d3b1c0348542f4385bb0125
f7a73a926024caff1886422c930c6816192293d6
109aa85aa5895922a8c042bee431609d2c514ee08547cc0f4cbd96de9060b04f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:17:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.id5-sync.com/api/1.0/esp.js
104.22.53.86200 OK 18 kB URL HTTP/2 cdn.id5-sync.com/api/1.0/esp.js
IP 104.22.53.86:0
Hash 45fc086160cd36b0213bb98bd0e2df7a
41716554d63a96a04293524ee9648ebd75582173
3b8d31ec241e32db0ef4cd7e20343b01e5d0ee3e7be70e75e2f23b6490a2d010
GET /api/1.0/esp.js HTTP/1.1
Host: cdn.id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:17:59 GMT
content-type: text/javascript;charset=utf-8
x-amz-id-2: FVMlFSmcD0Wn/+rph/xJPSMD8h1xLItGxMiFojs1e+J1f7LO28QsQCtM5wu1mlkwy4pwPQtZ0SQ=
x-amz-request-id: H5PSQWN45SZ0RJ5Q
last-modified: Wed, 18 Jan 2023 10:47:58 GMT
etag: W/"854d94282c6b6d99cd8ba33bb311e621"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
cf-cache-status: HIT
age: 1079
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 7913f7c24e28b50f-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash efada10d2d3b1c0348542f4385bb0125
f7a73a926024caff1886422c930c6816192293d6
109aa85aa5895922a8c042bee431609d2c514ee08547cc0f4cbd96de9060b04f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:17:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.ampproject.org/rtv/012301112346000/amp4ads-v0.mjs
216.58.207.193200 OK 62 kB URL HTTP/2 cdn.ampproject.org/rtv/012301112346000/amp4ads-v0.mjs
IP 216.58.207.193:0
File type Unicode text, UTF-8 text, with very long lines (65008)
Hash 27cf438fb43d91ae188ec660779545d6
8b9a4cafe884163806af638d24d38b3d3ebc9a4b
fbad1bda779d108b137b7ef98564a9538f866d3c20208c5c3f59f30be33e43ad
GET /rtv/012301112346000/amp4ads-v0.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 61771
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 18:11:05 GMT
expires: Tue, 23 Jan 2024 18:11:05 GMT
cache-control: public, max-age=31536000
etag: "004684fcaffa7679"
content-type: text/javascript; charset=UTF-8
age: 518814
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012301112346000/v0/amp-ad-exit-0.1.mjs
216.58.207.193200 OK 5.2 kB URL HTTP/2 cdn.ampproject.org/rtv/012301112346000/v0/amp-ad-exit-0.1.mjs
IP 216.58.207.193:0
File type ASCII text, with very long lines (14751)
Hash 8d4f7148a157a31d69df198119f15f6c
869d2edb3409f82d8da8690b3b6c7c4212466bf1
9e17a0f37428d7db29cea9973f978d4716aaa7581c2480e9c337efcc84def4bf
GET /rtv/012301112346000/v0/amp-ad-exit-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 5217
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 18:11:05 GMT
expires: Tue, 23 Jan 2024 18:11:05 GMT
cache-control: public, max-age=31536000
etag: "cee5c64b71634b65"
content-type: text/javascript; charset=UTF-8
age: 518814
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012301112346000/v0/amp-analytics-0.1.mjs
216.58.207.193200 OK 29 kB URL HTTP/2 cdn.ampproject.org/rtv/012301112346000/v0/amp-analytics-0.1.mjs
IP 216.58.207.193:0
File type ASCII text, with very long lines (65534)
Hash 7c4e76629bf5f57043e927954d19a19d
a144b16ad4d7168628eaed4f4b26e00a8f4364e3
310354d1c8f1db61fdfb182e107c8eb8a2e7986d1f4e95a2664df2cbdc1f7ccf
GET /rtv/012301112346000/v0/amp-analytics-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 28839
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 18:11:05 GMT
expires: Tue, 23 Jan 2024 18:11:05 GMT
cache-control: public, max-age=31536000
etag: "22d781f17bba60c1"
content-type: text/javascript; charset=UTF-8
age: 518814
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012301112346000/v0/amp-fit-text-0.1.mjs
216.58.207.193200 OK 1.9 kB URL HTTP/2 cdn.ampproject.org/rtv/012301112346000/v0/amp-fit-text-0.1.mjs
IP 216.58.207.193:0
File type ASCII text, with very long lines (5021)
Hash 7fe5c160dceb250b352d5e11b7586036
0903f40a74a5805f6391a371509369de8e2e1c50
eaec033417fdbf02ec62fc0bf45d0bee3538e3e1722660a312cbe3e4dd60068f
GET /rtv/012301112346000/v0/amp-fit-text-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 1907
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 18:11:08 GMT
expires: Tue, 23 Jan 2024 18:11:08 GMT
cache-control: public, max-age=31536000
etag: "5788572ff662ddbc"
content-type: text/javascript; charset=UTF-8
age: 518811
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012301112346000/v0/amp-form-0.1.mjs
216.58.207.193200 OK 13 kB URL HTTP/2 cdn.ampproject.org/rtv/012301112346000/v0/amp-form-0.1.mjs
IP 216.58.207.193:0
File type Unicode text, UTF-8 text, with very long lines (41068)
Hash dac0049d10fef1c315153ac07254ffda
6282a0a8727d76cb0fe8267c7f1aac6646302ebc
e7d78a90fc0d890bd6da55f94658d31a587cca0247d81364b7a39a7f142772d1
GET /rtv/012301112346000/v0/amp-form-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 12955
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 18:11:08 GMT
expires: Tue, 23 Jan 2024 18:11:08 GMT
cache-control: public, max-age=31536000
etag: "ba03cd6134fdf15c"
content-type: text/javascript; charset=UTF-8
age: 518811
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/022301112346000/amp4ads-v0.mjs
216.58.207.193200 OK 62 kB URL HTTP/2 cdn.ampproject.org/rtv/022301112346000/amp4ads-v0.mjs
IP 216.58.207.193:0
File type Unicode text, UTF-8 text, with very long lines (65011)
Hash 6085db79fa3a8873e506dd6e021ac0c8
94847488b707a81b2e4420f3839c036a5c68db5e
13a5e7054a5597b534a5dad2a5c11345cec7a3f578025c80e9de1fcca6afe73e
GET /rtv/022301112346000/amp4ads-v0.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 61746
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 07:15:01 GMT
expires: Fri, 26 Jan 2024 07:15:01 GMT
cache-control: public, max-age=31536000
etag: "cc5c16f07682cd38"
content-type: text/javascript; charset=UTF-8
age: 298978
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash efada10d2d3b1c0348542f4385bb0125
f7a73a926024caff1886422c930c6816192293d6
109aa85aa5895922a8c042bee431609d2c514ee08547cc0f4cbd96de9060b04f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:17:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.ampproject.org/rtv/022301112346000/v0/amp-ad-exit-0.1.mjs
216.58.207.193200 OK 5.2 kB URL HTTP/2 cdn.ampproject.org/rtv/022301112346000/v0/amp-ad-exit-0.1.mjs
IP 216.58.207.193:0
File type ASCII text, with very long lines (14751)
Hash 8d4f7148a157a31d69df198119f15f6c
869d2edb3409f82d8da8690b3b6c7c4212466bf1
9e17a0f37428d7db29cea9973f978d4716aaa7581c2480e9c337efcc84def4bf
GET /rtv/022301112346000/v0/amp-ad-exit-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 5217
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 19:12:18 GMT
expires: Wed, 24 Jan 2024 19:12:18 GMT
cache-control: public, max-age=31536000
etag: "cee5c64b71634b65"
content-type: text/javascript; charset=UTF-8
age: 428741
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/022301112346000/v0/amp-analytics-0.1.mjs
216.58.207.193200 OK 29 kB URL HTTP/2 cdn.ampproject.org/rtv/022301112346000/v0/amp-analytics-0.1.mjs
IP 216.58.207.193:0
File type ASCII text, with very long lines (65534)
Hash 7c4e76629bf5f57043e927954d19a19d
a144b16ad4d7168628eaed4f4b26e00a8f4364e3
310354d1c8f1db61fdfb182e107c8eb8a2e7986d1f4e95a2664df2cbdc1f7ccf
GET /rtv/022301112346000/v0/amp-analytics-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 28839
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 18:38:20 GMT
expires: Fri, 26 Jan 2024 18:38:20 GMT
cache-control: public, max-age=31536000
etag: "22d781f17bba60c1"
content-type: text/javascript; charset=UTF-8
age: 257979
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/022301112346000/v0/amp-fit-text-0.1.mjs
216.58.207.193200 OK 1.9 kB URL HTTP/2 cdn.ampproject.org/rtv/022301112346000/v0/amp-fit-text-0.1.mjs
IP 216.58.207.193:0
File type ASCII text, with very long lines (5021)
Hash 7fe5c160dceb250b352d5e11b7586036
0903f40a74a5805f6391a371509369de8e2e1c50
eaec033417fdbf02ec62fc0bf45d0bee3538e3e1722660a312cbe3e4dd60068f
GET /rtv/022301112346000/v0/amp-fit-text-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 1907
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 05:10:25 GMT
expires: Fri, 26 Jan 2024 05:10:25 GMT
cache-control: public, max-age=31536000
etag: "5788572ff662ddbc"
content-type: text/javascript; charset=UTF-8
age: 306454
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/022301112346000/v0/amp-form-0.1.mjs
216.58.207.193200 OK 13 kB URL HTTP/2 cdn.ampproject.org/rtv/022301112346000/v0/amp-form-0.1.mjs
IP 216.58.207.193:0
File type Unicode text, UTF-8 text, with very long lines (41068)
Hash dac0049d10fef1c315153ac07254ffda
6282a0a8727d76cb0fe8267c7f1aac6646302ebc
e7d78a90fc0d890bd6da55f94658d31a587cca0247d81364b7a39a7f142772d1
GET /rtv/022301112346000/v0/amp-form-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 12955
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 02:18:50 GMT
expires: Fri, 26 Jan 2024 02:18:50 GMT
cache-control: public, max-age=31536000
etag: "ba03cd6134fdf15c"
content-type: text/javascript; charset=UTF-8
age: 316749
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 11163da0a9cc4caa58468b7538fe942f
b35e184afc6413e35a07b56b1370656875942dec
34841bbe495f8bea279be5c41eefbf05c17b47f23becc518cf8832dce0fbac13
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "34841BBE495F8BEA279BE5C41EEFBF05C17B47F23BECC518CF8832DCE0FBAC13"
Last-Modified: Sat, 28 Jan 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9071
Expires: Sun, 29 Jan 2023 20:49:10 GMT
Date: Sun, 29 Jan 2023 18:17:59 GMT
Connection: keep-alive
id5-sync.com/api/esp/increment?counter=no-config
162.19.138.120204 0 B URL HTTP/1.1 id5-sync.com/api/esp/increment?counter=no-config
IP 162.19.138.120:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/esp/increment?counter=no-config HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://upfilesurls.com
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://upfilesurls.com
access-control-allow-credentials: true
date: Sun, 29 Jan 2023 18:17:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f69c5f43bf99edb53b690cb0bba51efb
e303559ff0956b6bf963b572b17da2a713ce5206
bc95b0a6b8b9a1df9c53272c4324ca1d008699b3da74110efa37ed0118c66181
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:18:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
172.217.21.166200 OK 38 kB URL HTTP/2 s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
IP 172.217.21.166:0
File type ASCII text, with very long lines (3095)
Hash 4f9b890a6c4cfbbfd0fb7eff98bf4dde
2db204fb0ee448842b40f84463234ea496763130
8e0d4c67a688228e1ba10b1e1dc367c078edf7e9bc35be0bd4ae8c0ce980647c
GET /879366/express_html_inpage_rendering_lib_200_276.js HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://5dcee64a4a1e19ff84bc5c1943d5bb31.safeframe.googlesyndication.com
Connection: keep-alive
Referer: https://5dcee64a4a1e19ff84bc5c1943d5bb31.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 37872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 05:58:24 GMT
expires: Mon, 30 Jan 2023 05:58:24 GMT
cache-control: public, max-age=86400
age: 44376
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f69c5f43bf99edb53b690cb0bba51efb
e303559ff0956b6bf963b572b17da2a713ce5206
bc95b0a6b8b9a1df9c53272c4324ca1d008699b3da74110efa37ed0118c66181
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:18:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
upfilesurls.com/favicon.ico
104.26.8.138200 OK 0 B URL HTTP/2 upfilesurls.com/favicon.ico
IP 104.26.8.138:0
GET /favicon.ico HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/zKQ4lX
Cookie: auth=eyJpdiI6IlJBS2VEK3Q2enpSTW4zSFloeDlEcmc9PSIsInZhbHVlIjoic3VKajlaeDU5T1d6UWpSUlh1NGU3UT09IiwibWFjIjoiOTgyOGZiYTEzYmE0OGY3NGMyNzg3MmYyOWU3NjE5YmNhNWI5ZTY2ZWQ0MDk4Nzc1N2NkNGQ0ZTFhODQ2Njg4NyIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6IjkvRTllL2plUGlSeFBDZGNCeU5wemc9PSIsInZhbHVlIjoiaE1iN3pHL1VSNGRJVXBCM2huRUdubFAwUWVzdW9nYWtsK0huSU5mbGZJcGtkdkg5dTNQV0NEMGR5MzhONmpKUmxDczhZYWl4ODV6eUVub0lDYjR5aGU0eldmTEJIQmlGY2hUYkM1NFpiV1ZvYXdOM1dORW5sT1MyQ3BFSUpPeDciLCJtYWMiOiIyZDI2YTI1YjA1YTRiM2Q3N2M5MTY2ZGViMGJlYmY3MDBkOTQ1NjQ5N2JlY2MwZTFkOGFkNDg0OWI1OWExMDE4IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InRPamlGZFlDc1NCUktkOVZPdkQ3V1E9PSIsInZhbHVlIjoiM0I4WHRiNFlIOGR0dmVFQ1ZidXlqYkRmcjdrMWtWd3FKai9FaURFM2Y5c0Y0aWR4bkxSY3ZWNU1OdlJDRkwzdjg3VTUxRUNZSUgrWUtsYWNHblNpK0FDbjFDeG9DWE42YWV4TmtEYVpITVM1bmUvVmVhTU9iVWNxbSs5bGpRM0IiLCJtYWMiOiIzN2ZiYTIwMmE5M2QzNTAwYjhmNjhhYjlmNzdiZGRiYTljN2QwYzhhMjVmOTVmODcxNDU2YzFkMDdmMWQ4M2Y2IiwidGFnIjoiIn0%3D; ab=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:17:58 GMT
content-type: image/x-icon
last-modified: Fri, 08 Apr 2022 10:55:45 GMT
etag: W/"625014b1-5b8"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 2029
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gZxQVmOcp1PuEZqjY7vFVrxPuxp2jddhuaBRyuaK76cCVcQNhEVOFtZ3YmF9zLm7iryeUaJnji5la5LePk0tR%2BsZW%2Bsjgju9hgAqJpk%2BoiWCv83q6yN8SOytPWOyvh2lxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7913f7bae867b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.199.35200 OK 0 B IP 172.64.199.35:0
Analyzer Verdict Alert quad9 Sinkholed
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Origin: https://upfilesurls.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:17:58 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://upfilesurls.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 3066
last-modified: Sun, 29 Jan 2023 17:26:52 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TmPfQyVNF%2BgSLcgDf%2B5s%2Fqc5lPruHIepmeUC0pdzAKNqtshxhqSmdjS4c9qnc69%2BW7IM7C7%2BlWk3Cce7M9qupiiUmN9sv12ff%2BSWYW7MwAVjcH4nmJysbLxfG8lY0HFC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7913f7bbb9927566-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
live.demand.supply/impl.v16.3.0.js
104.16.133.22200 OK 0 B URL HTTP/2 live.demand.supply/impl.v16.3.0.js
IP 104.16.133.22:0
GET /impl.v16.3.0.js HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Cookie: demandSupplyTi=94985241-3fb9-4d91-a5ea-f414e3d2d64e; __cf_bm=sG2X0Ru9EDAzxlyAbNFCDOkOfxFhnyrGz..0uig5Mvk-1675016278-0-Ae9G77glq8gzY2w4xZD5oIHNN63N6ycw5mpn78GpMqux90UMVKCUaLiou9VlP31P43H2+pjE0RambcpEJW+Solw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:17:58 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=74953
etag: W/"b19940580c70e30455a2254a785a8919-ssl-df"
timing-allow-origin: *
vary: Accept-Encoding
x-nf-request-id: 01GMX2V689ENQZTBQ4NFCNSXD1
cf-cache-status: HIT
age: 705903
server: cloudflare
cf-ray: 7913f7bc0a68b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
upfilesurls.com/img/faqs-image.svg
104.26.8.138200 OK 0 B URL HTTP/2 upfilesurls.com/img/faqs-image.svg
IP 104.26.8.138:0
GET /img/faqs-image.svg HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/zKQ4lX
Cookie: auth=eyJpdiI6IlJBS2VEK3Q2enpSTW4zSFloeDlEcmc9PSIsInZhbHVlIjoic3VKajlaeDU5T1d6UWpSUlh1NGU3UT09IiwibWFjIjoiOTgyOGZiYTEzYmE0OGY3NGMyNzg3MmYyOWU3NjE5YmNhNWI5ZTY2ZWQ0MDk4Nzc1N2NkNGQ0ZTFhODQ2Njg4NyIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6IjkvRTllL2plUGlSeFBDZGNCeU5wemc9PSIsInZhbHVlIjoiaE1iN3pHL1VSNGRJVXBCM2huRUdubFAwUWVzdW9nYWtsK0huSU5mbGZJcGtkdkg5dTNQV0NEMGR5MzhONmpKUmxDczhZYWl4ODV6eUVub0lDYjR5aGU0eldmTEJIQmlGY2hUYkM1NFpiV1ZvYXdOM1dORW5sT1MyQ3BFSUpPeDciLCJtYWMiOiIyZDI2YTI1YjA1YTRiM2Q3N2M5MTY2ZGViMGJlYmY3MDBkOTQ1NjQ5N2JlY2MwZTFkOGFkNDg0OWI1OWExMDE4IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InRPamlGZFlDc1NCUktkOVZPdkQ3V1E9PSIsInZhbHVlIjoiM0I4WHRiNFlIOGR0dmVFQ1ZidXlqYkRmcjdrMWtWd3FKai9FaURFM2Y5c0Y0aWR4bkxSY3ZWNU1OdlJDRkwzdjg3VTUxRUNZSUgrWUtsYWNHblNpK0FDbjFDeG9DWE42YWV4TmtEYVpITVM1bmUvVmVhTU9iVWNxbSs5bGpRM0IiLCJtYWMiOiIzN2ZiYTIwMmE5M2QzNTAwYjhmNjhhYjlmNzdiZGRiYTljN2QwYzhhMjVmOTVmODcxNDU2YzFkMDdmMWQ4M2Y2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:17:57 GMT
content-type: image/svg+xml
last-modified: Fri, 13 Jan 2023 13:29:35 GMT
vary: Accept-Encoding
etag: W/"63c15cbf-95fb"
cache-control: max-age=2592000
cf-cache-status: HIT
age: 440682
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vz1gmBjzpXVgDhXadPgiG8MRi4IPfwHkEI3vZ%2FcRJrvJvpVpZY8sHQYSj%2FIXksHEUCTJ0Zv4T%2BlNIzOJtykH59bT05D0aKI2TZsnWpsXHp9vUB8lPTR%2BYCWuDicWUpoVxA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7913f7b5f877b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap
IP 142.250.74.74:0
GET /css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 29 Jan 2023 18:17:57 GMT
date: Sun, 29 Jan 2023 18:17:57 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
live.demand.supply/up.js
104.16.133.22200 OK 0 B IP 104.16.133.22:0
GET /up.js HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:17:58 GMT
content-type: application/javascript; charset=UTF-8
cf-ray: 7913f7b74aedb503-OSL
age: 472
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
etag: W/"30cd4982b290dd406327b3dd39f1ea22-ssl-df"
link: <https://live.demand.supply/impl.v16.3.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v16-2-0/dXBmaWxlc3VybHMuY29tLw==>; rel=preload; as=script
vary: Accept-Encoding
cf-cache-status: HIT
cf-bgj: minify
cf-polished: origSize=4391
timing-allow-origin: *
x-nf-request-id: 01GMX2WC7DDRK600SK19DPWQGC
set-cookie: demandSupplyTi=94985241-3fb9-4d91-a5ea-f414e3d2d64e; demandSupplyTc = null; demandSupplyTcI = null; SameSite=None; Secure; Max-Age=63072000
__cf_bm=sG2X0Ru9EDAzxlyAbNFCDOkOfxFhnyrGz..0uig5Mvk-1675016278-0-Ae9G77glq8gzY2w4xZD5oIHNN63N6ycw5mpn78GpMqux90UMVKCUaLiou9VlP31P43H2+pjE0RambcpEJW+Solw=; path=/; expires=Sun, 29-Jan-23 18:47:58 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.199.35200 OK 0 B IP 172.64.199.35:0
Analyzer Verdict Alert quad9 Sinkholed
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Origin: https://upfilesurls.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:17:58 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://upfilesurls.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 3066
last-modified: Sun, 29 Jan 2023 17:26:52 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DbmW42AWbSPNH87VUogtHm5UDB0GWtQj4CCRTLFKEpotCaJ5yDnvGxYhCUjk3nfM2cldQXmRZmd0RZo%2Fvy8OEFhOvGnuaKg%2FjSb1kjfeSEnMcMLYve57dQmq01fcvBIi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7913f7bbb9977566-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/
172.64.199.35200 OK 0 B IP 172.64.199.35:0
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Origin: https://upfilesurls.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:17:58 GMT
content-type: text/plain
set-cookie: csu=1987818195082864@1@1675016278; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://upfilesurls.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OCB33Dnbp8s4fd2GyUcxCbXr%2FeJrvWbmzAEHWkZaN%2BQntrTpq9Fy0lmT8%2B2ii3S2cnUnow8Q9cOvA2LwC9IsbfJTuGrGgpsmyE18NWsud0jhCCsahql1Qw5%2Fj2xTVEr0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7913f7bc8ace7566-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
upfilesurls.com/css/frontend.css?id=2396ffb76e738e465b53
104.26.8.138200 OK 0 B URL HTTP/2 upfilesurls.com/css/frontend.css?id=2396ffb76e738e465b53
IP 104.26.8.138:0
GET /css/frontend.css?id=2396ffb76e738e465b53 HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/zKQ4lX
Cookie: auth=eyJpdiI6IlJBS2VEK3Q2enpSTW4zSFloeDlEcmc9PSIsInZhbHVlIjoic3VKajlaeDU5T1d6UWpSUlh1NGU3UT09IiwibWFjIjoiOTgyOGZiYTEzYmE0OGY3NGMyNzg3MmYyOWU3NjE5YmNhNWI5ZTY2ZWQ0MDk4Nzc1N2NkNGQ0ZTFhODQ2Njg4NyIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6IjkvRTllL2plUGlSeFBDZGNCeU5wemc9PSIsInZhbHVlIjoiaE1iN3pHL1VSNGRJVXBCM2huRUdubFAwUWVzdW9nYWtsK0huSU5mbGZJcGtkdkg5dTNQV0NEMGR5MzhONmpKUmxDczhZYWl4ODV6eUVub0lDYjR5aGU0eldmTEJIQmlGY2hUYkM1NFpiV1ZvYXdOM1dORW5sT1MyQ3BFSUpPeDciLCJtYWMiOiIyZDI2YTI1YjA1YTRiM2Q3N2M5MTY2ZGViMGJlYmY3MDBkOTQ1NjQ5N2JlY2MwZTFkOGFkNDg0OWI1OWExMDE4IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InRPamlGZFlDc1NCUktkOVZPdkQ3V1E9PSIsInZhbHVlIjoiM0I4WHRiNFlIOGR0dmVFQ1ZidXlqYkRmcjdrMWtWd3FKai9FaURFM2Y5c0Y0aWR4bkxSY3ZWNU1OdlJDRkwzdjg3VTUxRUNZSUgrWUtsYWNHblNpK0FDbjFDeG9DWE42YWV4TmtEYVpITVM1bmUvVmVhTU9iVWNxbSs5bGpRM0IiLCJtYWMiOiIzN2ZiYTIwMmE5M2QzNTAwYjhmNjhhYjlmNzdiZGRiYTljN2QwYzhhMjVmOTVmODcxNDU2YzFkMDdmMWQ4M2Y2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:17:57 GMT
content-type: text/css
cf-bgj: minify
etag: W/"63a354a4-3f918"
last-modified: Wed, 21 Dec 2022 18:47:00 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cache-control: max-age=14400
cf-cache-status: HIT
age: 3032699
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HzDPThnVpAW3PXbk7awmr58n9w66%2Bpc4xEj1lRxg1oaRI42m9D0zDJ%2B%2FenM0vfb3g4qsHv1Hy8%2FABF%2FoPg9t%2FYXa61ggf%2Flr8am7G0bNtOemV0EeJQxr792vsGt37TkeQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7913f7b5f871b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
upfilesurls.com/js/ads.js
104.26.8.138200 OK 0 B URL HTTP/2 upfilesurls.com/js/ads.js
IP 104.26.8.138:0
GET /js/ads.js HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/zKQ4lX
Cookie: auth=eyJpdiI6IlJBS2VEK3Q2enpSTW4zSFloeDlEcmc9PSIsInZhbHVlIjoic3VKajlaeDU5T1d6UWpSUlh1NGU3UT09IiwibWFjIjoiOTgyOGZiYTEzYmE0OGY3NGMyNzg3MmYyOWU3NjE5YmNhNWI5ZTY2ZWQ0MDk4Nzc1N2NkNGQ0ZTFhODQ2Njg4NyIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6IjkvRTllL2plUGlSeFBDZGNCeU5wemc9PSIsInZhbHVlIjoiaE1iN3pHL1VSNGRJVXBCM2huRUdubFAwUWVzdW9nYWtsK0huSU5mbGZJcGtkdkg5dTNQV0NEMGR5MzhONmpKUmxDczhZYWl4ODV6eUVub0lDYjR5aGU0eldmTEJIQmlGY2hUYkM1NFpiV1ZvYXdOM1dORW5sT1MyQ3BFSUpPeDciLCJtYWMiOiIyZDI2YTI1YjA1YTRiM2Q3N2M5MTY2ZGViMGJlYmY3MDBkOTQ1NjQ5N2JlY2MwZTFkOGFkNDg0OWI1OWExMDE4IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InRPamlGZFlDc1NCUktkOVZPdkQ3V1E9PSIsInZhbHVlIjoiM0I4WHRiNFlIOGR0dmVFQ1ZidXlqYkRmcjdrMWtWd3FKai9FaURFM2Y5c0Y0aWR4bkxSY3ZWNU1OdlJDRkwzdjg3VTUxRUNZSUgrWUtsYWNHblNpK0FDbjFDeG9DWE42YWV4TmtEYVpITVM1bmUvVmVhTU9iVWNxbSs5bGpRM0IiLCJtYWMiOiIzN2ZiYTIwMmE5M2QzNTAwYjhmNjhhYjlmNzdiZGRiYTljN2QwYzhhMjVmOTVmODcxNDU2YzFkMDdmMWQ4M2Y2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:17:57 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-bgj: minify
etag: W/"63aa39b0-638"
last-modified: Tue, 27 Dec 2022 00:17:52 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Accept-Encoding
cf-cache-status: HIT
age: 1979716
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mxyY%2BPIROjZlpP6n%2BUwXtH0i5%2BQBJnvce%2B3kEx6brMlBV0BE6qdPevsOIIGfwAiZehG8H9bbyYmsBVd60jyXQFMYEHqestmUvpqjDMLuI1YqHWwu%2BrRVEN8d6biIgTbyZA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7913f7b5f87cb521-OSL
content-encoding: br
X-Firefox-Spdy: h2
upfilesurls.com/img/logo.svg
104.26.8.138200 OK 0 B URL HTTP/2 upfilesurls.com/img/logo.svg
IP 104.26.8.138:0
GET /img/logo.svg HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/zKQ4lX
Cookie: auth=eyJpdiI6IlJBS2VEK3Q2enpSTW4zSFloeDlEcmc9PSIsInZhbHVlIjoic3VKajlaeDU5T1d6UWpSUlh1NGU3UT09IiwibWFjIjoiOTgyOGZiYTEzYmE0OGY3NGMyNzg3MmYyOWU3NjE5YmNhNWI5ZTY2ZWQ0MDk4Nzc1N2NkNGQ0ZTFhODQ2Njg4NyIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6IjkvRTllL2plUGlSeFBDZGNCeU5wemc9PSIsInZhbHVlIjoiaE1iN3pHL1VSNGRJVXBCM2huRUdubFAwUWVzdW9nYWtsK0huSU5mbGZJcGtkdkg5dTNQV0NEMGR5MzhONmpKUmxDczhZYWl4ODV6eUVub0lDYjR5aGU0eldmTEJIQmlGY2hUYkM1NFpiV1ZvYXdOM1dORW5sT1MyQ3BFSUpPeDciLCJtYWMiOiIyZDI2YTI1YjA1YTRiM2Q3N2M5MTY2ZGViMGJlYmY3MDBkOTQ1NjQ5N2JlY2MwZTFkOGFkNDg0OWI1OWExMDE4IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InRPamlGZFlDc1NCUktkOVZPdkQ3V1E9PSIsInZhbHVlIjoiM0I4WHRiNFlIOGR0dmVFQ1ZidXlqYkRmcjdrMWtWd3FKai9FaURFM2Y5c0Y0aWR4bkxSY3ZWNU1OdlJDRkwzdjg3VTUxRUNZSUgrWUtsYWNHblNpK0FDbjFDeG9DWE42YWV4TmtEYVpITVM1bmUvVmVhTU9iVWNxbSs5bGpRM0IiLCJtYWMiOiIzN2ZiYTIwMmE5M2QzNTAwYjhmNjhhYjlmNzdiZGRiYTljN2QwYzhhMjVmOTVmODcxNDU2YzFkMDdmMWQ4M2Y2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:17:57 GMT
content-type: image/svg+xml
last-modified: Fri, 08 Apr 2022 10:55:45 GMT
etag: W/"625014b1-56e8"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 440682
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9nZSHKPzrCeecQdscyG2sXROEP0ljH1KCb6ssLnK3mGi%2BkHpoFB3X7NFAZI5TjNSz7yZdLzMAMGCzt0BnqabafkY5LGcQs3zUN3lViDwk82a05Oq2EOgtuZ2Frbv9ww5Pw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7913f7b5f874b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
157.240.205.35200 OK 0 B URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP 157.240.205.35:0
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 3wi0VaIAai3odiVGthLWprXlzTP0jF8SdGNMTTZTPkBpEFI/TSagUcG6hFTkgzy52VlOkTC24Kno5zWCTJDLSw==
date: Sun, 29 Jan 2023 18:17:58 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
upfilesurls.com/zKQ4lX?auth=eyJpdiI6IlJBS2VEK3Q2enpSTW4zSFloeDlEcmc9PSIsInZhbHVlIjoic3VKajlaeDU5T1d6UWpSUlh1NGU3UT09IiwibWFjIjoiOTgyOGZiYTEzYmE0OGY3NGMyNzg3MmYyOWU3NjE5YmNhNWI5ZTY2ZWQ0MDk4Nzc1N2NkNGQ0ZTFhODQ2Njg4NyIsInRhZyI6IiJ9
104.26.8.138302 Found 0 B URL HTTP/2 upfilesurls.com/zKQ4lX?auth=eyJpdiI6IlJBS2VEK3Q2enpSTW4zSFloeDlEcmc9PSIsInZhbHVlIjoic3VKajlaeDU5T1d6UWpSUlh1NGU3UT09IiwibWFjIjoiOTgyOGZiYTEzYmE0OGY3NGMyNzg3MmYyOWU3NjE5YmNhNWI5ZTY2ZWQ0MDk4Nzc1N2NkNGQ0ZTFhODQ2Njg4NyIsInRhZyI6IiJ9
IP 104.26.8.138:0
GET /zKQ4lX?auth=eyJpdiI6IlJBS2VEK3Q2enpSTW4zSFloeDlEcmc9PSIsInZhbHVlIjoic3VKajlaeDU5T1d6UWpSUlh1NGU3UT09IiwibWFjIjoiOTgyOGZiYTEzYmE0OGY3NGMyNzg3MmYyOWU3NjE5YmNhNWI5ZTY2ZWQ0MDk4Nzc1N2NkNGQ0ZTFhODQ2Njg4NyIsInRhZyI6IiJ9 HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Sun, 29 Jan 2023 18:17:57 GMT
content-type: text/html; charset=UTF-8
location: https://upfilesurls.com/zKQ4lX
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: auth=eyJpdiI6IlJBS2VEK3Q2enpSTW4zSFloeDlEcmc9PSIsInZhbHVlIjoic3VKajlaeDU5T1d6UWpSUlh1NGU3UT09IiwibWFjIjoiOTgyOGZiYTEzYmE0OGY3NGMyNzg3MmYyOWU3NjE5YmNhNWI5ZTY2ZWQ0MDk4Nzc1N2NkNGQ0ZTFhODQ2Njg4NyIsInRhZyI6IiJ9; path=/; secure; httponly; samesite=lax
XSRF-TOKEN=eyJpdiI6InFnY0FDbXQydWFEeFRneXhjOGN2Znc9PSIsInZhbHVlIjoiTVpocHhJU0tLOUhsOFlGcG5kNW80TUxUL1pZZy9PelZvb3Fza3lvdkRHUWEyY0FtTmNHSldpMTQ2V00rT3phbEtNUkpHdUI5ZFNtSngvQldFc29xekhBYjIzVklIWDdtVjViVlFONGJaYVF6dXJDYkFDNUJxNCtnekh1VEdJRE4iLCJtYWMiOiJjNzI2ODlhMTY5Zjc0NmY3MDc1ZDRmYzAwMjZhNzcwNGVmMjJmNGI1YWM0Mzg3MWI1Njc5NjYyNjdjMDI0OGJhIiwidGFnIjoiIn0%3D; expires=Sun, 29-Jan-2023 20:17:57 GMT; Max-Age=7200; path=/; samesite=lax
upfiles_session=eyJpdiI6Ik9xYTRtRG1NWHF5MUhuRHowTmt0bHc9PSIsInZhbHVlIjoiRjRjVFRWMXVxTkx6K0Z2aU8rS2o4cVpyR2RTYnMvci9sQ1RJcXpSeU1VNFBDZzJBSEMyR2JmTFJ3MzdKOFpTMVl1STBGYXB4N2NYV3ZPRnFzSkJKcXRjVlI3UGdHditGUkpSL2swTTYzbDV0RkExdWZTdTRTeGxPbWROMzdpL0wiLCJtYWMiOiJlODkwN2E3MjQ4ZWU3NmVlNjdlZjI4YWJkZjUwOTQyMjUxNmFmM2Y2NDc2OTJhMTVkYmIwZWU1ZmQ3NDg3YWQ2IiwidGFnIjoiIn0%3D; expires=Sun, 29-Jan-2023 20:17:57 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XhrP5cJ7L4XteOjWr1k8oFoT585%2FteDu2JTuGYesKU%2FhbLG9wW0fSfWdYbQi5JFg1VhU6vB7EudylgCVEQlAGHn7VWYRs4kgy%2FD3cmPCJX%2FtlL42sgLKvJK0QDVh%2FBsS1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7913f7b2fb2db521-OSL
X-Firefox-Spdy: h2
live.demand.supply/ds.2.html
104.16.133.22200 OK 0 B URL HTTP/2 live.demand.supply/ds.2.html
IP 104.16.133.22:0
GET /ds.2.html HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:17:58 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
x-nf-request-id: 01GQ7HB016R4ESNRYCBJDGE3KV
cf-cache-status: HIT
age: 730367
set-cookie: __cf_bm=NDlAWPfnlrecp1Nfjc4giK352i8GuuSq3wtKhavKYPY-1675016278-0-AT1WLj1rEfi1xKHemjDvXUqyVoVluB7Hrw/jQ27WHKF4Z9TbihHxkxkNerxKK9blJd0V1rJ6NFBrgFCb7doAbHo=; path=/; expires=Sun, 29-Jan-23 18:47:58 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7913f7bc1a79b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/
172.64.199.35200 OK 0 B IP 172.64.199.35:0
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Origin: https://upfilesurls.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:17:58 GMT
content-type: text/plain
set-cookie: csu=1832294540140098@1@1675016278; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://upfilesurls.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8m0SDI7Y2AaPEn0%2Fx2Pvg635aP2gfDHqz%2FJsEdoaE068RiyvJUk1ai4qAoPDc0eYRZoxCbLKm8wj4CtPVwOjiPHgPgKhGi%2FFfS8lhZ09XD%2B%2B7T4NmkGxgDa3L%2FlxfXr5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7913f7bbc9a57566-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2