upfiles.com/authenticate/d7II
172.67.173.106301 Moved Permanently 0 B URL HTTP/1.1 upfiles.com/authenticate/d7II
IP 172.67.173.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /authenticate/d7II HTTP/1.1
Host: upfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 27 Jan 2023 11:30:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 27 Jan 2023 12:30:19 GMT
Location: https://upfiles.com/authenticate/d7II
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SSaDecv%2B%2FSqW3YHqV%2BTk8ia9pdz%2B6DxzH7xztN9Ed0YYUQu9D%2B5Pt%2F2ljFIZ1Y0%2B0fxuk2jSozdPU6gTVCwgospHIsR5QxqD%2B20CR%2Byy7xDXdCPE5UxSluhMMoFM4A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790127d9bee4b529-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9fbe85f42e8ae8ae41cc12df5f98b141
949fa36ff0f22f72565fd584bef094dd4de23037
184d3e4df4bce559b4d7c4836372f5fd2de9782a96b04d364230b7d695d737d8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "184D3E4DF4BCE559B4D7C4836372F5FD2DE9782A96B04D364230B7D695D737D8"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8469
Expires: Fri, 27 Jan 2023 13:51:29 GMT
Date: Fri, 27 Jan 2023 11:30:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 58ffdcb539c3b250fdf31ed761627fc1
5b55b1522ef84c39b5c42f9bbfbc62b806c1269f
eb783cfa8c8544b0574b345abc0bf3c150979d4efce1a013f17b6cd48076fc63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB783CFA8C8544B0574B345ABC0BF3C150979D4EFCE1A013F17B6CD48076FC63"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14902
Expires: Fri, 27 Jan 2023 15:38:42 GMT
Date: Fri, 27 Jan 2023 11:30:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 69f73ac59327cd9ad7d99816ccfcc03e
c54844f82dbee0d5ee4c8ce344eb0139373e6c6b
e81c685b2d8f0e31b89e5cfc911a2c5a99a556646830ac5a8468d991b5e871a3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E81C685B2D8F0E31B89E5CFC911A2C5A99A556646830AC5A8468D991B5E871A3"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3551
Expires: Fri, 27 Jan 2023 12:29:31 GMT
Date: Fri, 27 Jan 2023 11:30:20 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 27 Jan 2023 10:42:58 GMT
content-type: application/json
age: 2842
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: wS0+S8DE5HMenQSeaptcd9v3EEn4bnp8QzZGy1vInxgYF1P/lwkt4M9N1u8KdP8Z+f8BVGR9a2Y=
x-amz-request-id: 0CCPZA8S18VMTWWX
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 27 Jan 2023 11:20:31 GMT
age: 589
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 11:30:20 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/q7EistIpOZU
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/q7EistIpOZU
IP 142.250.74.131:0
Hash 60299fd9a40d655150686928fd318f73
1ced6fcb7ec42fec201c5506c6bbb18da9392723
1ceb6f641fcdbd3d1dddab87c3cd9911ba14b132d1fdb9f287c6181ff0877579
POST /s/gts1p5/q7EistIpOZU HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 11:30:20 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 27 Jan 2023 10:49:03 GMT
age: 2477
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9390
Expires: Fri, 27 Jan 2023 14:06:50 GMT
Date: Fri, 27 Jan 2023 11:30:20 GMT
Connection: keep-alive
upfilesurls.com/css/frontend.css?id=2396ffb76e738e465b53
104.26.8.138200 OK 48 kB URL HTTP/2 upfilesurls.com/css/frontend.css?id=2396ffb76e738e465b53
IP 104.26.8.138:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 6dc0075bd55c037bc8ee93585a0b258c
86c89e5f88684fac3263eb710731a9b3130ec0bb
e1ff35a066c06e187bffe60d5c9b0297146818fe3cd0cfc1feb4b7e6d4d408aa
GET /css/frontend.css?id=2396ffb76e738e465b53 HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/d7II
Cookie: auth=eyJpdiI6IlV5VmwrVUNpVWhPWGpWeTZkSmFFYUE9PSIsInZhbHVlIjoiVURGejlmNUl1SU5jdi9nMXFsc05qUT09IiwibWFjIjoiMGQ3MTAzYTM4ZTE0MWM2MDlkOGY5YjEyOWJmNmFkZWU0YWZhMmIxMTBiYTI5YzJiM2ZhYWUxM2Y0N2FhYzBiYiIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6ImNuR0c4QXVodzdiWk1ERWw3OUhpNmc9PSIsInZhbHVlIjoiS1o1SGVlQnUrN3Z0UkhGY3ZIclB5eVZ1bzVtd09kcVZMSm1UYTFUSkNpREpmeVVYSEYyNVB0R05TZEpzWW9SaGNRRVBySFZpcW1yWHprN2JtQ3RuL3lPcDF6dGZnME14NHVFbVBZZjdpVkdta1dGTWo5VHdKRDFLQmUyN0RxeUciLCJtYWMiOiJlMDJkMzdhZDIwYmI5ZDU4NzUyNzgwZDMwMzk4ZjZhOWU5OTg5MThjNTJjMzU4ZGFlYzZmODg2YzlhMWRlZTU3IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6Iks4Q0VDenVVN0dBL3JNcng4cUFpL2c9PSIsInZhbHVlIjoiRlJyMnhzdHYyQW41Vm5YVzJmRmlXM3JtU0hLNHdjYmplajJZcllFWCttekR0VzJKdXF2bVVKOUthZjgrY2pOQnNPVmVYVWZUQmIyRE8waGg5RWFIL2VUcEJBL3N5USt2bUZJREpMbWlhT2JaNmt2L2R5b1E3bFhVRHBveVNKVmwiLCJtYWMiOiI0YTljYTMwNTIxYTZmMTYxOGI5Mjc4MWY3MzE3ZDQ4MzRiZjQ0OGVhYjY0Nzg5MDk5MTcyNjMyYTExODhjNjg2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 11:30:20 GMT
content-type: text/css
cf-bgj: minify
etag: W/"63a354a4-3f918"
last-modified: Wed, 21 Dec 2022 18:47:00 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cache-control: max-age=14400
cf-cache-status: HIT
age: 2835442
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IetFQYQ6mFiBNXNlrm4Ed8caXGhrpSdNBSL41QV3VhbZpfW5%2F8ZQ1n34HoXo2Gyn5srlHNNSI8IkqFZ7oH2nxbQduSbd3yjY8a7%2FYwrx5hLBJpUDEjx3JaZb61Sh%2BW0Qyg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790127e04b5ab523-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2ebcc7cd4c50e87a984668828c1e612e
f693d36335f333e3647f9fb2460e34dd73e17421
27f1d63422ccd02a6af514c2c0a36ac6f4e0d6f74ad6d9fc8c32e8ea487ffe15
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 11:30:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5d26c41823a6e8c5fdcf3c28efbfdd01
2415b281bb7ee36d62aec11e477e4797e8bbc10c
e7c952964c5abd9aa20b354673bedf66a9ddb64c8c9ce0075a6601fe5d28cabe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 11:30:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2ebcc7cd4c50e87a984668828c1e612e
f693d36335f333e3647f9fb2460e34dd73e17421
27f1d63422ccd02a6af514c2c0a36ac6f4e0d6f74ad6d9fc8c32e8ea487ffe15
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 11:30:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash db462a5a3386119add37912c5139cec3
aa637199522d59730021c2ea73138bfa47f5f090
c4f8ac0b77309aa48c0eceecab3c743fa4e1019a517d7bc15cd9e147dd820110
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3894
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 11:30:21 GMT
Last-Modified: Fri, 27 Jan 2023 10:25:27 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 98f7978ddc21230fea7f4532e5be8be9
045554bec430f5f7f2517736b3758a70d9ffa702
3a483a164e19e9f44ca6bc2634fd1aff8b3e36d86ece256eb0c487c45f82221c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3634
Cache-Control: max-age=112755
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 11:30:21 GMT
Etag: "63d2bd0e-117"
Expires: Sat, 28 Jan 2023 18:49:36 GMT
Last-Modified: Thu, 26 Jan 2023 17:49:02 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash db462a5a3386119add37912c5139cec3
aa637199522d59730021c2ea73138bfa47f5f090
c4f8ac0b77309aa48c0eceecab3c743fa4e1019a517d7bc15cd9e147dd820110
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3894
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 11:30:21 GMT
Last-Modified: Fri, 27 Jan 2023 10:25:27 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c6c64fc014f993e296f124e4b2f0f175
68d3e62fcd25c05d19894a28f4490cf1d04a44c1
7cee6b4b9234d595e6abd78d1bc14febaf314cdab54cc18e07f92e0b24fe1e79
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 11:30:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
52.43.179.154101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.179.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: w6IMFxym1ndnmM9CofE3ig==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QZpt9z6EGhJ+NDsglphqxVHFbII=
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfilesurls.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 03:13:04 GMT
expires: Fri, 26 Jan 2024 03:13:04 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 116237
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c6c64fc014f993e296f124e4b2f0f175
68d3e62fcd25c05d19894a28f4490cf1d04a44c1
7cee6b4b9234d595e6abd78d1bc14febaf314cdab54cc18e07f92e0b24fe1e79
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 11:30:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c6c64fc014f993e296f124e4b2f0f175
68d3e62fcd25c05d19894a28f4490cf1d04a44c1
7cee6b4b9234d595e6abd78d1bc14febaf314cdab54cc18e07f92e0b24fe1e79
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 11:30:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c6c64fc014f993e296f124e4b2f0f175
68d3e62fcd25c05d19894a28f4490cf1d04a44c1
7cee6b4b9234d595e6abd78d1bc14febaf314cdab54cc18e07f92e0b24fe1e79
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 11:30:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
142.250.74.163200 OK 38 kB URL HTTP/2 fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 37924, version 1.0\012- data
Hash e08be6d5d433944f7ad52902e4d24db5
e2600c1d60d12d397b3ee44411a021231d71e974
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
GET /s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfilesurls.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 37924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 19:25:07 GMT
expires: Thu, 25 Jan 2024 19:25:07 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
content-type: font/woff2
age: 144314
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfilesurls.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 22 Jan 2023 12:46:12 GMT
expires: Mon, 22 Jan 2024 12:46:12 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 427449
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c6c64fc014f993e296f124e4b2f0f175
68d3e62fcd25c05d19894a28f4490cf1d04a44c1
7cee6b4b9234d595e6abd78d1bc14febaf314cdab54cc18e07f92e0b24fe1e79
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 11:30:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d14zhsq5aop7ap.cloudfront.net/?qshzd=974848
143.204.238.201200 OK 102 kB URL HTTP/2 d14zhsq5aop7ap.cloudfront.net/?qshzd=974848
IP 143.204.238.201:0
File type Unicode text, UTF-8 text, with very long lines (15948)
Size 102 kB (101544 bytes)
Hash d0cf12ee2c084456721b8a364dba3695
9192164f38c75aa79344d2608995032178b0d739
6149aab1e3109b60a82973f39e7576b3f50cde3635900df90da5341ae612ba9a
GET /?qshzd=974848 HTTP/1.1
Host: d14zhsq5aop7ap.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 101544
date: Fri, 27 Jan 2023 11:30:21 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 7c587fa0463f61b130aff5ca04c29170.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: T5PwETePq0Yf9zZFYM8NV9T8RKHQN1tNIraQdoQa5L2BL-2p_Goo1Q==
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 98f7978ddc21230fea7f4532e5be8be9
045554bec430f5f7f2517736b3758a70d9ffa702
3a483a164e19e9f44ca6bc2634fd1aff8b3e36d86ece256eb0c487c45f82221c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3634
Cache-Control: max-age=112755
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 11:30:21 GMT
Etag: "63d2bd0e-117"
Expires: Sat, 28 Jan 2023 18:49:36 GMT
Last-Modified: Thu, 26 Jan 2023 17:49:02 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 279
live.demand.supply/e/e.js?e=ll&d=248&cs=c&dsReferer=dXBmaWxlc3VybHMuY29tL2Q3SUk=
104.16.133.22200 OK 0 B URL HTTP/2 live.demand.supply/e/e.js?e=ll&d=248&cs=c&dsReferer=dXBmaWxlc3VybHMuY29tL2Q3SUk=
IP 104.16.133.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /e/e.js?e=ll&d=248&cs=c&dsReferer=dXBmaWxlc3VybHMuY29tL2Q3SUk= HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 11:30:21 GMT
content-type: application/javascript; charset=UTF-8
content-length: 1
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=2
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
x-nf-request-id: 01GQ7H9CDYQA3SAN73KD16A0RG
cf-cache-status: HIT
age: 594844
accept-ranges: bytes
set-cookie: __cf_bm=ThK2wfSfCZ98DSHvlSs2zMISy2DjIJVwecuZbkhzCcM-1674819021-0-AXsDuP4JNtFKbQKb4mZFps5bhKqxNJ2kfYATzsMR2vzjYzDFKBMQTHkoLK8+TtgHwVkVpVLM0MdjRk+tBf3kzrs=; path=/; expires=Fri, 27-Jan-23 12:00:21 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 790127e30e7db506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
live.demand.supply/ds.2.html
104.16.133.22200 OK 636 B URL HTTP/2 live.demand.supply/ds.2.html
IP 104.16.133.22:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fa8f8eb60c50b2f0f83262085c0fac4a
0874f0a5c590c138fb2dab636262fad5cf8e2fcb
1ff3c7e42b0143cb26bde5493dd3531281dc83fae9ab01afd6f3af07e5ed80d1
GET /ds.2.html HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 11:30:21 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
x-nf-request-id: 01GQ7HB016R4ESNRYCBJDGE3KV
cf-cache-status: HIT
age: 533110
set-cookie: __cf_bm=scwuLoVNQRak.LouMdXFUf4SfgYKdG4NJX0f2BLNDu4-1674819021-0-AYAnGcD/fNqo9053GxfFgfsx5ZwntALtcL+VV9kUjQMtdb0u8t46afwG1iScIBglc7yUDC2nBJF9sNrGGmLDAsE=; path=/; expires=Fri, 27-Jan-23 12:00:21 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 790127e2fbf7b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/jrItU-VjrKU
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/jrItU-VjrKU
IP 142.250.74.131:0
Hash bca72d3eae366aa16cd3164a43bb147a
5bb093d3735d429c57701080d8c45ece44d3234e
b515044cd948a21319a7c93a82d9e4e1057b1b5062ab6ca3944a02747cdcc171
POST /s/gts1p5/jrItU-VjrKU HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 11:30:21 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
upfilesurls.com/images/arrow-down.png?c98e5283a69cb508d054d30256af43c6
104.26.8.138200 OK 208 B URL HTTP/2 upfilesurls.com/images/arrow-down.png?c98e5283a69cb508d054d30256af43c6
IP 104.26.8.138:0
File type PNG image data, 6 x 12, 8-bit/color RGBA, non-interlaced\012- data
Hash 31f073499665afb237f3294219d2d7c6
c1ada0510e31f661dab66203c15a3d6c8f5468d0
59b7ad6d6f457b624e25d22959edc7c83af2ac52edba32fd6648c97af0d1780c
GET /images/arrow-down.png?c98e5283a69cb508d054d30256af43c6 HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/css/frontend.css?id=2396ffb76e738e465b53
Cookie: auth=eyJpdiI6IlV5VmwrVUNpVWhPWGpWeTZkSmFFYUE9PSIsInZhbHVlIjoiVURGejlmNUl1SU5jdi9nMXFsc05qUT09IiwibWFjIjoiMGQ3MTAzYTM4ZTE0MWM2MDlkOGY5YjEyOWJmNmFkZWU0YWZhMmIxMTBiYTI5YzJiM2ZhYWUxM2Y0N2FhYzBiYiIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6ImNuR0c4QXVodzdiWk1ERWw3OUhpNmc9PSIsInZhbHVlIjoiS1o1SGVlQnUrN3Z0UkhGY3ZIclB5eVZ1bzVtd09kcVZMSm1UYTFUSkNpREpmeVVYSEYyNVB0R05TZEpzWW9SaGNRRVBySFZpcW1yWHprN2JtQ3RuL3lPcDF6dGZnME14NHVFbVBZZjdpVkdta1dGTWo5VHdKRDFLQmUyN0RxeUciLCJtYWMiOiJlMDJkMzdhZDIwYmI5ZDU4NzUyNzgwZDMwMzk4ZjZhOWU5OTg5MThjNTJjMzU4ZGFlYzZmODg2YzlhMWRlZTU3IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6Iks4Q0VDenVVN0dBL3JNcng4cUFpL2c9PSIsInZhbHVlIjoiRlJyMnhzdHYyQW41Vm5YVzJmRmlXM3JtU0hLNHdjYmplajJZcllFWCttekR0VzJKdXF2bVVKOUthZjgrY2pOQnNPVmVYVWZUQmIyRE8waGg5RWFIL2VUcEJBL3N5USt2bUZJREpMbWlhT2JaNmt2L2R5b1E3bFhVRHBveVNKVmwiLCJtYWMiOiI0YTljYTMwNTIxYTZmMTYxOGI5Mjc4MWY3MzE3ZDQ4MzRiZjQ0OGVhYjY0Nzg5MDk5MTcyNjMyYTExODhjNjg2IiwidGFnIjoiIn0%3D; ab=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 11:30:21 GMT
content-type: image/png
content-length: 208
last-modified: Fri, 08 Apr 2022 10:55:45 GMT
etag: "625014b1-d0"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 243426
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fephXvwRmjxl8v33ZYeCk8rnQHhAWhDDcSgWaxaa3IXD4xZRiEjy71qCfJ23S9K0tEjyOWscmsx%2B1xV6c1YQDOe5TN2QlP2EMm0nUES3dqgmAmYrpLrmLIS7Krrb2ZylnA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 790127e3d8bcb523-OSL
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfilesurls.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 14:07:32 GMT
expires: Thu, 25 Jan 2024 14:07:32 GMT
cache-control: public, max-age=31536000
age: 163369
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
live.demand.supply/up.js
104.16.133.22200 OK 3.3 kB IP 104.16.133.22:0
File type ASCII text, with very long lines (3472)
Hash 504a4c07cc36937f4d767483c04d2fec
f05870f2f0b39e73cf5e150a9dc1f55c2adcbc2d
03e66bd687d8a9d94442906f067021bca6a2bcadd43ac0e208a1b538ea551c01
GET /up.js HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 11:30:21 GMT
content-type: application/javascript; charset=UTF-8
cf-ray: 790127e1a9a0b521-OSL
age: 952
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
etag: W/"30cd4982b290dd406327b3dd39f1ea22-ssl-df"
link: <https://live.demand.supply/impl.v16.3.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v16-2-0/dXBmaWxlc3VybHMuY29tLw==>; rel=preload; as=script
vary: Accept-Encoding
cf-cache-status: HIT
cf-bgj: minify
cf-polished: origSize=4391
timing-allow-origin: *
x-nf-request-id: 01GMX2WC7DDRK600SK19DPWQGC
set-cookie: demandSupplyTi=8713c95f-3391-42de-9222-e28cce40cf00; demandSupplyTc = null; demandSupplyTcI = null; SameSite=None; Secure; Max-Age=63072000
__cf_bm=hvrZc0uiyJMTJB4g807iwQMW6O6dZatlvg.AjrFnUdo-1674819021-0-AYQStnSohNeRylFLDgDDWRAfURpZT2mXrs7DZWjrHF71yd16BdairuLSB/VMYBmGcNqfjEbeqy3SmBTatU3XSYs=; path=/; expires=Fri, 27-Jan-23 12:00:21 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
foortowatch.xyz/S0JZWHkqIDo1Rip/O34MOS5kfUsNZ2seHXp2IzAKOnc4Nwl8Iyl2GictLDwfOS03LFclJy19Sw0UA2hICCEBATwCKy4AKhkPMhISMxIMEBV9EAxtOwE4HD0+CSYuHTssDxgxLCMSLmAJDzsIGj0yGCsWHjgRDjZIIAoLOzMALGAAPDwpLD5JCRMbMRIsFhwSOwQWED0xHS18ajsFABgVOh8TaxkrBgA4IhoaES43EAQAPjk6Mjo3CQMJEQBrMx4QHzwVBRA+ATgyC2gZFQUUPwsODRdoDkAoch8BL3kqIRVIBRQ/DCwSBR8eTBFyEGgoJXsgGywJFjgQVA44DGkvcg8YPC0dAyEiKB4MEz4uPxcLHho6CCERHQgFMS83exABPjEBAAtpHXMYaRY+ChEILz8JAxAWLi8GFB4jciZoYT4aFjF9Sw0TGH4TOC03KEQZKyM9ESgMIBY7LTIgGQ
54.230.111.128200 OK 1.2 kB URL HTTP/2 foortowatch.xyz/S0JZWHkqIDo1Rip/O34MOS5kfUsNZ2seHXp2IzAKOnc4Nwl8Iyl2GictLDwfOS03LFclJy19Sw0UA2hICCEBATwCKy4AKhkPMhISMxIMEBV9EAxtOwE4HD0+CSYuHTssDxgxLCMSLmAJDzsIGj0yGCsWHjgRDjZIIAoLOzMALGAAPDwpLD5JCRMbMRIsFhwSOwQWED0xHS18ajsFABgVOh8TaxkrBgA4IhoaES43EAQAPjk6Mjo3CQMJEQBrMx4QHzwVBRA+ATgyC2gZFQUUPwsODRdoDkAoch8BL3kqIRVIBRQ/DCwSBR8eTBFyEGgoJXsgGywJFjgQVA44DGkvcg8YPC0dAyEiKB4MEz4uPxcLHho6CCERHQgFMS83exABPjEBAAtpHXMYaRY+ChEILz8JAxAWLi8GFB4jciZoYT4aFjF9Sw0TGH4TOC03KEQZKyM9ESgMIBY7LTIgGQ
IP 54.230.111.128:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3047), with no line terminators
Hash 45d182b14b9ba44d999cd49f3ebd7545
f94398d511a37be4a68bb382f961aecd32f6f7a4
12ccd26d0b92d993c829b09fdbc94de87c663e7612cb512c4487137b202b7f56
GET /S0JZWHkqIDo1Rip/O34MOS5kfUsNZ2seHXp2IzAKOnc4Nwl8Iyl2GictLDwfOS03LFclJy19Sw0UA2hICCEBATwCKy4AKhkPMhISMxIMEBV9EAxtOwE4HD0+CSYuHTssDxgxLCMSLmAJDzsIGj0yGCsWHjgRDjZIIAoLOzMALGAAPDwpLD5JCRMbMRIsFhwSOwQWED0xHS18ajsFABgVOh8TaxkrBgA4IhoaES43EAQAPjk6Mjo3CQMJEQBrMx4QHzwVBRA+ATgyC2gZFQUUPwsODRdoDkAoch8BL3kqIRVIBRQ/DCwSBR8eTBFyEGgoJXsgGywJFjgQVA44DGkvcg8YPC0dAyEiKB4MEz4uPxcLHho6CCERHQgFMS83exABPjEBAAtpHXMYaRY+ChEILz8JAxAWLi8GFB4jciZoYT4aFjF9Sw0TGH4TOC03KEQZKyM9ESgMIBY7LTIgGQ HTTP/1.1
Host: foortowatch.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1195
date: Fri, 27 Jan 2023 11:30:21 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0rIEvA3S3Fw8lhLCsKSM2HGZs5-g_DpOY8EXv5ykc42nihJxFPE2wA==
X-Firefox-Spdy: h2
upfilesurls.com/img/plane.svg
104.26.8.138200 OK 411 B URL HTTP/2 upfilesurls.com/img/plane.svg
IP 104.26.8.138:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (580)
Hash 1efc217e8f21196dc40aceaf4d46e7fc
ad7c0fe3e31a55bd47f50a7f4be24471f9ded6fd
8a8a98f11df387b003383fb02a38b7c640e300071f7acd74a002cc954ab47d08
GET /img/plane.svg HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/d7II
Cookie: auth=eyJpdiI6IlV5VmwrVUNpVWhPWGpWeTZkSmFFYUE9PSIsInZhbHVlIjoiVURGejlmNUl1SU5jdi9nMXFsc05qUT09IiwibWFjIjoiMGQ3MTAzYTM4ZTE0MWM2MDlkOGY5YjEyOWJmNmFkZWU0YWZhMmIxMTBiYTI5YzJiM2ZhYWUxM2Y0N2FhYzBiYiIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6ImNuR0c4QXVodzdiWk1ERWw3OUhpNmc9PSIsInZhbHVlIjoiS1o1SGVlQnUrN3Z0UkhGY3ZIclB5eVZ1bzVtd09kcVZMSm1UYTFUSkNpREpmeVVYSEYyNVB0R05TZEpzWW9SaGNRRVBySFZpcW1yWHprN2JtQ3RuL3lPcDF6dGZnME14NHVFbVBZZjdpVkdta1dGTWo5VHdKRDFLQmUyN0RxeUciLCJtYWMiOiJlMDJkMzdhZDIwYmI5ZDU4NzUyNzgwZDMwMzk4ZjZhOWU5OTg5MThjNTJjMzU4ZGFlYzZmODg2YzlhMWRlZTU3IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6Iks4Q0VDenVVN0dBL3JNcng4cUFpL2c9PSIsInZhbHVlIjoiRlJyMnhzdHYyQW41Vm5YVzJmRmlXM3JtU0hLNHdjYmplajJZcllFWCttekR0VzJKdXF2bVVKOUthZjgrY2pOQnNPVmVYVWZUQmIyRE8waGg5RWFIL2VUcEJBL3N5USt2bUZJREpMbWlhT2JaNmt2L2R5b1E3bFhVRHBveVNKVmwiLCJtYWMiOiI0YTljYTMwNTIxYTZmMTYxOGI5Mjc4MWY3MzE3ZDQ4MzRiZjQ0OGVhYjY0Nzg5MDk5MTcyNjMyYTExODhjNjg2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 11:30:20 GMT
content-type: image/svg+xml
last-modified: Fri, 13 Jan 2023 13:29:35 GMT
vary: Accept-Encoding
etag: W/"63c15cbf-2ac"
cache-control: max-age=2592000
cf-cache-status: HIT
age: 243425
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3YHK8y3eGsDEx2vILb5S9shXR1O7vIEGYVO3WdVy7kdBe2ppjhkbp9v5kLbmqajtbuVIte4o%2BZH46z9Rxs6sN6Aq2i7LaKkriEnbUNKX58AhOKEZEdwPoS9cRcfz0g%2B3Aw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790127e04b63b523-OSL
content-encoding: br
X-Firefox-Spdy: h2
selsattherean.xyz/cThJd1BeByoEbT5tPQ4KQ18IETsrbREQZUlqD04zMHA9MAUnAG8DORUFcEBkSQxxUSAYXHRGdgJMKAMlAgV4UTkfXiZKdgcFeFljRRZ6Rn5DHjxKYVdMORY3TAlvByQFVHRGZkYMcUZpQQp4R2ZJ
172.67.174.144204 No Content 0 B URL HTTP/2 selsattherean.xyz/cThJd1BeByoEbT5tPQ4KQ18IETsrbREQZUlqD04zMHA9MAUnAG8DORUFcEBkSQxxUSAYXHRGdgJMKAMlAgV4UTkfXiZKdgcFeFljRRZ6Rn5DHjxKYVdMORY3TAlvByQFVHRGZkYMcUZpQQp4R2ZJ
IP 172.67.174.144:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cThJd1BeByoEbT5tPQ4KQ18IETsrbREQZUlqD04zMHA9MAUnAG8DORUFcEBkSQxxUSAYXHRGdgJMKAMlAgV4UTkfXiZKdgcFeFljRRZ6Rn5DHjxKYVdMORY3TAlvByQFVHRGZkYMcUZpQQp4R2ZJ HTTP/1.1
Host: selsattherean.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 27 Jan 2023 11:30:21 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MxjHzm4JpxNnFqRMebrxcjOd0I88gPMhlM5eI4dkXfXIkjkLqvMbEAQHXbuMeEhYG84pUpouXkFzYdQSOECTRxtvsQEwmesQjWWWBSnLmC1YvvEyVTzTw8cH6IGbpSBWPaCb2A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790127e3ce3bb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
live.demand.supply/x/e.js?ce=fs&dsReferer=dXBmaWxlc3VybHMuY29tL2Q3SUk=
104.16.133.22200 OK 0 B URL HTTP/2 live.demand.supply/x/e.js?ce=fs&dsReferer=dXBmaWxlc3VybHMuY29tL2Q3SUk=
IP 104.16.133.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /x/e.js?ce=fs&dsReferer=dXBmaWxlc3VybHMuY29tL2Q3SUk= HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 11:30:21 GMT
content-type: application/javascript; charset=UTF-8
content-length: 1
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=2
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
x-nf-request-id: 01GQ7H9CDM1X7TBXKQH8Y72FG5
cf-cache-status: HIT
age: 594843
accept-ranges: bytes
set-cookie: __cf_bm=muMG5lABab4LA_kkNFFMAlu96P0q7rYLqDdY5mKt8eU-1674819021-0-AaAhKoZGUdXPFg/5BiZYtvQph+WmrZ4scA2qD7e6jtvAyjJmWP8uay47mHx0NIvUnRCbYCfKH0xMhFswd74i/YM=; path=/; expires=Fri, 27-Jan-23 12:00:21 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 790127e45801b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
live.demand.supply/x/e.js?ce=bb&r=upfilesurls.com_auto_728x90_sticky_display_bottom&dsReferer=dXBmaWxlc3VybHMuY29tL2Q3SUk=
104.16.133.22200 OK 0 B URL HTTP/2 live.demand.supply/x/e.js?ce=bb&r=upfilesurls.com_auto_728x90_sticky_display_bottom&dsReferer=dXBmaWxlc3VybHMuY29tL2Q3SUk=
IP 104.16.133.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /x/e.js?ce=bb&r=upfilesurls.com_auto_728x90_sticky_display_bottom&dsReferer=dXBmaWxlc3VybHMuY29tL2Q3SUk= HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 11:30:21 GMT
content-type: application/javascript; charset=UTF-8
content-length: 1
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=2
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
x-nf-request-id: 01GQ7H9CDM1X7TBXKQH8Y72FG5
cf-cache-status: HIT
age: 594843
accept-ranges: bytes
set-cookie: __cf_bm=WxsLNfRQ8N1iF2YE42Vh_8_NwDffSag7CTIQMYklMPw-1674819021-0-AdNkeu6vJAvxSP340HLhP8zL+in4KYXL2w0OQphXt5Ug9TjvFYh8d+L9Ie7A9ZW/ul1dzK0TfZSVNog3P/CcqZk=; path=/; expires=Fri, 27-Jan-23 12:00:21 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 790127e4681ab506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/jrItU-VjrKU
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/jrItU-VjrKU
IP 142.250.74.131:0
Hash bca72d3eae366aa16cd3164a43bb147a
5bb093d3735d429c57701080d8c45ece44d3234e
b515044cd948a21319a7c93a82d9e4e1057b1b5062ab6ca3944a02747cdcc171
POST /s/gts1p5/jrItU-VjrKU HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 11:30:21 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.demand.supply/v16-2-0/a/upfilesurls.com_fluid_sq_firstpageaftertitle_1?&dsReferer=dXBmaWxlc3VybHMuY29tL2Q3SUk=
104.16.133.22200 OK 678 B URL HTTP/2 api.demand.supply/v16-2-0/a/upfilesurls.com_fluid_sq_firstpageaftertitle_1?&dsReferer=dXBmaWxlc3VybHMuY29tL2Q3SUk=
IP 104.16.133.22:0
File type JSON data\012- , ASCII text, with very long lines (303), with no line terminators
Hash d36bbb079f35471321809f57ddcb7a77
89e842215a8056b371c3ecf3aa532c1c493b45f1
5e5f91d4b4fbffd8542af95f43de5a54469046b51affe2a19f13c4acedc23cf3
GET /v16-2-0/a/upfilesurls.com_fluid_sq_firstpageaftertitle_1?&dsReferer=dXBmaWxlc3VybHMuY29tL2Q3SUk= HTTP/1.1
Host: api.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 11:30:21 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
etag: W/"12f-G5QWu8VgsKm2X5Cak1r38HSYfVE"
cf-cache-status: HIT
age: 170
set-cookie: __cf_bm=y3oEh1rf9uECMbn8HTdYmkVf0T6H__fiVWJGKl.BVIM-1674819021-0-AX3ymlFcszcdW5PSqZ+HUFc/4Lq4B+SL5Iph7x9Amp9Oag2zyzPy+VnmkCrSXXgGt4PA+RfU7HrenKG9OpVXsdU=; path=/; expires=Fri, 27-Jan-23 12:00:21 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 790127e46817b506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
upfilesurls.com/js/ads.js
104.26.8.138200 OK 1.2 kB URL HTTP/2 upfilesurls.com/js/ads.js
IP 104.26.8.138:0
File type ASCII text, with very long lines (1592), with no line terminators
Hash f7fd91917aacc522d3e72dfdb8c91054
a90827584df51816882f694901039e9db3a6cbd7
6f962b26c5e7b77528971022380574d299915cdb87bd164270fbe97453bbec09
GET /js/ads.js HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/d7II
Cookie: auth=eyJpdiI6IlV5VmwrVUNpVWhPWGpWeTZkSmFFYUE9PSIsInZhbHVlIjoiVURGejlmNUl1SU5jdi9nMXFsc05qUT09IiwibWFjIjoiMGQ3MTAzYTM4ZTE0MWM2MDlkOGY5YjEyOWJmNmFkZWU0YWZhMmIxMTBiYTI5YzJiM2ZhYWUxM2Y0N2FhYzBiYiIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6ImNuR0c4QXVodzdiWk1ERWw3OUhpNmc9PSIsInZhbHVlIjoiS1o1SGVlQnUrN3Z0UkhGY3ZIclB5eVZ1bzVtd09kcVZMSm1UYTFUSkNpREpmeVVYSEYyNVB0R05TZEpzWW9SaGNRRVBySFZpcW1yWHprN2JtQ3RuL3lPcDF6dGZnME14NHVFbVBZZjdpVkdta1dGTWo5VHdKRDFLQmUyN0RxeUciLCJtYWMiOiJlMDJkMzdhZDIwYmI5ZDU4NzUyNzgwZDMwMzk4ZjZhOWU5OTg5MThjNTJjMzU4ZGFlYzZmODg2YzlhMWRlZTU3IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6Iks4Q0VDenVVN0dBL3JNcng4cUFpL2c9PSIsInZhbHVlIjoiRlJyMnhzdHYyQW41Vm5YVzJmRmlXM3JtU0hLNHdjYmplajJZcllFWCttekR0VzJKdXF2bVVKOUthZjgrY2pOQnNPVmVYVWZUQmIyRE8waGg5RWFIL2VUcEJBL3N5USt2bUZJREpMbWlhT2JaNmt2L2R5b1E3bFhVRHBveVNKVmwiLCJtYWMiOiI0YTljYTMwNTIxYTZmMTYxOGI5Mjc4MWY3MzE3ZDQ4MzRiZjQ0OGVhYjY0Nzg5MDk5MTcyNjMyYTExODhjNjg2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 11:30:20 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-bgj: minify
etag: W/"63aa39b0-638"
last-modified: Tue, 27 Dec 2022 00:17:52 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Accept-Encoding
cf-cache-status: HIT
age: 1782459
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=StaCWNu%2Bl29r2JTBW0zdOhTa3DWpJ9hJlSLclUCMSdHku0QAXghS%2BvKsEkYfLwCp4wlRqWh5pM47%2BUP2ztSNuj3cqCp9nM3kNNbLL2%2BOzsawZzCWmGjrEBZyYPYBIOnp1w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790127e04b64b523-OSL
content-encoding: br
X-Firefox-Spdy: h2
datatechone.com/log/add?cid=099bff94-57af-4b2b-a42c-300c65c51697
139.45.195.253200 OK 2 B URL HTTP/1.1 datatechone.com/log/add?cid=099bff94-57af-4b2b-a42c-300c65c51697
IP 139.45.195.253:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=099bff94-57af-4b2b-a42c-300c65c51697 HTTP/1.1
Host: datatechone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 917
Origin: https://upfilesurls.com
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Fri, 27 Jan 2023 11:30:21 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://upfilesurls.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
d14zhsq5aop7ap.cloudfront.net/mMVdOb0hSOCAJd0U+KlJxBmN4XXwXPT0AJkFqBAEOfBQdXg5BP3tJPEszc19uXTYgCHUXMiAMdQBxLwsqDGNoGzhePHMcPlAtIBY8QTIoST1QaiMAMlg7Ig5tAxF7QXgUZX5HP1g5KgA/QnJ8XyZFcnxfeQF5fkp7c3J8Xz9YOXhbbQIVa114SWF6Sntzcn-xfOkdyfS55AWJgX2EUZX4ILVI8IUp6d2V+XngBZn5ebQNnKAY6VDEhF20DEX9ffR9naBp1AA
143.204.238.201200 OK 588 B URL HTTP/2 d14zhsq5aop7ap.cloudfront.net/mMVdOb0hSOCAJd0U+KlJxBmN4XXwXPT0AJkFqBAEOfBQdXg5BP3tJPEszc19uXTYgCHUXMiAMdQBxLwsqDGNoGzhePHMcPlAtIBY8QTIoST1QaiMAMlg7Ig5tAxF7QXgUZX5HP1g5KgA/QnJ8XyZFcnxfeQF5fkp7c3J8Xz9YOXhbbQIVa114SWF6Sntzcn-xfOkdyfS55AWJgX2EUZX4ILVI8IUp6d2V+XngBZn5ebQNnKAY6VDEhF20DEX9ffR9naBp1AA
IP 143.204.238.201:0
File type ASCII text, with very long lines (831), with no line terminators
Hash 72d09a7603bbe36247a92135e3917f26
6475d6d483062d9f5f91efea66aa07968956114d
62f879a538a176cec5d1a3efcc56f638b23c87a61baaa95ada049d6fb9e45ef9
GET /mMVdOb0hSOCAJd0U+KlJxBmN4XXwXPT0AJkFqBAEOfBQdXg5BP3tJPEszc19uXTYgCHUXMiAMdQBxLwsqDGNoGzhePHMcPlAtIBY8QTIoST1QaiMAMlg7Ig5tAxF7QXgUZX5HP1g5KgA/QnJ8XyZFcnxfeQF5fkp7c3J8Xz9YOXhbbQIVa114SWF6Sntzcn-xfOkdyfS55AWJgX2EUZX4ILVI8IUp6d2V+XngBZn5ebQNnKAY6VDEhF20DEX9ffR9naBp1AA HTTP/1.1
Host: d14zhsq5aop7ap.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://foortowatch.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 588
date: Fri, 27 Jan 2023 11:30:21 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 7c587fa0463f61b130aff5ca04c29170.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: PfZGfzmYKxZkq3V7_CVLYnWjJjEWDieo_GgdSIHfgMx6hZlE_MTrMQ==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1f4c8e17a668764556ab61c7c31e53c7
ada5ee5917ab9faf3d55a6da1d5bfc3077e42de2
8ac89ed8b6650ea140c2eac1b1dd61f8498e97e278e6bd6debfd803a588e2468
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 11:30:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f9e92d8863b76845831b7b68514bcb42
b45e10117293e9b22389e1ddae773cac31883e2c
8b2bde7176878f3aa056c124c031a2aceb18473ecc53c06a73191dbda9ff9ab9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 11:30:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 6783c5eb0769f1f5ece9c2831e15a183
730a400cf0111301bd4ac9771888b19011f95165
460f8f94578c80fe856ec5f87138428d2421c9823abc0fc125e61fbe99625dd7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 11:30:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 82e3abc4a7b17efedca67cf215f4bb60
e20e55d87591af7db3a4bcfc429048f85e389b85
df8901d4d87686fb11e17986f5d53cf513f675b4dd71f0a2e35c7ffbefa7fb9e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 11:30:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.demand.supply/v16-2-0/a/upfilesurls.com_fluid_lb+sq_firstpagebeforetitle_1?&dsReferer=dXBmaWxlc3VybHMuY29tL2Q3SUk=
104.16.133.22200 OK 20 kB URL HTTP/2 api.demand.supply/v16-2-0/a/upfilesurls.com_fluid_lb+sq_firstpagebeforetitle_1?&dsReferer=dXBmaWxlc3VybHMuY29tL2Q3SUk=
IP 104.16.133.22:0
File type JSON data\012- , ASCII text, with very long lines (304), with no line terminators
Hash 7c20070b0285654050993a6c889e0b3e
ea1d139199cb4e4f662f684756f50da40e4d9d40
c3ed452dac52890b88061300dffa08988440ce0549225bd975aa7acb46247f06
GET /v16-2-0/a/upfilesurls.com_fluid_lb+sq_firstpagebeforetitle_1?&dsReferer=dXBmaWxlc3VybHMuY29tL2Q3SUk= HTTP/1.1
Host: api.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 11:30:21 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
etag: W/"130-YgCAzZD+D24BFn+6rLvMJZKUkfA"
cf-cache-status: HIT
age: 170
set-cookie: __cf_bm=u3UkRWsUuzRGyfpCWYO53n8pL2V7H_OFoDXJy_Vnbkg-1674819021-0-AXcf6eLqVAN1G0H1/II+b0At3GYa5rqGkUWK3QuPfs8CF/bd3F2pu31BV2JJlg/ki3VAREPnLGNF9zii8MsycO0=; path=/; expires=Fri, 27-Jan-23 12:00:21 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 790127e46816b506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b6bd32a40f252b65ea3ebe183c3175ba
9028c3fefbe3cba35a4d5349cd95c1e67f8914e8
cc266f4b7f4c444950305b9011f2258974e74e8578856348e0b7a78a7f217fd9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 11:30:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
upfilesurls.com/favicon.ico
104.26.8.138200 OK 1.6 kB URL HTTP/2 upfilesurls.com/favicon.ico
IP 104.26.8.138:0
File type MS Windows icon resource - 1 icon, 32x32 with PNG image data, 32 x 32, 8-bit colormap, non-interlaced, 32 bits/pixel\012- data
Hash ea9e22470d0ee65e1fd475a10911e586
792bdacbb71d37fc0579d4788e915c139681ec90
e5d19de26e9e257f7fcb237bdcaa49109e0b2198febce5837546a09db395f368
GET /favicon.ico HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/d7II
Cookie: auth=eyJpdiI6IlV5VmwrVUNpVWhPWGpWeTZkSmFFYUE9PSIsInZhbHVlIjoiVURGejlmNUl1SU5jdi9nMXFsc05qUT09IiwibWFjIjoiMGQ3MTAzYTM4ZTE0MWM2MDlkOGY5YjEyOWJmNmFkZWU0YWZhMmIxMTBiYTI5YzJiM2ZhYWUxM2Y0N2FhYzBiYiIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6ImNuR0c4QXVodzdiWk1ERWw3OUhpNmc9PSIsInZhbHVlIjoiS1o1SGVlQnUrN3Z0UkhGY3ZIclB5eVZ1bzVtd09kcVZMSm1UYTFUSkNpREpmeVVYSEYyNVB0R05TZEpzWW9SaGNRRVBySFZpcW1yWHprN2JtQ3RuL3lPcDF6dGZnME14NHVFbVBZZjdpVkdta1dGTWo5VHdKRDFLQmUyN0RxeUciLCJtYWMiOiJlMDJkMzdhZDIwYmI5ZDU4NzUyNzgwZDMwMzk4ZjZhOWU5OTg5MThjNTJjMzU4ZGFlYzZmODg2YzlhMWRlZTU3IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6Iks4Q0VDenVVN0dBL3JNcng4cUFpL2c9PSIsInZhbHVlIjoiRlJyMnhzdHYyQW41Vm5YVzJmRmlXM3JtU0hLNHdjYmplajJZcllFWCttekR0VzJKdXF2bVVKOUthZjgrY2pOQnNPVmVYVWZUQmIyRE8waGg5RWFIL2VUcEJBL3N5USt2bUZJREpMbWlhT2JaNmt2L2R5b1E3bFhVRHBveVNKVmwiLCJtYWMiOiI0YTljYTMwNTIxYTZmMTYxOGI5Mjc4MWY3MzE3ZDQ4MzRiZjQ0OGVhYjY0Nzg5MDk5MTcyNjMyYTExODhjNjg2IiwidGFnIjoiIn0%3D; ab=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 11:30:21 GMT
content-type: image/x-icon
last-modified: Fri, 08 Apr 2022 10:55:45 GMT
etag: W/"625014b1-5b8"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 7054
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=616z0V5%2Fs%2FxsJ8UXILxyVUJtiGLeZZxxbc46MbXeGN0sl5JRS7Kj06DW7XAY8lw9ecURIYlCOfkqALN9tFmiO0O3ho1nCjPZMwgWYRLa4hEQsHrjXkvrw%2FL7Ymm4xFV6EQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 790127e59b48b523-OSL
content-encoding: br
X-Firefox-Spdy: h2
foortowatch.xyz/utx?cb=AebhMXOkodfU&top=upfilesurls.com&tid=974624
54.230.111.128204 No Content 0 B URL HTTP/2 foortowatch.xyz/utx?cb=AebhMXOkodfU&top=upfilesurls.com&tid=974624
IP 54.230.111.128:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=AebhMXOkodfU&top=upfilesurls.com&tid=974624 HTTP/1.1
Host: foortowatch.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 27 Jan 2023 11:30:21 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://upfilesurls.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Fri, 27 Jan 2023 11:31:21 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fsGRwgFlIdccQJ5LJQMkr17a69_GyAzx_PjQypeTYWQn89rqefzTMQ==
X-Firefox-Spdy: h2
securepubads.g.doubleclick.net/tag/js/gpt.js
142.250.74.130200 OK 28 kB URL HTTP/2 securepubads.g.doubleclick.net/tag/js/gpt.js
IP 142.250.74.130:0
File type ASCII text, with very long lines (39375)
Hash 16f9731c0a9ab9f7ace35bd12a7d9816
16adf9df566c1d9a1dc17a4abd73cb4cfeeb1e7f
f1aa0a76abf81edc87b17a7446e01ff2e3aa5af60479c04849958bd86ad4cc87
GET /tag/js/gpt.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27627
date: Fri, 27 Jan 2023 11:30:21 GMT
expires: Fri, 27 Jan 2023 11:30:21 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1464 / 586 of 1000 / last-modified: 1674778423"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
foortowatch.xyz/utx?cb=js2eComreIui&top=upfilesurls.com&tid=974848
54.230.111.128204 No Content 0 B URL HTTP/2 foortowatch.xyz/utx?cb=js2eComreIui&top=upfilesurls.com&tid=974848
IP 54.230.111.128:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=js2eComreIui&top=upfilesurls.com&tid=974848 HTTP/1.1
Host: foortowatch.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 27 Jan 2023 11:30:21 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://upfilesurls.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Fri, 27 Jan 2023 11:31:21 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DDqepqXxuW9Jlgz_XFiinRzzB9SS42N4wiOGVyN9h45JaU2mXBNXRA==
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
142.250.74.109302 Found 396 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 142.250.74.109:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (383)
Hash b5fff662db2995c37f961b18d7d2a716
1c0a23e27e3335f978bd2f60de946b32c10bb406
21d094c1d01c68435ea86b75fea7c95f8f86624cb89789a703a209aacbe676f0
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 27 Jan 2023 11:30:21 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S738430799%3A1674819021800105&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHcyLE_KpzD2KcqCrvKKF4oaYYcHvcrR_5fYdDu4bMITrvKgd7yXPBWmw60Fx-iejb4p6er9RQ
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-KuyFXyX8O4aJwViLSlMuFA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 396
server: GSE
set-cookie: __Host-GAPS=1:0KPTjpVEsgq1TPiaMWzNbkIGQbtv-w:ScQ4olaWrMUlzmGU;Path=/;Expires=Sun, 26-Jan-2025 11:30:21 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
api.demand.supply/v16-2-0/a/upfilesurls.com_fluid_lb+sq_firstpageafterbutton_1?&dsReferer=dXBmaWxlc3VybHMuY29tL2Q3SUk=
104.16.133.22200 OK 206 B URL HTTP/2 api.demand.supply/v16-2-0/a/upfilesurls.com_fluid_lb+sq_firstpageafterbutton_1?&dsReferer=dXBmaWxlc3VybHMuY29tL2Q3SUk=
IP 104.16.133.22:0
File type JSON data\012- , ASCII text, with very long lines (303), with no line terminators
Hash abe6a3cfc3fadfa6c99fa4eee6b53cf3
1431adcff99334422772f5b168e4ab01d717b13b
c529f81be44a967abb36828f00b4842a5718f9950d7c240a05534738cf1f5878
GET /v16-2-0/a/upfilesurls.com_fluid_lb+sq_firstpageafterbutton_1?&dsReferer=dXBmaWxlc3VybHMuY29tL2Q3SUk= HTTP/1.1
Host: api.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 11:30:21 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
etag: W/"12f-9sKIQ9d+rgvR1SuK9ZA4/UOmbS4"
cf-cache-status: HIT
age: 170
set-cookie: __cf_bm=yLNHHJTiz7zhFVwzMGJ78ZFV8eyecYNKPRKgJ..CaaU-1674819021-0-AdfU5fpJ+alcQCjvHx+6za3TJqXDH7jGgSH6YwjwZOVqLhvwezWXruTufWWXAN3O5hanDgq9rCDdEKDSG8iWar4=; path=/; expires=Fri, 27-Jan-23 12:00:21 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 790127e46818b506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
142.250.74.3200 OK 586 B URL HTTP/2 www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
IP 142.250.74.3:0
File type ASCII text, with very long lines (921), with no line terminators
Hash f5663b139833f4a8e0066ac97b30d0d3
f7b0f69618c8a5d87603de62b6c68bd948e5197d
cbfc44c0dd839b503a89d290390e19f5409f38962dd8843124d7ec2a6e1beec0
GET /recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit HTTP/1.1
Host: www.recaptcha.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Fri, 27 Jan 2023 11:30:21 GMT
date: Fri, 27 Jan 2023 11:30:21 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 586
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j99&a=1351607474&t=pageview&_s=1&dl=https%3A%2F%2Fupfilesurls.com%2Fd7II&ul=en-us&de=UTF-8&dt=D-TECH%20USB%20ROBA%20DATOS.rar&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=746187631&gjid=864580569&cid=438832274.1674819022&tid=UA-197252557-1&_gid=1223423622.1674819022&_r=1&_slc=1>m=2ou1p0&z=804810453
142.250.74.110200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j99&a=1351607474&t=pageview&_s=1&dl=https%3A%2F%2Fupfilesurls.com%2Fd7II&ul=en-us&de=UTF-8&dt=D-TECH%20USB%20ROBA%20DATOS.rar&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=746187631&gjid=864580569&cid=438832274.1674819022&tid=UA-197252557-1&_gid=1223423622.1674819022&_r=1&_slc=1>m=2ou1p0&z=804810453
IP 142.250.74.110:0
File type ASCII text, with no line terminators
Hash 38684612f0c6bb6dfa16da92f4a6878f
6fe62d0dd7db314b7f9bb945672f078e01d27f0f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
POST /j/collect?v=1&_v=j99&a=1351607474&t=pageview&_s=1&dl=https%3A%2F%2Fupfilesurls.com%2Fd7II&ul=en-us&de=UTF-8&dt=D-TECH%20USB%20ROBA%20DATOS.rar&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=746187631&gjid=864580569&cid=438832274.1674819022&tid=UA-197252557-1&_gid=1223423622.1674819022&_r=1&_slc=1>m=2ou1p0&z=804810453 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://upfilesurls.com
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://upfilesurls.com
date: Fri, 27 Jan 2023 11:30:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4adeea2262378239736beff115f7a5a4
3f5dec01a072e26e8f9f436a7d28860fab4e0feb
52959cfee451c390f39e92b6fd2cb07ae7550e5d1ed880ff4f131c2837c377bd
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "52959CFEE451C390F39E92B6FD2CB07AE7550E5D1ED880FF4F131C2837C377BD"
Last-Modified: Thu, 26 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5355
Expires: Fri, 27 Jan 2023 12:59:36 GMT
Date: Fri, 27 Jan 2023 11:30:21 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4adeea2262378239736beff115f7a5a4
3f5dec01a072e26e8f9f436a7d28860fab4e0feb
52959cfee451c390f39e92b6fd2cb07ae7550e5d1ed880ff4f131c2837c377bd
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "52959CFEE451C390F39E92B6FD2CB07AE7550E5D1ED880FF4F131C2837C377BD"
Last-Modified: Thu, 26 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5355
Expires: Fri, 27 Jan 2023 12:59:36 GMT
Date: Fri, 27 Jan 2023 11:30:21 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4adeea2262378239736beff115f7a5a4
3f5dec01a072e26e8f9f436a7d28860fab4e0feb
52959cfee451c390f39e92b6fd2cb07ae7550e5d1ed880ff4f131c2837c377bd
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "52959CFEE451C390F39E92B6FD2CB07AE7550E5D1ED880FF4F131C2837C377BD"
Last-Modified: Thu, 26 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5355
Expires: Fri, 27 Jan 2023 12:59:36 GMT
Date: Fri, 27 Jan 2023 11:30:21 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 97ccaa279f6ade845b71b57615d40388
5186089108dca0136feab418da66a9e027c7e427
515128c713e98c9a0546c35d9a1e0719057136509b5b2312e4af56a9acc80ec2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 11:30:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1f4c8e17a668764556ab61c7c31e53c7
ada5ee5917ab9faf3d55a6da1d5bfc3077e42de2
8ac89ed8b6650ea140c2eac1b1dd61f8498e97e278e6bd6debfd803a588e2468
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 11:30:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
142.250.74.109302 Found 394 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 142.250.74.109:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (381)
Hash bb8533d6e744f5938d7ce0a65236a3c0
7c67ca405b8f8ae8f1af13d4d04195073e6c8d85
956b8b8860cd27b0bd7e5b4303e13296207d6dbed30c2a1da34432c32db8e865
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 27 Jan 2023 11:30:21 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1173705459%3A1674819021853689&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHfMY79hDU_fZBGnxHRW_vLOJI8qs-6goPbH4Zfkx5seru2iL80glLnWUf6-0tcfLhzlxMu70Q
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-HqxrlHxTCcM4AIt5D6qHrQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 394
server: GSE
set-cookie: __Host-GAPS=1:FozolX4sBLtsEsFXDlnr6e_ivjVfng:T_RYNekM7dCVwzuw;Path=/;Expires=Sun, 26-Jan-2025 11:30:21 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
d14zhsq5aop7ap.cloudfront.net/?qshzd=974848
143.204.238.201200 OK 102 kB URL HTTP/2 d14zhsq5aop7ap.cloudfront.net/?qshzd=974848
IP 143.204.238.201:0
File type Unicode text, UTF-8 text, with very long lines (15948)
Size 102 kB (101546 bytes)
Hash 5e614d18abc55d7e8ef65e14afbc685a
cb08e22d156773ef9c58a9bff9b938a228d725f9
4a0041d156b34a5ad0fcf076e1a81ef2eab9ae0c9debeed615f85fb10f10c58b
GET /?qshzd=974848 HTTP/1.1
Host: d14zhsq5aop7ap.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Origin: https://upfilesurls.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 101546
date: Fri, 27 Jan 2023 11:30:21 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://upfilesurls.com
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 7c587fa0463f61b130aff5ca04c29170.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: r6F-CcYZw_V03GFMhhwdJCDELKs7HRzauS_oxrPD1U6L7lgDu4V9Uw==
X-Firefox-Spdy: h2
securepubads.g.doubleclick.net/gpt/pubads_impl_2023012301.js?cb=31071867
142.250.74.130200 OK 133 kB URL HTTP/2 securepubads.g.doubleclick.net/gpt/pubads_impl_2023012301.js?cb=31071867
IP 142.250.74.130:0
File type ASCII text, with very long lines (65395)
Size 133 kB (133281 bytes)
Hash 9a4eaabcd1138400dd0b4b2aea79c85a
bbe4bc5827ae80648d76482243c36e9da7c2cfa8
96c38d3a2514ef03d455d60c807c207b87fa8c49d1599ed8a37ab324f746fe0f
GET /gpt/pubads_impl_2023012301.js?cb=31071867 HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 133281
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 22:24:23 GMT
expires: Wed, 24 Jan 2024 22:24:23 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Mon, 23 Jan 2023 09:36:08 GMT
content-type: text/javascript
age: 219958
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
securepubads.g.doubleclick.net/pagead/ppub_config?ippd=upfilesurls.com
142.250.74.130200 OK 85 B URL HTTP/2 securepubads.g.doubleclick.net/pagead/ppub_config?ippd=upfilesurls.com
IP 142.250.74.130:0
File type JSON data\012- , ASCII text, with no line terminators
Hash bd1c368fb503ee98e67df86b371868eb
cfbd5fdc653aed58261af6258fdffe8943c1a73f
33c7136592ec63bd2de16621de1a40b9d1ef8c14198e7160a47a0f78405a1fa4
GET /pagead/ppub_config?ippd=upfilesurls.com HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
date: Fri, 27 Jan 2023 11:30:21 GMT
expires: Fri, 27 Jan 2023 11:30:21 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 27-Jan-2023 11:45:21 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b6bd32a40f252b65ea3ebe183c3175ba
9028c3fefbe3cba35a4d5349cd95c1e67f8914e8
cc266f4b7f4c444950305b9011f2258974e74e8578856348e0b7a78a7f217fd9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 11:30:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
live.demand.supply/impl.v16.3.0.js
104.16.133.22200 OK 26 kB URL HTTP/2 live.demand.supply/impl.v16.3.0.js
IP 104.16.133.22:0
File type ASCII text, with very long lines (26438)
Hash ec09ba7b963b5a7417554195f9878463
4994a6954ed3e5415285aec07414e04c914a3254
d8aa599c205a1c41dbe7bdb1e400950c64114ad650171aea613c4b164b9b8aff
GET /impl.v16.3.0.js HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Cookie: demandSupplyTi=8713c95f-3391-42de-9222-e28cce40cf00; __cf_bm=hvrZc0uiyJMTJB4g807iwQMW6O6dZatlvg.AjrFnUdo-1674819021-0-AYQStnSohNeRylFLDgDDWRAfURpZT2mXrs7DZWjrHF71yd16BdairuLSB/VMYBmGcNqfjEbeqy3SmBTatU3XSYs=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 11:30:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=74953
etag: W/"b19940580c70e30455a2254a785a8919-ssl-df"
timing-allow-origin: *
vary: Accept-Encoding
x-nf-request-id: 01GMX2V689ENQZTBQ4NFCNSXD1
cf-cache-status: HIT
age: 508646
server: cloudflare
cf-ray: 790127e2fbdeb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d9bf2793558044193d7e5d27708a9144
5a8f73462cfda6544cc3efe488854c3cd80bb0a7
e1db5ce5f130aa6d6a1bf18da60fee5c6bb76625a26aef0fee67702e7209ef7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 11:30:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4adeea2262378239736beff115f7a5a4
3f5dec01a072e26e8f9f436a7d28860fab4e0feb
52959cfee451c390f39e92b6fd2cb07ae7550e5d1ed880ff4f131c2837c377bd
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "52959CFEE451C390F39E92B6FD2CB07AE7550E5D1ED880FF4F131C2837C377BD"
Last-Modified: Thu, 26 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5354
Expires: Fri, 27 Jan 2023 12:59:36 GMT
Date: Fri, 27 Jan 2023 11:30:22 GMT
Connection: keep-alive
www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js
142.250.74.35200 OK 164 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (771)
Size 164 kB (163774 bytes)
Hash 57c909ab73fc27ec24f737bbf1cb1de8
89b2c02e9e7a9a764518fca545d3eec2044fd6d9
7e407e2b00bb7c238c71d96472f7ab030de4e610b1048f0f77b25cb85c2d166b
GET /recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 17:09:34 GMT
expires: Tue, 23 Jan 2024 17:09:34 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 23 Jan 2023 01:02:00 GMT
content-type: text/javascript
age: 325248
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d9bf2793558044193d7e5d27708a9144
5a8f73462cfda6544cc3efe488854c3cd80bb0a7
e1db5ce5f130aa6d6a1bf18da60fee5c6bb76625a26aef0fee67702e7209ef7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 11:30:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 61f119c4b6311c87501f54da9ad62e7e
479c65a3be3e77ff0af6f26118389cac97852c74
e00fa0353240654d541e2aee878c14feb77837a1b5a4a12fa326ec2cc5a92e59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 11:30:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 61b07ec18bd0517d727603f51ee96cbe
03caefc67f3485fcad58d669cd4e7c8b371acce5
604702d9942ca8804874e6923a37438ce46c913122ed7b700273f46f1029afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 11:30:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17517
Expires: Fri, 27 Jan 2023 16:22:19 GMT
Date: Fri, 27 Jan 2023 11:30:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17517
Expires: Fri, 27 Jan 2023 16:22:19 GMT
Date: Fri, 27 Jan 2023 11:30:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17517
Expires: Fri, 27 Jan 2023 16:22:19 GMT
Date: Fri, 27 Jan 2023 11:30:22 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ba0a42dadf6a976df148f652e9cc1844
4d825b74865effa4a858ddcad1d0969671facc07
7276a38c9ba6b13a06f24ab8b802f210f98c5541df53fbcd8e879a14d2957d95
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5943
x-amzn-requestid: 6774f4a4-ed83-49df-868f-4517c2af914b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUXxNF2UIAMFlYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a007-75b1e8975c3f4b503e0a1c5b;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:32:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MeE0Qrn_yZvUApGQTbOKQ14Z2ipPLbPFPyVqkKTk0Bs7ETn0UU6yMg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 21:48:43 GMT
age: 49299
etag: "4d825b74865effa4a858ddcad1d0969671facc07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=upfilesurls.com
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=upfilesurls.com
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=upfilesurls.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 27 Jan 2023 11:30:22 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=upfilesurls.com
142.250.74.130200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=upfilesurls.com
IP 142.250.74.130:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=upfilesurls.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 27 Jan 2023 11:30:22 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52fbb3f0-e394-4245-a542-f5d9aa7b93cc.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52fbb3f0-e394-4245-a542-f5d9aa7b93cc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dc869235086902c4acc379733b6bfdb8
0170f6aa6bd83ddeb60cf1cb65e9f0443d8d4bae
e614e29b14e69209fd4b82a688290f7a3f541909833a6558cf480aca899bab6d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52fbb3f0-e394-4245-a542-f5d9aa7b93cc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9056
x-amzn-requestid: 81cf473d-8dc6-49e7-b012-d0b7dfaec7f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fB4COHTlIAMFtRg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ca3a0e-0848461c054db5c66fde9107;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 06:51:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: fdefZSZfSJi1-C7ZTSahawckLN-To4P91H-n1cyPqw34f18VzTeHRg==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 12:54:06 GMT
age: 81376
etag: "0170f6aa6bd83ddeb60cf1cb65e9f0443d8d4bae"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd33883a9-7857-4110-892f-73f67db692bc.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd33883a9-7857-4110-892f-73f67db692bc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a85badd84c0542610b94f22c4f265511
5b490095b5e02d9fef4b762888353998b645dfc9
23d6d9848caf36f0556438c371f112b40dcbf9b08b8b27bd37d4d73960c701c1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd33883a9-7857-4110-892f-73f67db692bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9482
x-amzn-requestid: 825c5e6b-8fda-445e-9ed3-f5d634943c00
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fIZd0HqkIAMFn7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ccd5f1-2b31fe3001a1b04a406ff7ff;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 06:21:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CLTiEOu21gcngjMAN7EcwiAVeXsOYrTqwKr-puh4Cq9W51bI4WivVQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 05:22:53 GMT
age: 22049
etag: "5b490095b5e02d9fef4b762888353998b645dfc9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16430244-f45f-4aea-a8a8-2b1f37fa80ef.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16430244-f45f-4aea-a8a8-2b1f37fa80ef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5e7158416f60576804ccff03307319fe
a342f94625e913fa6b8d862a59979f1e3ad80dd1
5c525df7d169cc7e033d920c11f4a0163a781c025a22b70530882b56964a9a52
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16430244-f45f-4aea-a8a8-2b1f37fa80ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5737
x-amzn-requestid: cc977ea9-c418-4a5a-a13b-c86e16bbe6ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fRGPFGL5oAMFiSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d050c6-2d540cac5ca7d4e64cfdb8bc;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 21:42:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uZnA5gkRlZyqamh_n3992G9PlMJa4gJ-mjSOQEysII73dDKLXmeXsg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 12:26:22 GMT
age: 83040
etag: "a342f94625e913fa6b8d862a59979f1e3ad80dd1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 131eb343c5abd61939457d69bd371348
ffb2035cf64fc83f01db5c6f26ffa264b6aac95b
8486eb9dc6325018f8721bc6f37408f260b6e652b145280f2d778d860d3ec2d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7538
x-amzn-requestid: 113924cc-a196-4dbd-91d9-68c213265afe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3fobF-ZoAMFjjA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c61302-6b24941a642b22cf21e47dc0;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2P09wOtKPDHjxxAuzcLFMQJwmGN1zNJcH9LA6IJpeaGiaPVRF4y-TA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 21:59:56 GMT
age: 48626
etag: "ffb2035cf64fc83f01db5c6f26ffa264b6aac95b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S738430799%3A1674819021800105&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHcyLE_KpzD2KcqCrvKKF4oaYYcHvcrR_5fYdDu4bMITrvKgd7yXPBWmw60Fx-iejb4p6er9RQ
142.250.74.109403 Forbidden 14 kB URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S738430799%3A1674819021800105&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHcyLE_KpzD2KcqCrvKKF4oaYYcHvcrR_5fYdDu4bMITrvKgd7yXPBWmw60Fx-iejb4p6er9RQ
IP 142.250.74.109:0
Hash 33400b54327b32fe073c1c05507f632b
b774f8251335dad6add6aae6f70fdad495ced93d
a137ff2dfea6cf95a32093a07008e408371b5da3b4486acda4619a1b479d2da1
GET /v3/signin/identifier?dsh=S738430799%3A1674819021800105&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHcyLE_KpzD2KcqCrvKKF4oaYYcHvcrR_5fYdDu4bMITrvKgd7yXPBWmw60Fx-iejb4p6er9RQ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 27 Jan 2023 11:30:21 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi/external"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-_u8upR_n8u5dQMmeq5u70w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 61b07ec18bd0517d727603f51ee96cbe
03caefc67f3485fcad58d669cd4e7c8b371acce5
604702d9942ca8804874e6923a37438ce46c913122ed7b700273f46f1029afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 11:30:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 61f119c4b6311c87501f54da9ad62e7e
479c65a3be3e77ff0af6f26118389cac97852c74
e00fa0353240654d541e2aee878c14feb77837a1b5a4a12fa326ec2cc5a92e59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 11:30:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7b8dcc42710b2f68c0ec782d2b2a3ae3
b865da423aa26e774270b8e3942b6fbe76793133
2da0fcf67d020f7c563946fca7ade89803cbe7cfe484f123640f8a9950b3f2b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 11:30:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
b3b7764334149e2c11c22a0d325dac0c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
142.250.74.97200 OK 2.7 kB URL HTTP/2 b3b7764334149e2c11c22a0d325dac0c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
IP 142.250.74.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5657)
Hash e8ee9c011ff8e1f464e74c37113119ee
64ad72134ea05877de0f2b6503f5c0d8c3f78197
09e42988871806c7f0a897bda7bc4247f47f4d8590749eaa245b8ff1fa907303
GET /safeframe/1-0-40/html/container.html HTTP/1.1
Host: b3b7764334149e2c11c22a0d325dac0c.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 2653
date: Fri, 27 Jan 2023 11:30:22 GMT
expires: Sat, 27 Jan 2024 11:30:22 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7b8dcc42710b2f68c0ec782d2b2a3ae3
b865da423aa26e774270b8e3942b6fbe76793133
2da0fcf67d020f7c563946fca7ade89803cbe7cfe484f123640f8a9950b3f2b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 11:30:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9ed6523587fc067da6a2dee237932c93
758b0de226a3a8a8f8811e68f8ba70fa7de99d43
ad4a1c37cfdfba3634c941a00dcc4db8f781c6759fd15d23fa9090c754438eb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 11:30:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9a156f9e1eec43fbfc3ea11e27aa3091
280292e0c5a0896c45598aa00e3fb607edf0b3a7
419b77a2c7ed19e8d086c82e3c9096d6ed2ab3032bba31afce0499ee83bc233a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 11:30:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
216.58.211.4200 OK 512 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 216.58.211.4:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash c3cc97fa7cbc4850e75c1e28018ce3ad
15bf0b677b4cf6854ae19432f28f54e238b1d306
ef290aac888916d113fdc1c2f62c56554fc6f791dfa45902b4172058cf442595
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 27 Jan 2023 11:30:22 GMT
date: Fri, 27 Jan 2023 11:30:22 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-cg_LLuhqP--SfKKHZ9FTKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4fed69565ceab3f7d13caae0921dcbc7
6619cd41cc183cbebd9eb0de90105bd7437fd8a3
06339124aa4a93d8811614cac0418fdbdc60cad00afc74ad798e257d10990e90
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "06339124AA4A93D8811614CAC0418FDBDC60CAD00AFC74AD798E257D10990E90"
Last-Modified: Wed, 25 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11863
Expires: Fri, 27 Jan 2023 14:48:06 GMT
Date: Fri, 27 Jan 2023 11:30:23 GMT
Connection: keep-alive
googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQtrWInAQYlq_Q3QEwAQ&v=APEucNVVshAoz6Ff6IKyGMtHUGGrnxJfT_ghJJoYe2KishJ_wLE5lvdnIjuqg3t8ICmJAHkeXvBEjSJU-P40fCUllHzi5J1ATOThoPjFGiLs9akYEx4OIXttc0DyQqzqdqqhKIAsmpd1ejsJ5ypoST5iHNuv4Mz2lihjpVXfIUP3M7k1noG-b54EVYKEu0jffM7IwX37tYfYXOV_qoByjBpADL0uGfLuqQ
172.217.21.162200 OK 0 B URL HTTP/2 googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQtrWInAQYlq_Q3QEwAQ&v=APEucNVVshAoz6Ff6IKyGMtHUGGrnxJfT_ghJJoYe2KishJ_wLE5lvdnIjuqg3t8ICmJAHkeXvBEjSJU-P40fCUllHzi5J1ATOThoPjFGiLs9akYEx4OIXttc0DyQqzqdqqhKIAsmpd1ejsJ5ypoST5iHNuv4Mz2lihjpVXfIUP3M7k1noG-b54EVYKEu0jffM7IwX37tYfYXOV_qoByjBpADL0uGfLuqQ
IP 172.217.21.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /xbbe/pixel?d=CO-t7QIQtrWInAQYlq_Q3QEwAQ&v=APEucNVVshAoz6Ff6IKyGMtHUGGrnxJfT_ghJJoYe2KishJ_wLE5lvdnIjuqg3t8ICmJAHkeXvBEjSJU-P40fCUllHzi5J1ATOThoPjFGiLs9akYEx4OIXttc0DyQqzqdqqhKIAsmpd1ejsJ5ypoST5iHNuv4Mz2lihjpVXfIUP3M7k1noG-b54EVYKEu0jffM7IwX37tYfYXOV_qoByjBpADL0uGfLuqQ HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b3b7764334149e2c11c22a0d325dac0c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 27 Jan 2023 11:30:23 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 27-Jan-2023 11:45:23 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 27 Jan 2023 11:30:23 GMT
cache-control: private
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQtrWInAQY_6zQ3QEwAQ&v=APEucNWx5FBzqofkdRt1iivDiA3mcx93cRgsHpXW4u0uBrMr1Wyk33D9Dp2xi25-0EzbsLvKVEiSyy0XVuVXyEMk99a5b-bKUQW0UslP8QGzEwKVesmRiPFA9sSPYbj2g9lv7xncGaIGRE4dTuqu_Fec8fV4ZD_ORdqqXvUC2ni0C3yAxb63v9mmV9RBwHZAPSVT5YSukpfoGMSrE8AbO33YiFFpRLENCw
172.217.21.162200 OK 0 B URL HTTP/2 googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQtrWInAQY_6zQ3QEwAQ&v=APEucNWx5FBzqofkdRt1iivDiA3mcx93cRgsHpXW4u0uBrMr1Wyk33D9Dp2xi25-0EzbsLvKVEiSyy0XVuVXyEMk99a5b-bKUQW0UslP8QGzEwKVesmRiPFA9sSPYbj2g9lv7xncGaIGRE4dTuqu_Fec8fV4ZD_ORdqqXvUC2ni0C3yAxb63v9mmV9RBwHZAPSVT5YSukpfoGMSrE8AbO33YiFFpRLENCw
IP 172.217.21.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /xbbe/pixel?d=CO-t7QIQtrWInAQY_6zQ3QEwAQ&v=APEucNWx5FBzqofkdRt1iivDiA3mcx93cRgsHpXW4u0uBrMr1Wyk33D9Dp2xi25-0EzbsLvKVEiSyy0XVuVXyEMk99a5b-bKUQW0UslP8QGzEwKVesmRiPFA9sSPYbj2g9lv7xncGaIGRE4dTuqu_Fec8fV4ZD_ORdqqXvUC2ni0C3yAxb63v9mmV9RBwHZAPSVT5YSukpfoGMSrE8AbO33YiFFpRLENCw HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b3b7764334149e2c11c22a0d325dac0c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 27 Jan 2023 11:30:23 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 27-Jan-2023 11:45:23 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 27 Jan 2023 11:30:23 GMT
cache-control: private
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQtrWInAQYlq_Q3QEwAQ&v=APEucNUvdzOYRhljxtzp7Hj8fGlvruHKvWNGmssYcQ4Q27YwudsSEp2mbPu_nL13WNKxMfI9pkkbMGO2299wro1kpeSajmGCt-o38LpuIppOtRKgzqT4IZ50ydZkk2n9WnPUivg3YHIoG64LFjQIsfep_vn2hrqGoqAftU7pITFc2Q8nKARe6MEc7IM7XdExbXxvpmtwlj-Z0O6bg3xxl0ATPO1PZFtyTw
172.217.21.162200 OK 0 B URL HTTP/2 googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQtrWInAQYlq_Q3QEwAQ&v=APEucNUvdzOYRhljxtzp7Hj8fGlvruHKvWNGmssYcQ4Q27YwudsSEp2mbPu_nL13WNKxMfI9pkkbMGO2299wro1kpeSajmGCt-o38LpuIppOtRKgzqT4IZ50ydZkk2n9WnPUivg3YHIoG64LFjQIsfep_vn2hrqGoqAftU7pITFc2Q8nKARe6MEc7IM7XdExbXxvpmtwlj-Z0O6bg3xxl0ATPO1PZFtyTw
IP 172.217.21.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /xbbe/pixel?d=CO-t7QIQtrWInAQYlq_Q3QEwAQ&v=APEucNUvdzOYRhljxtzp7Hj8fGlvruHKvWNGmssYcQ4Q27YwudsSEp2mbPu_nL13WNKxMfI9pkkbMGO2299wro1kpeSajmGCt-o38LpuIppOtRKgzqT4IZ50ydZkk2n9WnPUivg3YHIoG64LFjQIsfep_vn2hrqGoqAftU7pITFc2Q8nKARe6MEc7IM7XdExbXxvpmtwlj-Z0O6bg3xxl0ATPO1PZFtyTw HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b3b7764334149e2c11c22a0d325dac0c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 27 Jan 2023 11:30:23 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 27-Jan-2023 11:45:23 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 27 Jan 2023 11:30:23 GMT
cache-control: private
X-Firefox-Spdy: h2
id5-sync.com/api/esp/increment?counter=no-config
162.19.138.116204 0 B URL HTTP/1.1 id5-sync.com/api/esp/increment?counter=no-config
IP 162.19.138.116:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/esp/increment?counter=no-config HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://upfilesurls.com
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://upfilesurls.com
access-control-allow-credentials: true
date: Fri, 27 Jan 2023 11:30:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 989fb9327b2601972eef5721628f6bad
83455ba2532c2f02266a96361bf72b1a5f168671
74282f54498ca09c54298d74f49cbc2058505e78c2545b9d5a8d000f04dab973
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 11:30:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 989fb9327b2601972eef5721628f6bad
83455ba2532c2f02266a96361bf72b1a5f168671
74282f54498ca09c54298d74f49cbc2058505e78c2545b9d5a8d000f04dab973
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 11:30:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 989fb9327b2601972eef5721628f6bad
83455ba2532c2f02266a96361bf72b1a5f168671
74282f54498ca09c54298d74f49cbc2058505e78c2545b9d5a8d000f04dab973
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 11:30:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 989fb9327b2601972eef5721628f6bad
83455ba2532c2f02266a96361bf72b1a5f168671
74282f54498ca09c54298d74f49cbc2058505e78c2545b9d5a8d000f04dab973
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 11:30:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 989fb9327b2601972eef5721628f6bad
83455ba2532c2f02266a96361bf72b1a5f168671
74282f54498ca09c54298d74f49cbc2058505e78c2545b9d5a8d000f04dab973
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 11:30:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.ampproject.org/rtv/012301112346000/amp4ads-v0.mjs
142.250.74.161200 OK 62 kB URL HTTP/2 cdn.ampproject.org/rtv/012301112346000/amp4ads-v0.mjs
IP 142.250.74.161:0
File type Unicode text, UTF-8 text, with very long lines (65008)
Hash 27cf438fb43d91ae188ec660779545d6
8b9a4cafe884163806af638d24d38b3d3ebc9a4b
fbad1bda779d108b137b7ef98564a9538f866d3c20208c5c3f59f30be33e43ad
GET /rtv/012301112346000/amp4ads-v0.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 61771
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 18:11:05 GMT
expires: Tue, 23 Jan 2024 18:11:05 GMT
cache-control: public, max-age=31536000
etag: "004684fcaffa7679"
content-type: text/javascript; charset=UTF-8
age: 321558
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012301112346000/v0/amp-ad-exit-0.1.mjs
142.250.74.161200 OK 5.2 kB URL HTTP/2 cdn.ampproject.org/rtv/012301112346000/v0/amp-ad-exit-0.1.mjs
IP 142.250.74.161:0
File type ASCII text, with very long lines (14751)
Hash 8d4f7148a157a31d69df198119f15f6c
869d2edb3409f82d8da8690b3b6c7c4212466bf1
9e17a0f37428d7db29cea9973f978d4716aaa7581c2480e9c337efcc84def4bf
GET /rtv/012301112346000/v0/amp-ad-exit-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 5217
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 18:11:05 GMT
expires: Tue, 23 Jan 2024 18:11:05 GMT
cache-control: public, max-age=31536000
etag: "cee5c64b71634b65"
content-type: text/javascript; charset=UTF-8
age: 321558
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012301112346000/v0/amp-form-0.1.mjs
142.250.74.161200 OK 13 kB URL HTTP/2 cdn.ampproject.org/rtv/012301112346000/v0/amp-form-0.1.mjs
IP 142.250.74.161:0
File type Unicode text, UTF-8 text, with very long lines (41068)
Hash dac0049d10fef1c315153ac07254ffda
6282a0a8727d76cb0fe8267c7f1aac6646302ebc
e7d78a90fc0d890bd6da55f94658d31a587cca0247d81364b7a39a7f142772d1
GET /rtv/012301112346000/v0/amp-form-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 12955
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 18:11:08 GMT
expires: Tue, 23 Jan 2024 18:11:08 GMT
cache-control: public, max-age=31536000
etag: "ba03cd6134fdf15c"
content-type: text/javascript; charset=UTF-8
age: 321555
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012301112346000/v0/amp-fit-text-0.1.mjs
142.250.74.161200 OK 1.9 kB URL HTTP/2 cdn.ampproject.org/rtv/012301112346000/v0/amp-fit-text-0.1.mjs
IP 142.250.74.161:0
File type ASCII text, with very long lines (5021)
Hash 7fe5c160dceb250b352d5e11b7586036
0903f40a74a5805f6391a371509369de8e2e1c50
eaec033417fdbf02ec62fc0bf45d0bee3538e3e1722660a312cbe3e4dd60068f
GET /rtv/012301112346000/v0/amp-fit-text-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 1907
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 18:11:08 GMT
expires: Tue, 23 Jan 2024 18:11:08 GMT
cache-control: public, max-age=31536000
etag: "5788572ff662ddbc"
content-type: text/javascript; charset=UTF-8
age: 321555
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012301112346000/v0/amp-analytics-0.1.mjs
142.250.74.161200 OK 30 kB URL HTTP/2 cdn.ampproject.org/rtv/012301112346000/v0/amp-analytics-0.1.mjs
IP 142.250.74.161:0
Hash 26c80c96867154e144abe83ba844c455
78398ebb497f8ad12c2db5a3a3ef2ab3c963465b
640de2662d477e22829a8d6425bfd7cec2118b30fea8082d29c6120b744137af
GET /rtv/012301112346000/v0/amp-analytics-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 28839
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 18:11:05 GMT
expires: Tue, 23 Jan 2024 18:11:05 GMT
cache-control: public, max-age=31536000
etag: "22d781f17bba60c1"
content-type: text/javascript; charset=UTF-8
age: 321558
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
t.6sc.co/img.gif?event=imp&mcid=84455&cb=2080358525&pid=184934549&cid=29139965
104.85.176.46200 OK 43 B URL HTTP/1.1 t.6sc.co/img.gif?event=imp&mcid=84455&cb=2080358525&pid=184934549&cid=29139965
IP 104.85.176.46:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /img.gif?event=imp&mcid=84455&cb=2080358525&pid=184934549&cid=29139965 HTTP/1.1
Host: t.6sc.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b3b7764334149e2c11c22a0d325dac0c.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Content-Type: image/gif
ETag: "5e502814-2b"
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Last-Modified: Fri, 21 Feb 2020 18:57:24 GMT
Pragma: no-cache
Server: nginx/1.14.0 (Ubuntu)
X-Content-Type-Options: nosniff
Content-Length: 43
Date: Fri, 27 Jan 2023 11:30:23 GMT
Connection: keep-alive
Set-Cookie: 6suuid=98054917c6560000cfb5d363c9020000aeddc900; expires=Sun, 26-Jan-2025 11:30:23 GMT; path=/; domain=.6sc.co; SameSite=None; secure
Access-Control-Allow-Origin:
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST
t.6sc.co/img.gif?event=imp&mcid=84455&cb=3411822126&pid=184934549&cid=29139965
104.85.176.46200 OK 43 B URL HTTP/1.1 t.6sc.co/img.gif?event=imp&mcid=84455&cb=3411822126&pid=184934549&cid=29139965
IP 104.85.176.46:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /img.gif?event=imp&mcid=84455&cb=3411822126&pid=184934549&cid=29139965 HTTP/1.1
Host: t.6sc.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b3b7764334149e2c11c22a0d325dac0c.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Content-Type: image/gif
ETag: "615ccf16-2b"
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Last-Modified: Tue, 05 Oct 2021 22:17:58 GMT
Pragma: no-cache
Server: nginx/1.14.0 (Ubuntu)
X-Content-Type-Options: nosniff
Content-Length: 43
Date: Fri, 27 Jan 2023 11:30:23 GMT
Connection: keep-alive
Set-Cookie: 6suuid=98054917c6560000cfb5d363c8020000acddc900; expires=Sun, 26-Jan-2025 11:30:23 GMT; path=/; domain=.6sc.co; SameSite=None; secure
Access-Control-Allow-Origin:
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST
t.6sc.co/img.gif?event=imp&mcid=84453&cb=1778383799&pid=184934525&cid=29139965
104.85.176.46200 OK 43 B URL HTTP/1.1 t.6sc.co/img.gif?event=imp&mcid=84453&cb=1778383799&pid=184934525&cid=29139965
IP 104.85.176.46:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /img.gif?event=imp&mcid=84453&cb=1778383799&pid=184934525&cid=29139965 HTTP/1.1
Host: t.6sc.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b3b7764334149e2c11c22a0d325dac0c.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Content-Type: image/gif
ETag: "5e502814-2b"
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Last-Modified: Fri, 21 Feb 2020 18:57:24 GMT
Pragma: no-cache
Server: nginx/1.14.0 (Ubuntu)
X-Content-Type-Options: nosniff
Content-Length: 43
Date: Fri, 27 Jan 2023 11:30:23 GMT
Connection: keep-alive
Set-Cookie: 6suuid=98054917c6560000cfb5d363c8020000adddc900; expires=Sun, 26-Jan-2025 11:30:23 GMT; path=/; domain=.6sc.co; SameSite=None; secure
Access-Control-Allow-Origin:
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash de1ce1472f360bfdf03f16285d87afb1
8d66a92d67c015560d994ebb92243833afe21a6a
20056cf21ebb6b84a9e6bc2675baa121e9c4cc9456a8c2dbd0c8dcad7595af0d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 11:30:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash de1ce1472f360bfdf03f16285d87afb1
8d66a92d67c015560d994ebb92243833afe21a6a
20056cf21ebb6b84a9e6bc2675baa121e9c4cc9456a8c2dbd0c8dcad7595af0d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 11:30:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s0.2mdn.net/simgad/10795369584033242349
172.217.21.166200 OK 15 kB URL HTTP/2 s0.2mdn.net/simgad/10795369584033242349
IP 172.217.21.166:0
File type PNG image data, 728 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash 13c723b5e3dbc84204b7a2ed79d620e2
1f7f4ffc553df8878bcc98f8f956b38b3db94da2
f349924e355106c6db56d059b0f35e66ca205aaf214580b7f38d29a9e5787ea4
GET /simgad/10795369584033242349 HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b3b7764334149e2c11c22a0d325dac0c.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 15284
x-content-type-options: nosniff
x-dns-prefetch-control: off
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 23:36:33 GMT
expires: Fri, 26 Jan 2024 23:36:33 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 06 Jan 2023 14:16:25 GMT
content-type: image/png
age: 42831
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssitJBHVnF5NHXEfusZgF3Lsaki-Ai1XDj41NfcHnONTQVx-HG5jTowbrbgqcld8DLraWvEFLv4i0oMK1ciZA7l9YIHx8p1immIIB1ptaKser8j3h9crHLkdxP0JhwiD5XKfxqd9_aNqMHJ8eBn0TueJOoMDtc31JzvW6y_AIxO6DFiaGBOqhv_z_BCZ5hpC2u4nkMJYLpVR7AOIZdr95Jtk2ipj7_Z1C4ZxB67hSgdm6MPk09gT5UkzMyhAp_lfpDIsgqP2FZTXkpfzo4dfYzEWewudab8-TnzgOTB9_z9QCz8KS-K61in7MB561D7u_7UpuKhlPVU4gooHbX--WI-J61xQqfxKWZAWEwBJwirSRSjx1fs_-VbOiFMaLrdIbgn5_8Ra08TrcmT2XwxNYjRDhERqXmIxnxdTS_8pcW4KUZKm9qFpFD4fM0NvUofrdIST7zEwxZII8joLRUzW6CSFZG1dFLX2s3TlEMEmJ-p61uqQUKs8qvT6Jtwbi2a-UobjN4edyLp-s4SLcTBi1OK_P1cCXvkUb7OnofsjEuoVphZd29s70dEG2-Xp83_R6xuEDSrsTjQUFwQCAFjBjrqgkG_ikXgMPbRFtD_it9MZSuQti2-HXQ3ycc29EkQ-8nCaHaDLWn5ld3ixEQW9_lwDgyGiwsVLywY0arO59bniJ_kjsA-xaiOPKP0wA2NXHd17RfjfUnHcYDy4TlodToslkvJSXpgouQh7YsWUTVVDPtLr6j_cq4eftfihRb5SA0GyqemgLt1Jj3i542yo0qkWFs8Jouss_A5ykBlx-M6GztotQFRPdvUt2GSe60lWULPVtbv5JbfUp0s-FaM6BxGKARo7H1pCgsaWWpUEchLG5QYvWarTq6zrrUaMzhqpEq80H4BleMeJ8LKzTdR2RWtgUtkqXrNNnuy3gJImdD-lAeUzdVKklzVr-pTBh1ymRlUmp-RSmkcPJArwPWYO6xQWZQbFYAU7c9T5irlshd2i42vUgoBb9OskldR2q6UlOUr3Y9T0RfHEsGOhnv00aP35AW8ItO6POb28e-iQmoM1FjenSF1liy0sS18E6LUOo1gGMLfCWYPGj7jAfYblfKTycK5cNR2nHQNBesQjgpeSzeoWbVhq-gP_SJySoPhPe2xLyIdCUjlMBtCowE1oze7wt1NoQBiVkdNsW15-AOTbgqtUVsyWDpRPrYQ-o5CNVpvWAR8Miw&sai=AMfl-YRq27mxD9qtisOTMLzvnw6QIpjcD0w712XOoFk4F4QLofk3sezuWoHoUPf1Otbq0Vb2MojlXjwMDoZTMbkxA7nuyCZnJ0iyTpqG6EVdqzClZQKDXb7MsFHmCA72ox-yVstAu_Zdi9kRlonmUchqkaws9hr9KvPecZgg1vpFEl0e6vIab_8gONNnkO9qRPqlVTucA5SUBuPL6GwDOOYknw9gFTs0KGxXK95mA7HhtZHZGuIwwpBtcyI8VXBhncrTRC_de-JfeB2pE6VlfXZuNxXbN7ShHjn-LLAACwjkpj4MW-3b2-o&sig=Cg0ArKJSzGkPxs8Ynap8EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230124.02157&arae=0&ftch=1&adurl=
142.250.74.66200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssitJBHVnF5NHXEfusZgF3Lsaki-Ai1XDj41NfcHnONTQVx-HG5jTowbrbgqcld8DLraWvEFLv4i0oMK1ciZA7l9YIHx8p1immIIB1ptaKser8j3h9crHLkdxP0JhwiD5XKfxqd9_aNqMHJ8eBn0TueJOoMDtc31JzvW6y_AIxO6DFiaGBOqhv_z_BCZ5hpC2u4nkMJYLpVR7AOIZdr95Jtk2ipj7_Z1C4ZxB67hSgdm6MPk09gT5UkzMyhAp_lfpDIsgqP2FZTXkpfzo4dfYzEWewudab8-TnzgOTB9_z9QCz8KS-K61in7MB561D7u_7UpuKhlPVU4gooHbX--WI-J61xQqfxKWZAWEwBJwirSRSjx1fs_-VbOiFMaLrdIbgn5_8Ra08TrcmT2XwxNYjRDhERqXmIxnxdTS_8pcW4KUZKm9qFpFD4fM0NvUofrdIST7zEwxZII8joLRUzW6CSFZG1dFLX2s3TlEMEmJ-p61uqQUKs8qvT6Jtwbi2a-UobjN4edyLp-s4SLcTBi1OK_P1cCXvkUb7OnofsjEuoVphZd29s70dEG2-Xp83_R6xuEDSrsTjQUFwQCAFjBjrqgkG_ikXgMPbRFtD_it9MZSuQti2-HXQ3ycc29EkQ-8nCaHaDLWn5ld3ixEQW9_lwDgyGiwsVLywY0arO59bniJ_kjsA-xaiOPKP0wA2NXHd17RfjfUnHcYDy4TlodToslkvJSXpgouQh7YsWUTVVDPtLr6j_cq4eftfihRb5SA0GyqemgLt1Jj3i542yo0qkWFs8Jouss_A5ykBlx-M6GztotQFRPdvUt2GSe60lWULPVtbv5JbfUp0s-FaM6BxGKARo7H1pCgsaWWpUEchLG5QYvWarTq6zrrUaMzhqpEq80H4BleMeJ8LKzTdR2RWtgUtkqXrNNnuy3gJImdD-lAeUzdVKklzVr-pTBh1ymRlUmp-RSmkcPJArwPWYO6xQWZQbFYAU7c9T5irlshd2i42vUgoBb9OskldR2q6UlOUr3Y9T0RfHEsGOhnv00aP35AW8ItO6POb28e-iQmoM1FjenSF1liy0sS18E6LUOo1gGMLfCWYPGj7jAfYblfKTycK5cNR2nHQNBesQjgpeSzeoWbVhq-gP_SJySoPhPe2xLyIdCUjlMBtCowE1oze7wt1NoQBiVkdNsW15-AOTbgqtUVsyWDpRPrYQ-o5CNVpvWAR8Miw&sai=AMfl-YRq27mxD9qtisOTMLzvnw6QIpjcD0w712XOoFk4F4QLofk3sezuWoHoUPf1Otbq0Vb2MojlXjwMDoZTMbkxA7nuyCZnJ0iyTpqG6EVdqzClZQKDXb7MsFHmCA72ox-yVstAu_Zdi9kRlonmUchqkaws9hr9KvPecZgg1vpFEl0e6vIab_8gONNnkO9qRPqlVTucA5SUBuPL6GwDOOYknw9gFTs0KGxXK95mA7HhtZHZGuIwwpBtcyI8VXBhncrTRC_de-JfeB2pE6VlfXZuNxXbN7ShHjn-LLAACwjkpj4MW-3b2-o&sig=Cg0ArKJSzGkPxs8Ynap8EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230124.02157&arae=0&ftch=1&adurl=
IP 142.250.74.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjssitJBHVnF5NHXEfusZgF3Lsaki-Ai1XDj41NfcHnONTQVx-HG5jTowbrbgqcld8DLraWvEFLv4i0oMK1ciZA7l9YIHx8p1immIIB1ptaKser8j3h9crHLkdxP0JhwiD5XKfxqd9_aNqMHJ8eBn0TueJOoMDtc31JzvW6y_AIxO6DFiaGBOqhv_z_BCZ5hpC2u4nkMJYLpVR7AOIZdr95Jtk2ipj7_Z1C4ZxB67hSgdm6MPk09gT5UkzMyhAp_lfpDIsgqP2FZTXkpfzo4dfYzEWewudab8-TnzgOTB9_z9QCz8KS-K61in7MB561D7u_7UpuKhlPVU4gooHbX--WI-J61xQqfxKWZAWEwBJwirSRSjx1fs_-VbOiFMaLrdIbgn5_8Ra08TrcmT2XwxNYjRDhERqXmIxnxdTS_8pcW4KUZKm9qFpFD4fM0NvUofrdIST7zEwxZII8joLRUzW6CSFZG1dFLX2s3TlEMEmJ-p61uqQUKs8qvT6Jtwbi2a-UobjN4edyLp-s4SLcTBi1OK_P1cCXvkUb7OnofsjEuoVphZd29s70dEG2-Xp83_R6xuEDSrsTjQUFwQCAFjBjrqgkG_ikXgMPbRFtD_it9MZSuQti2-HXQ3ycc29EkQ-8nCaHaDLWn5ld3ixEQW9_lwDgyGiwsVLywY0arO59bniJ_kjsA-xaiOPKP0wA2NXHd17RfjfUnHcYDy4TlodToslkvJSXpgouQh7YsWUTVVDPtLr6j_cq4eftfihRb5SA0GyqemgLt1Jj3i542yo0qkWFs8Jouss_A5ykBlx-M6GztotQFRPdvUt2GSe60lWULPVtbv5JbfUp0s-FaM6BxGKARo7H1pCgsaWWpUEchLG5QYvWarTq6zrrUaMzhqpEq80H4BleMeJ8LKzTdR2RWtgUtkqXrNNnuy3gJImdD-lAeUzdVKklzVr-pTBh1ymRlUmp-RSmkcPJArwPWYO6xQWZQbFYAU7c9T5irlshd2i42vUgoBb9OskldR2q6UlOUr3Y9T0RfHEsGOhnv00aP35AW8ItO6POb28e-iQmoM1FjenSF1liy0sS18E6LUOo1gGMLfCWYPGj7jAfYblfKTycK5cNR2nHQNBesQjgpeSzeoWbVhq-gP_SJySoPhPe2xLyIdCUjlMBtCowE1oze7wt1NoQBiVkdNsW15-AOTbgqtUVsyWDpRPrYQ-o5CNVpvWAR8Miw&sai=AMfl-YRq27mxD9qtisOTMLzvnw6QIpjcD0w712XOoFk4F4QLofk3sezuWoHoUPf1Otbq0Vb2MojlXjwMDoZTMbkxA7nuyCZnJ0iyTpqG6EVdqzClZQKDXb7MsFHmCA72ox-yVstAu_Zdi9kRlonmUchqkaws9hr9KvPecZgg1vpFEl0e6vIab_8gONNnkO9qRPqlVTucA5SUBuPL6GwDOOYknw9gFTs0KGxXK95mA7HhtZHZGuIwwpBtcyI8VXBhncrTRC_de-JfeB2pE6VlfXZuNxXbN7ShHjn-LLAACwjkpj4MW-3b2-o&sig=Cg0ArKJSzGkPxs8Ynap8EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230124.02157&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b3b7764334149e2c11c22a0d325dac0c.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-security-policy: script-src 'none'; object-src 'none'
access-control-allow-origin: *
cache-control: private
content-type: image/gif
x-content-type-options: nosniff
date: Fri, 27 Jan 2023 11:30:24 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 27-Jan-2023 11:45:24 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 27 Jan 2023 11:30:24 GMT
X-Firefox-Spdy: h2
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssiHF9b2R2tAJFUzfK2g7XS63z35k2Men4p43_ji_IOdkJexKnNVHNKea_RV6KCRM5ONqozcPt4GJVfZm2Us0FtRNRzZE6I1ZE9WgEdLsA7RpHd9EUSclXu4lqqXZOAxpTR0ahuqFei8t-vroYvrrIFHvjBEzcAhF1tlhc5NFbflI3vD_odiBrlxnyNhbD5_Kk8VRXEfjXMgJJ-0kn72XULk8nd1YnSJfT00wkAkzWdESMR5amF-rhcSv1PUKhFGQ56AAFpDHaWLwDCXIM1ysUwIjohCN_3CfksyQcSOLhS4JguPv8C5XbZYo3R8JyCujyZ32RfK5QIMMREWe9byjdYzyoAq54rWCZkrvoW60iwzvQ-bQwqMhgzyRyPgNqzmsjXdxg19-uc2YqVWFqDvYM3fqrZ8Jz8pg9afJx8zcqTBdO5_HL0fzLRqS6pjBSgnfxUBzZTkDe1KPXzfHDFYgvQWTCQcADiZOwi-3OhBbgKfJvAQtOlQnKKAzozowqTXtYyHwnhtubjE4eXhHvPgpnjqaKxzQZDtoQtzkDF6CRQZ-D3TETvWd8QEHD3I1GbJebxd1YYw0TnZ7Sde5FUoceNmMHItcanWJtqqV8eK39gMm9ag2IuLmSmIKFvPiKGIubuGllVYWueOcKwxuwBa6cmFmhdQ9FZNXkTGV2m0VMVmIebMBVFP_NRBPNOQZI-qkGec4Oz8C7W4lD5S5tFUT_At-JQjBzDlNO2xbKmmwqVCqvK44--orLFpsOs7qdGxuYe9Pw9B16AUSc7jK3i6Vv1rlCe3aZOJ0uQLTReJ4yn4OOH1_xyGU4mg-wGAQuDb7QhD7kY3jFwHkJNX-giMWW3Hqj5n2OUyEQEN_8E7_ycYiLVsvuz3O_-gtftNYtPI6i1zjPQ0P46UYosl2d4Sf4-akzJU11jRj84l3ztRt9s_zk6hTrzNTHcJpqoB0w-6KkleYCchs2KW9J8zxFD2nf6t0HrddBiNflCM_zjRXb-sw3_LupNP1MtD4enh6gzqwYgwVjFXzqEZqyIOr2LZKx7ren9bnM4Jt7zOJ9571HpVOy_0ubhubWq8qFllCAG4ky5Vkp35eHuyw8YQgHnZmYbo7lopgqzzgUnB5iQgXpaGBHFIThFVV5vM9AZFkYMcJf3TIMW2C9tHAgqunsdYfZACrAPeCyHQnMdZQSwVkVmtmij5pyMg7KChCTjR-t1fcodXcrQTbA&sai=AMfl-YTkwGPnNFn3TlHm1ic-NmuKtYhZAjBN6HNtS1USoJt-MUwFAnWxwIwUUFb1i7pfT5TXFIWbPzToniyyIbDLnTC23wpuNVhcAo3Proj0-OMHBga0TWBW422ofDaKpcA0TJALuznFm2QoKF0CC5u1xnA67Zr_a5w5ajYUzraFG8jdr1d23wmvVBXZWK2X8Gtr-NW-rlV4sQ6yUgXZvdqkraJmgMwThCcJMKTITF0lhtXxLd4NeBlUcCqyrQDKBjv1ou99Pkyze8HUoT5ibg7i7u5Y1ix-VAllPHsJ2EzUuB2nphGrmT4&sig=Cg0ArKJSzOJDMgOZ2ZaoEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=1&cisv=r20230124.90632&arae=0&ftch=1&adurl=
142.250.74.66200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssiHF9b2R2tAJFUzfK2g7XS63z35k2Men4p43_ji_IOdkJexKnNVHNKea_RV6KCRM5ONqozcPt4GJVfZm2Us0FtRNRzZE6I1ZE9WgEdLsA7RpHd9EUSclXu4lqqXZOAxpTR0ahuqFei8t-vroYvrrIFHvjBEzcAhF1tlhc5NFbflI3vD_odiBrlxnyNhbD5_Kk8VRXEfjXMgJJ-0kn72XULk8nd1YnSJfT00wkAkzWdESMR5amF-rhcSv1PUKhFGQ56AAFpDHaWLwDCXIM1ysUwIjohCN_3CfksyQcSOLhS4JguPv8C5XbZYo3R8JyCujyZ32RfK5QIMMREWe9byjdYzyoAq54rWCZkrvoW60iwzvQ-bQwqMhgzyRyPgNqzmsjXdxg19-uc2YqVWFqDvYM3fqrZ8Jz8pg9afJx8zcqTBdO5_HL0fzLRqS6pjBSgnfxUBzZTkDe1KPXzfHDFYgvQWTCQcADiZOwi-3OhBbgKfJvAQtOlQnKKAzozowqTXtYyHwnhtubjE4eXhHvPgpnjqaKxzQZDtoQtzkDF6CRQZ-D3TETvWd8QEHD3I1GbJebxd1YYw0TnZ7Sde5FUoceNmMHItcanWJtqqV8eK39gMm9ag2IuLmSmIKFvPiKGIubuGllVYWueOcKwxuwBa6cmFmhdQ9FZNXkTGV2m0VMVmIebMBVFP_NRBPNOQZI-qkGec4Oz8C7W4lD5S5tFUT_At-JQjBzDlNO2xbKmmwqVCqvK44--orLFpsOs7qdGxuYe9Pw9B16AUSc7jK3i6Vv1rlCe3aZOJ0uQLTReJ4yn4OOH1_xyGU4mg-wGAQuDb7QhD7kY3jFwHkJNX-giMWW3Hqj5n2OUyEQEN_8E7_ycYiLVsvuz3O_-gtftNYtPI6i1zjPQ0P46UYosl2d4Sf4-akzJU11jRj84l3ztRt9s_zk6hTrzNTHcJpqoB0w-6KkleYCchs2KW9J8zxFD2nf6t0HrddBiNflCM_zjRXb-sw3_LupNP1MtD4enh6gzqwYgwVjFXzqEZqyIOr2LZKx7ren9bnM4Jt7zOJ9571HpVOy_0ubhubWq8qFllCAG4ky5Vkp35eHuyw8YQgHnZmYbo7lopgqzzgUnB5iQgXpaGBHFIThFVV5vM9AZFkYMcJf3TIMW2C9tHAgqunsdYfZACrAPeCyHQnMdZQSwVkVmtmij5pyMg7KChCTjR-t1fcodXcrQTbA&sai=AMfl-YTkwGPnNFn3TlHm1ic-NmuKtYhZAjBN6HNtS1USoJt-MUwFAnWxwIwUUFb1i7pfT5TXFIWbPzToniyyIbDLnTC23wpuNVhcAo3Proj0-OMHBga0TWBW422ofDaKpcA0TJALuznFm2QoKF0CC5u1xnA67Zr_a5w5ajYUzraFG8jdr1d23wmvVBXZWK2X8Gtr-NW-rlV4sQ6yUgXZvdqkraJmgMwThCcJMKTITF0lhtXxLd4NeBlUcCqyrQDKBjv1ou99Pkyze8HUoT5ibg7i7u5Y1ix-VAllPHsJ2EzUuB2nphGrmT4&sig=Cg0ArKJSzOJDMgOZ2ZaoEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=1&cisv=r20230124.90632&arae=0&ftch=1&adurl=
IP 142.250.74.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjssiHF9b2R2tAJFUzfK2g7XS63z35k2Men4p43_ji_IOdkJexKnNVHNKea_RV6KCRM5ONqozcPt4GJVfZm2Us0FtRNRzZE6I1ZE9WgEdLsA7RpHd9EUSclXu4lqqXZOAxpTR0ahuqFei8t-vroYvrrIFHvjBEzcAhF1tlhc5NFbflI3vD_odiBrlxnyNhbD5_Kk8VRXEfjXMgJJ-0kn72XULk8nd1YnSJfT00wkAkzWdESMR5amF-rhcSv1PUKhFGQ56AAFpDHaWLwDCXIM1ysUwIjohCN_3CfksyQcSOLhS4JguPv8C5XbZYo3R8JyCujyZ32RfK5QIMMREWe9byjdYzyoAq54rWCZkrvoW60iwzvQ-bQwqMhgzyRyPgNqzmsjXdxg19-uc2YqVWFqDvYM3fqrZ8Jz8pg9afJx8zcqTBdO5_HL0fzLRqS6pjBSgnfxUBzZTkDe1KPXzfHDFYgvQWTCQcADiZOwi-3OhBbgKfJvAQtOlQnKKAzozowqTXtYyHwnhtubjE4eXhHvPgpnjqaKxzQZDtoQtzkDF6CRQZ-D3TETvWd8QEHD3I1GbJebxd1YYw0TnZ7Sde5FUoceNmMHItcanWJtqqV8eK39gMm9ag2IuLmSmIKFvPiKGIubuGllVYWueOcKwxuwBa6cmFmhdQ9FZNXkTGV2m0VMVmIebMBVFP_NRBPNOQZI-qkGec4Oz8C7W4lD5S5tFUT_At-JQjBzDlNO2xbKmmwqVCqvK44--orLFpsOs7qdGxuYe9Pw9B16AUSc7jK3i6Vv1rlCe3aZOJ0uQLTReJ4yn4OOH1_xyGU4mg-wGAQuDb7QhD7kY3jFwHkJNX-giMWW3Hqj5n2OUyEQEN_8E7_ycYiLVsvuz3O_-gtftNYtPI6i1zjPQ0P46UYosl2d4Sf4-akzJU11jRj84l3ztRt9s_zk6hTrzNTHcJpqoB0w-6KkleYCchs2KW9J8zxFD2nf6t0HrddBiNflCM_zjRXb-sw3_LupNP1MtD4enh6gzqwYgwVjFXzqEZqyIOr2LZKx7ren9bnM4Jt7zOJ9571HpVOy_0ubhubWq8qFllCAG4ky5Vkp35eHuyw8YQgHnZmYbo7lopgqzzgUnB5iQgXpaGBHFIThFVV5vM9AZFkYMcJf3TIMW2C9tHAgqunsdYfZACrAPeCyHQnMdZQSwVkVmtmij5pyMg7KChCTjR-t1fcodXcrQTbA&sai=AMfl-YTkwGPnNFn3TlHm1ic-NmuKtYhZAjBN6HNtS1USoJt-MUwFAnWxwIwUUFb1i7pfT5TXFIWbPzToniyyIbDLnTC23wpuNVhcAo3Proj0-OMHBga0TWBW422ofDaKpcA0TJALuznFm2QoKF0CC5u1xnA67Zr_a5w5ajYUzraFG8jdr1d23wmvVBXZWK2X8Gtr-NW-rlV4sQ6yUgXZvdqkraJmgMwThCcJMKTITF0lhtXxLd4NeBlUcCqyrQDKBjv1ou99Pkyze8HUoT5ibg7i7u5Y1ix-VAllPHsJ2EzUuB2nphGrmT4&sig=Cg0ArKJSzOJDMgOZ2ZaoEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=1&cisv=r20230124.90632&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b3b7764334149e2c11c22a0d325dac0c.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-security-policy: script-src 'none'; object-src 'none'
access-control-allow-origin: *
cache-control: private
content-type: image/gif
x-content-type-options: nosniff
date: Fri, 27 Jan 2023 11:30:24 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 27-Jan-2023 11:45:24 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 27 Jan 2023 11:30:24 GMT
X-Firefox-Spdy: h2
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvh1G0QOD60w1hI6t1jdfAp06ng1g2GUVDa27E3RyLGWMFBWx1kQH1vFHxDLoCcdTRX5YMiQP7l9CeuAq78iXP278oTojvQoEDeoEhRzBoroJQ88SxDjP8qRl29lJYEIepOBj8Xl1nwHUToCSN9fLgYkdACr7tppGnrQ5ov4UKxVHCfLHABAfrNOQRirlwWmduejksSPxV1i39_uupz94qqVZ4LtXFY9T14GFMHCfFireXc2RrutF-KmzaJCblLuC9tCT2__j_PdsNKHMiN3NH-qANXAE5-le4goI8gGOVNtlM_8qc-QYNk-T8qg8s8v1v6zJR_WnJtMBnuf12OXQmhypmz5c4XcwnlWJLgw9aN7YCS6zR9fJCYFGFt8JjizZ07JBe5CCgqXzNMx5c428oOoZRrK-Mvv8jHNZEQs5eoPZgeirOL7jnL7YLo2NWoyc17dHSFCeWvWP47PMTzwN--hDdpigfj9rDLFYya63t3Eg5T3il4eOTezRtp4CgBpkaNR69arNdqgtwTJw_GzYWxMTmQth0I6k5a_113tG_Dp_9bi_hdkJwuIGM81vY_MFcuTuCV57UahAF8330Slyhi-4obl-8mOSHpcCRFwF5bMoRYPZrQcgBWngZzHrijzGz9dBIJi07_85lahq0VK5gLnlrjBMNggyDHEl5gHoPBv4CXS8SZY0bvqtmemsAigkes1AmG4rO-Ljpm8YQ9S3EZc7gGTjCfNFa2QhGbAOCyOU4GRQNLjsanBO0lbOfe4C4uf6Fd-XpdEDlO-WjTb1ydZisaPz-umoLWz0ThCIifyUriOxUKrKd0s0ZAHrliC5vqGGCjjRDBV9q5NwWC06p2xKQ7gmsHjNOhCygE-6bgKYFiWsOTvP-vFytZYgAjZEMPymK-DvEcCtwhK5mIt99q6AXNdszEBHhqb8jP8PLWg1ZRFndGTdn-dpRe7qu90OLadeVyL4g7qBZP1-ZLCg3hgqBIbLXg1po2BozJgqRxN9z1mZy2rC57suXoBUDU_0chk3YhdXgPjRHLjfCZvQ7b2XrEAmvQ8T8KjIIeHK1rP304KjIzhwSLH1sdy22LplJJGLV_NHX58JbWS0mIJLc0ML1ezYDRJEgHCOOWAKzrDzvW4PGLk4aYXFiqgVELdKDEBAEnLIxtdqb6Id7Z4cLQ5E2tO1bg8qmCIVZqOTVNVzoBVsB9hp5WL9tuPziMdq8cp-0L&sai=AMfl-YRzA3UoUKw40ia3DVU8JNVYQF7eqr-Cwjx7T5t-skfWBZZUQMkE7Vbdb_8XNY-4z8MVWnjv9Ulwu0D4T81Znvzm6PuptSLVnNWB9214mw81S_2jJ43XHteExjzw5XeUrpf2h740K4YZmL2CNt-IS96UW1eQr4OkHVKkSEn0ozVoq1Tb8apsX0-EzMsEJfLgPXjSGuf6WdpoaO9zfYismAGYa4VSgE7VmNDa0tUXC41-8NB3lHQleNDtgb_y_oyGxHUiX4QUcYgzxh-2OeuyvqcTk_0wDbGGWwwmmYsjX4YgA0Nn7PE&sig=Cg0ArKJSzKssbaKCr3F9EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230124.61454&arae=0&ftch=1&adurl=
142.250.74.66200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvh1G0QOD60w1hI6t1jdfAp06ng1g2GUVDa27E3RyLGWMFBWx1kQH1vFHxDLoCcdTRX5YMiQP7l9CeuAq78iXP278oTojvQoEDeoEhRzBoroJQ88SxDjP8qRl29lJYEIepOBj8Xl1nwHUToCSN9fLgYkdACr7tppGnrQ5ov4UKxVHCfLHABAfrNOQRirlwWmduejksSPxV1i39_uupz94qqVZ4LtXFY9T14GFMHCfFireXc2RrutF-KmzaJCblLuC9tCT2__j_PdsNKHMiN3NH-qANXAE5-le4goI8gGOVNtlM_8qc-QYNk-T8qg8s8v1v6zJR_WnJtMBnuf12OXQmhypmz5c4XcwnlWJLgw9aN7YCS6zR9fJCYFGFt8JjizZ07JBe5CCgqXzNMx5c428oOoZRrK-Mvv8jHNZEQs5eoPZgeirOL7jnL7YLo2NWoyc17dHSFCeWvWP47PMTzwN--hDdpigfj9rDLFYya63t3Eg5T3il4eOTezRtp4CgBpkaNR69arNdqgtwTJw_GzYWxMTmQth0I6k5a_113tG_Dp_9bi_hdkJwuIGM81vY_MFcuTuCV57UahAF8330Slyhi-4obl-8mOSHpcCRFwF5bMoRYPZrQcgBWngZzHrijzGz9dBIJi07_85lahq0VK5gLnlrjBMNggyDHEl5gHoPBv4CXS8SZY0bvqtmemsAigkes1AmG4rO-Ljpm8YQ9S3EZc7gGTjCfNFa2QhGbAOCyOU4GRQNLjsanBO0lbOfe4C4uf6Fd-XpdEDlO-WjTb1ydZisaPz-umoLWz0ThCIifyUriOxUKrKd0s0ZAHrliC5vqGGCjjRDBV9q5NwWC06p2xKQ7gmsHjNOhCygE-6bgKYFiWsOTvP-vFytZYgAjZEMPymK-DvEcCtwhK5mIt99q6AXNdszEBHhqb8jP8PLWg1ZRFndGTdn-dpRe7qu90OLadeVyL4g7qBZP1-ZLCg3hgqBIbLXg1po2BozJgqRxN9z1mZy2rC57suXoBUDU_0chk3YhdXgPjRHLjfCZvQ7b2XrEAmvQ8T8KjIIeHK1rP304KjIzhwSLH1sdy22LplJJGLV_NHX58JbWS0mIJLc0ML1ezYDRJEgHCOOWAKzrDzvW4PGLk4aYXFiqgVELdKDEBAEnLIxtdqb6Id7Z4cLQ5E2tO1bg8qmCIVZqOTVNVzoBVsB9hp5WL9tuPziMdq8cp-0L&sai=AMfl-YRzA3UoUKw40ia3DVU8JNVYQF7eqr-Cwjx7T5t-skfWBZZUQMkE7Vbdb_8XNY-4z8MVWnjv9Ulwu0D4T81Znvzm6PuptSLVnNWB9214mw81S_2jJ43XHteExjzw5XeUrpf2h740K4YZmL2CNt-IS96UW1eQr4OkHVKkSEn0ozVoq1Tb8apsX0-EzMsEJfLgPXjSGuf6WdpoaO9zfYismAGYa4VSgE7VmNDa0tUXC41-8NB3lHQleNDtgb_y_oyGxHUiX4QUcYgzxh-2OeuyvqcTk_0wDbGGWwwmmYsjX4YgA0Nn7PE&sig=Cg0ArKJSzKssbaKCr3F9EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230124.61454&arae=0&ftch=1&adurl=
IP 142.250.74.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjsvh1G0QOD60w1hI6t1jdfAp06ng1g2GUVDa27E3RyLGWMFBWx1kQH1vFHxDLoCcdTRX5YMiQP7l9CeuAq78iXP278oTojvQoEDeoEhRzBoroJQ88SxDjP8qRl29lJYEIepOBj8Xl1nwHUToCSN9fLgYkdACr7tppGnrQ5ov4UKxVHCfLHABAfrNOQRirlwWmduejksSPxV1i39_uupz94qqVZ4LtXFY9T14GFMHCfFireXc2RrutF-KmzaJCblLuC9tCT2__j_PdsNKHMiN3NH-qANXAE5-le4goI8gGOVNtlM_8qc-QYNk-T8qg8s8v1v6zJR_WnJtMBnuf12OXQmhypmz5c4XcwnlWJLgw9aN7YCS6zR9fJCYFGFt8JjizZ07JBe5CCgqXzNMx5c428oOoZRrK-Mvv8jHNZEQs5eoPZgeirOL7jnL7YLo2NWoyc17dHSFCeWvWP47PMTzwN--hDdpigfj9rDLFYya63t3Eg5T3il4eOTezRtp4CgBpkaNR69arNdqgtwTJw_GzYWxMTmQth0I6k5a_113tG_Dp_9bi_hdkJwuIGM81vY_MFcuTuCV57UahAF8330Slyhi-4obl-8mOSHpcCRFwF5bMoRYPZrQcgBWngZzHrijzGz9dBIJi07_85lahq0VK5gLnlrjBMNggyDHEl5gHoPBv4CXS8SZY0bvqtmemsAigkes1AmG4rO-Ljpm8YQ9S3EZc7gGTjCfNFa2QhGbAOCyOU4GRQNLjsanBO0lbOfe4C4uf6Fd-XpdEDlO-WjTb1ydZisaPz-umoLWz0ThCIifyUriOxUKrKd0s0ZAHrliC5vqGGCjjRDBV9q5NwWC06p2xKQ7gmsHjNOhCygE-6bgKYFiWsOTvP-vFytZYgAjZEMPymK-DvEcCtwhK5mIt99q6AXNdszEBHhqb8jP8PLWg1ZRFndGTdn-dpRe7qu90OLadeVyL4g7qBZP1-ZLCg3hgqBIbLXg1po2BozJgqRxN9z1mZy2rC57suXoBUDU_0chk3YhdXgPjRHLjfCZvQ7b2XrEAmvQ8T8KjIIeHK1rP304KjIzhwSLH1sdy22LplJJGLV_NHX58JbWS0mIJLc0ML1ezYDRJEgHCOOWAKzrDzvW4PGLk4aYXFiqgVELdKDEBAEnLIxtdqb6Id7Z4cLQ5E2tO1bg8qmCIVZqOTVNVzoBVsB9hp5WL9tuPziMdq8cp-0L&sai=AMfl-YRzA3UoUKw40ia3DVU8JNVYQF7eqr-Cwjx7T5t-skfWBZZUQMkE7Vbdb_8XNY-4z8MVWnjv9Ulwu0D4T81Znvzm6PuptSLVnNWB9214mw81S_2jJ43XHteExjzw5XeUrpf2h740K4YZmL2CNt-IS96UW1eQr4OkHVKkSEn0ozVoq1Tb8apsX0-EzMsEJfLgPXjSGuf6WdpoaO9zfYismAGYa4VSgE7VmNDa0tUXC41-8NB3lHQleNDtgb_y_oyGxHUiX4QUcYgzxh-2OeuyvqcTk_0wDbGGWwwmmYsjX4YgA0Nn7PE&sig=Cg0ArKJSzKssbaKCr3F9EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230124.61454&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b3b7764334149e2c11c22a0d325dac0c.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-security-policy: script-src 'none'; object-src 'none'
access-control-allow-origin: *
cache-control: private
content-type: image/gif
x-content-type-options: nosniff
date: Fri, 27 Jan 2023 11:30:24 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 27-Jan-2023 11:45:24 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 27 Jan 2023 11:30:24 GMT
X-Firefox-Spdy: h2
s0.2mdn.net/simgad/7143379837461343859
172.217.21.166200 OK 16 kB URL HTTP/2 s0.2mdn.net/simgad/7143379837461343859
IP 172.217.21.166:0
File type PNG image data, 728 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash a57414bcb99a8969d840c72d664a9b27
583c240cdd4c30ff45d03e80dd172aa1ee20697d
cd03bdc61dea2a17390c6848f68054ce4d4f763b39418d8158f825b702c4a9db
GET /simgad/7143379837461343859 HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b3b7764334149e2c11c22a0d325dac0c.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 15612
x-content-type-options: nosniff
x-dns-prefetch-control: off
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 04:19:44 GMT
expires: Sat, 27 Jan 2024 04:19:44 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 06 Jan 2023 14:16:12 GMT
content-type: image/png
age: 25840
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash de1ce1472f360bfdf03f16285d87afb1
8d66a92d67c015560d994ebb92243833afe21a6a
20056cf21ebb6b84a9e6bc2675baa121e9c4cc9456a8c2dbd0c8dcad7595af0d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 11:30:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssiHF9b2R2tAJFUzfK2g7XS63z35k2Men4p43_ji_IOdkJexKnNVHNKea_RV6KCRM5ONqozcPt4GJVfZm2Us0FtRNRzZE6I1ZE9WgEdLsA7RpHd9EUSclXu4lqqXZOAxpTR0ahuqFei8t-vroYvrrIFHvjBEzcAhF1tlhc5NFbflI3vD_odiBrlxnyNhbD5_Kk8VRXEfjXMgJJ-0kn72XULk8nd1YnSJfT00wkAkzWdESMR5amF-rhcSv1PUKhFGQ56AAFpDHaWLwDCXIM1ysUwIjohCN_3CfksyQcSOLhS4JguPv8C5XbZYo3R8JyCujyZ32RfK5QIMMREWe9byjdYzyoAq54rWCZkrvoW60iwzvQ-bQwqMhgzyRyPgNqzmsjXdxg19-uc2YqVWFqDvYM3fqrZ8Jz8pg9afJx8zcqTBdO5_HL0fzLRqS6pjBSgnfxUBzZTkDe1KPXzfHDFYgvQWTCQcADiZOwi-3OhBbgKfJvAQtOlQnKKAzozowqTXtYyHwnhtubjE4eXhHvPgpnjqaKxzQZDtoQtzkDF6CRQZ-D3TETvWd8QEHD3I1GbJebxd1YYw0TnZ7Sde5FUoceNmMHItcanWJtqqV8eK39gMm9ag2IuLmSmIKFvPiKGIubuGllVYWueOcKwxuwBa6cmFmhdQ9FZNXkTGV2m0VMVmIebMBVFP_NRBPNOQZI-qkGec4Oz8C7W4lD5S5tFUT_At-JQjBzDlNO2xbKmmwqVCqvK44--orLFpsOs7qdGxuYe9Pw9B16AUSc7jK3i6Vv1rlCe3aZOJ0uQLTReJ4yn4OOH1_xyGU4mg-wGAQuDb7QhD7kY3jFwHkJNX-giMWW3Hqj5n2OUyEQEN_8E7_ycYiLVsvuz3O_-gtftNYtPI6i1zjPQ0P46UYosl2d4Sf4-akzJU11jRj84l3ztRt9s_zk6hTrzNTHcJpqoB0w-6KkleYCchs2KW9J8zxFD2nf6t0HrddBiNflCM_zjRXb-sw3_LupNP1MtD4enh6gzqwYgwVjFXzqEZqyIOr2LZKx7ren9bnM4Jt7zOJ9571HpVOy_0ubhubWq8qFllCAG4ky5Vkp35eHuyw8YQgHnZmYbo7lopgqzzgUnB5iQgXpaGBHFIThFVV5vM9AZFkYMcJf3TIMW2C9tHAgqunsdYfZACrAPeCyHQnMdZQSwVkVmtmij5pyMg7KChCTjR-t1fcodXcrQTbA&sai=AMfl-YTkwGPnNFn3TlHm1ic-NmuKtYhZAjBN6HNtS1USoJt-MUwFAnWxwIwUUFb1i7pfT5TXFIWbPzToniyyIbDLnTC23wpuNVhcAo3Proj0-OMHBga0TWBW422ofDaKpcA0TJALuznFm2QoKF0CC5u1xnA67Zr_a5w5ajYUzraFG8jdr1d23wmvVBXZWK2X8Gtr-NW-rlV4sQ6yUgXZvdqkraJmgMwThCcJMKTITF0lhtXxLd4NeBlUcCqyrQDKBjv1ou99Pkyze8HUoT5ibg7i7u5Y1ix-VAllPHsJ2EzUuB2nphGrmT4&sig=Cg0ArKJSzOJDMgOZ2ZaoEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=817&vt=11&dtpt=815&dett=2&cstd=1&cisv=r20230124.90632&arae=0&ftch=1&adurl=
142.250.74.66200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssiHF9b2R2tAJFUzfK2g7XS63z35k2Men4p43_ji_IOdkJexKnNVHNKea_RV6KCRM5ONqozcPt4GJVfZm2Us0FtRNRzZE6I1ZE9WgEdLsA7RpHd9EUSclXu4lqqXZOAxpTR0ahuqFei8t-vroYvrrIFHvjBEzcAhF1tlhc5NFbflI3vD_odiBrlxnyNhbD5_Kk8VRXEfjXMgJJ-0kn72XULk8nd1YnSJfT00wkAkzWdESMR5amF-rhcSv1PUKhFGQ56AAFpDHaWLwDCXIM1ysUwIjohCN_3CfksyQcSOLhS4JguPv8C5XbZYo3R8JyCujyZ32RfK5QIMMREWe9byjdYzyoAq54rWCZkrvoW60iwzvQ-bQwqMhgzyRyPgNqzmsjXdxg19-uc2YqVWFqDvYM3fqrZ8Jz8pg9afJx8zcqTBdO5_HL0fzLRqS6pjBSgnfxUBzZTkDe1KPXzfHDFYgvQWTCQcADiZOwi-3OhBbgKfJvAQtOlQnKKAzozowqTXtYyHwnhtubjE4eXhHvPgpnjqaKxzQZDtoQtzkDF6CRQZ-D3TETvWd8QEHD3I1GbJebxd1YYw0TnZ7Sde5FUoceNmMHItcanWJtqqV8eK39gMm9ag2IuLmSmIKFvPiKGIubuGllVYWueOcKwxuwBa6cmFmhdQ9FZNXkTGV2m0VMVmIebMBVFP_NRBPNOQZI-qkGec4Oz8C7W4lD5S5tFUT_At-JQjBzDlNO2xbKmmwqVCqvK44--orLFpsOs7qdGxuYe9Pw9B16AUSc7jK3i6Vv1rlCe3aZOJ0uQLTReJ4yn4OOH1_xyGU4mg-wGAQuDb7QhD7kY3jFwHkJNX-giMWW3Hqj5n2OUyEQEN_8E7_ycYiLVsvuz3O_-gtftNYtPI6i1zjPQ0P46UYosl2d4Sf4-akzJU11jRj84l3ztRt9s_zk6hTrzNTHcJpqoB0w-6KkleYCchs2KW9J8zxFD2nf6t0HrddBiNflCM_zjRXb-sw3_LupNP1MtD4enh6gzqwYgwVjFXzqEZqyIOr2LZKx7ren9bnM4Jt7zOJ9571HpVOy_0ubhubWq8qFllCAG4ky5Vkp35eHuyw8YQgHnZmYbo7lopgqzzgUnB5iQgXpaGBHFIThFVV5vM9AZFkYMcJf3TIMW2C9tHAgqunsdYfZACrAPeCyHQnMdZQSwVkVmtmij5pyMg7KChCTjR-t1fcodXcrQTbA&sai=AMfl-YTkwGPnNFn3TlHm1ic-NmuKtYhZAjBN6HNtS1USoJt-MUwFAnWxwIwUUFb1i7pfT5TXFIWbPzToniyyIbDLnTC23wpuNVhcAo3Proj0-OMHBga0TWBW422ofDaKpcA0TJALuznFm2QoKF0CC5u1xnA67Zr_a5w5ajYUzraFG8jdr1d23wmvVBXZWK2X8Gtr-NW-rlV4sQ6yUgXZvdqkraJmgMwThCcJMKTITF0lhtXxLd4NeBlUcCqyrQDKBjv1ou99Pkyze8HUoT5ibg7i7u5Y1ix-VAllPHsJ2EzUuB2nphGrmT4&sig=Cg0ArKJSzOJDMgOZ2ZaoEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=817&vt=11&dtpt=815&dett=2&cstd=1&cisv=r20230124.90632&arae=0&ftch=1&adurl=
IP 142.250.74.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjssiHF9b2R2tAJFUzfK2g7XS63z35k2Men4p43_ji_IOdkJexKnNVHNKea_RV6KCRM5ONqozcPt4GJVfZm2Us0FtRNRzZE6I1ZE9WgEdLsA7RpHd9EUSclXu4lqqXZOAxpTR0ahuqFei8t-vroYvrrIFHvjBEzcAhF1tlhc5NFbflI3vD_odiBrlxnyNhbD5_Kk8VRXEfjXMgJJ-0kn72XULk8nd1YnSJfT00wkAkzWdESMR5amF-rhcSv1PUKhFGQ56AAFpDHaWLwDCXIM1ysUwIjohCN_3CfksyQcSOLhS4JguPv8C5XbZYo3R8JyCujyZ32RfK5QIMMREWe9byjdYzyoAq54rWCZkrvoW60iwzvQ-bQwqMhgzyRyPgNqzmsjXdxg19-uc2YqVWFqDvYM3fqrZ8Jz8pg9afJx8zcqTBdO5_HL0fzLRqS6pjBSgnfxUBzZTkDe1KPXzfHDFYgvQWTCQcADiZOwi-3OhBbgKfJvAQtOlQnKKAzozowqTXtYyHwnhtubjE4eXhHvPgpnjqaKxzQZDtoQtzkDF6CRQZ-D3TETvWd8QEHD3I1GbJebxd1YYw0TnZ7Sde5FUoceNmMHItcanWJtqqV8eK39gMm9ag2IuLmSmIKFvPiKGIubuGllVYWueOcKwxuwBa6cmFmhdQ9FZNXkTGV2m0VMVmIebMBVFP_NRBPNOQZI-qkGec4Oz8C7W4lD5S5tFUT_At-JQjBzDlNO2xbKmmwqVCqvK44--orLFpsOs7qdGxuYe9Pw9B16AUSc7jK3i6Vv1rlCe3aZOJ0uQLTReJ4yn4OOH1_xyGU4mg-wGAQuDb7QhD7kY3jFwHkJNX-giMWW3Hqj5n2OUyEQEN_8E7_ycYiLVsvuz3O_-gtftNYtPI6i1zjPQ0P46UYosl2d4Sf4-akzJU11jRj84l3ztRt9s_zk6hTrzNTHcJpqoB0w-6KkleYCchs2KW9J8zxFD2nf6t0HrddBiNflCM_zjRXb-sw3_LupNP1MtD4enh6gzqwYgwVjFXzqEZqyIOr2LZKx7ren9bnM4Jt7zOJ9571HpVOy_0ubhubWq8qFllCAG4ky5Vkp35eHuyw8YQgHnZmYbo7lopgqzzgUnB5iQgXpaGBHFIThFVV5vM9AZFkYMcJf3TIMW2C9tHAgqunsdYfZACrAPeCyHQnMdZQSwVkVmtmij5pyMg7KChCTjR-t1fcodXcrQTbA&sai=AMfl-YTkwGPnNFn3TlHm1ic-NmuKtYhZAjBN6HNtS1USoJt-MUwFAnWxwIwUUFb1i7pfT5TXFIWbPzToniyyIbDLnTC23wpuNVhcAo3Proj0-OMHBga0TWBW422ofDaKpcA0TJALuznFm2QoKF0CC5u1xnA67Zr_a5w5ajYUzraFG8jdr1d23wmvVBXZWK2X8Gtr-NW-rlV4sQ6yUgXZvdqkraJmgMwThCcJMKTITF0lhtXxLd4NeBlUcCqyrQDKBjv1ou99Pkyze8HUoT5ibg7i7u5Y1ix-VAllPHsJ2EzUuB2nphGrmT4&sig=Cg0ArKJSzOJDMgOZ2ZaoEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=817&vt=11&dtpt=815&dett=2&cstd=1&cisv=r20230124.90632&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b3b7764334149e2c11c22a0d325dac0c.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cache-control: private
access-control-allow-origin: *
content-type: image/gif
x-content-type-options: nosniff
date: Fri, 27 Jan 2023 11:30:24 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 27-Jan-2023 11:45:24 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 27 Jan 2023 11:30:24 GMT
X-Firefox-Spdy: h2
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvh1G0QOD60w1hI6t1jdfAp06ng1g2GUVDa27E3RyLGWMFBWx1kQH1vFHxDLoCcdTRX5YMiQP7l9CeuAq78iXP278oTojvQoEDeoEhRzBoroJQ88SxDjP8qRl29lJYEIepOBj8Xl1nwHUToCSN9fLgYkdACr7tppGnrQ5ov4UKxVHCfLHABAfrNOQRirlwWmduejksSPxV1i39_uupz94qqVZ4LtXFY9T14GFMHCfFireXc2RrutF-KmzaJCblLuC9tCT2__j_PdsNKHMiN3NH-qANXAE5-le4goI8gGOVNtlM_8qc-QYNk-T8qg8s8v1v6zJR_WnJtMBnuf12OXQmhypmz5c4XcwnlWJLgw9aN7YCS6zR9fJCYFGFt8JjizZ07JBe5CCgqXzNMx5c428oOoZRrK-Mvv8jHNZEQs5eoPZgeirOL7jnL7YLo2NWoyc17dHSFCeWvWP47PMTzwN--hDdpigfj9rDLFYya63t3Eg5T3il4eOTezRtp4CgBpkaNR69arNdqgtwTJw_GzYWxMTmQth0I6k5a_113tG_Dp_9bi_hdkJwuIGM81vY_MFcuTuCV57UahAF8330Slyhi-4obl-8mOSHpcCRFwF5bMoRYPZrQcgBWngZzHrijzGz9dBIJi07_85lahq0VK5gLnlrjBMNggyDHEl5gHoPBv4CXS8SZY0bvqtmemsAigkes1AmG4rO-Ljpm8YQ9S3EZc7gGTjCfNFa2QhGbAOCyOU4GRQNLjsanBO0lbOfe4C4uf6Fd-XpdEDlO-WjTb1ydZisaPz-umoLWz0ThCIifyUriOxUKrKd0s0ZAHrliC5vqGGCjjRDBV9q5NwWC06p2xKQ7gmsHjNOhCygE-6bgKYFiWsOTvP-vFytZYgAjZEMPymK-DvEcCtwhK5mIt99q6AXNdszEBHhqb8jP8PLWg1ZRFndGTdn-dpRe7qu90OLadeVyL4g7qBZP1-ZLCg3hgqBIbLXg1po2BozJgqRxN9z1mZy2rC57suXoBUDU_0chk3YhdXgPjRHLjfCZvQ7b2XrEAmvQ8T8KjIIeHK1rP304KjIzhwSLH1sdy22LplJJGLV_NHX58JbWS0mIJLc0ML1ezYDRJEgHCOOWAKzrDzvW4PGLk4aYXFiqgVELdKDEBAEnLIxtdqb6Id7Z4cLQ5E2tO1bg8qmCIVZqOTVNVzoBVsB9hp5WL9tuPziMdq8cp-0L&sai=AMfl-YRzA3UoUKw40ia3DVU8JNVYQF7eqr-Cwjx7T5t-skfWBZZUQMkE7Vbdb_8XNY-4z8MVWnjv9Ulwu0D4T81Znvzm6PuptSLVnNWB9214mw81S_2jJ43XHteExjzw5XeUrpf2h740K4YZmL2CNt-IS96UW1eQr4OkHVKkSEn0ozVoq1Tb8apsX0-EzMsEJfLgPXjSGuf6WdpoaO9zfYismAGYa4VSgE7VmNDa0tUXC41-8NB3lHQleNDtgb_y_oyGxHUiX4QUcYgzxh-2OeuyvqcTk_0wDbGGWwwmmYsjX4YgA0Nn7PE&sig=Cg0ArKJSzKssbaKCr3F9EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=775&vt=11&dtpt=774&dett=2&cstd=0&cisv=r20230124.61454&arae=0&ftch=1&adurl=
142.250.74.66200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvh1G0QOD60w1hI6t1jdfAp06ng1g2GUVDa27E3RyLGWMFBWx1kQH1vFHxDLoCcdTRX5YMiQP7l9CeuAq78iXP278oTojvQoEDeoEhRzBoroJQ88SxDjP8qRl29lJYEIepOBj8Xl1nwHUToCSN9fLgYkdACr7tppGnrQ5ov4UKxVHCfLHABAfrNOQRirlwWmduejksSPxV1i39_uupz94qqVZ4LtXFY9T14GFMHCfFireXc2RrutF-KmzaJCblLuC9tCT2__j_PdsNKHMiN3NH-qANXAE5-le4goI8gGOVNtlM_8qc-QYNk-T8qg8s8v1v6zJR_WnJtMBnuf12OXQmhypmz5c4XcwnlWJLgw9aN7YCS6zR9fJCYFGFt8JjizZ07JBe5CCgqXzNMx5c428oOoZRrK-Mvv8jHNZEQs5eoPZgeirOL7jnL7YLo2NWoyc17dHSFCeWvWP47PMTzwN--hDdpigfj9rDLFYya63t3Eg5T3il4eOTezRtp4CgBpkaNR69arNdqgtwTJw_GzYWxMTmQth0I6k5a_113tG_Dp_9bi_hdkJwuIGM81vY_MFcuTuCV57UahAF8330Slyhi-4obl-8mOSHpcCRFwF5bMoRYPZrQcgBWngZzHrijzGz9dBIJi07_85lahq0VK5gLnlrjBMNggyDHEl5gHoPBv4CXS8SZY0bvqtmemsAigkes1AmG4rO-Ljpm8YQ9S3EZc7gGTjCfNFa2QhGbAOCyOU4GRQNLjsanBO0lbOfe4C4uf6Fd-XpdEDlO-WjTb1ydZisaPz-umoLWz0ThCIifyUriOxUKrKd0s0ZAHrliC5vqGGCjjRDBV9q5NwWC06p2xKQ7gmsHjNOhCygE-6bgKYFiWsOTvP-vFytZYgAjZEMPymK-DvEcCtwhK5mIt99q6AXNdszEBHhqb8jP8PLWg1ZRFndGTdn-dpRe7qu90OLadeVyL4g7qBZP1-ZLCg3hgqBIbLXg1po2BozJgqRxN9z1mZy2rC57suXoBUDU_0chk3YhdXgPjRHLjfCZvQ7b2XrEAmvQ8T8KjIIeHK1rP304KjIzhwSLH1sdy22LplJJGLV_NHX58JbWS0mIJLc0ML1ezYDRJEgHCOOWAKzrDzvW4PGLk4aYXFiqgVELdKDEBAEnLIxtdqb6Id7Z4cLQ5E2tO1bg8qmCIVZqOTVNVzoBVsB9hp5WL9tuPziMdq8cp-0L&sai=AMfl-YRzA3UoUKw40ia3DVU8JNVYQF7eqr-Cwjx7T5t-skfWBZZUQMkE7Vbdb_8XNY-4z8MVWnjv9Ulwu0D4T81Znvzm6PuptSLVnNWB9214mw81S_2jJ43XHteExjzw5XeUrpf2h740K4YZmL2CNt-IS96UW1eQr4OkHVKkSEn0ozVoq1Tb8apsX0-EzMsEJfLgPXjSGuf6WdpoaO9zfYismAGYa4VSgE7VmNDa0tUXC41-8NB3lHQleNDtgb_y_oyGxHUiX4QUcYgzxh-2OeuyvqcTk_0wDbGGWwwmmYsjX4YgA0Nn7PE&sig=Cg0ArKJSzKssbaKCr3F9EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=775&vt=11&dtpt=774&dett=2&cstd=0&cisv=r20230124.61454&arae=0&ftch=1&adurl=
IP 142.250.74.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjsvh1G0QOD60w1hI6t1jdfAp06ng1g2GUVDa27E3RyLGWMFBWx1kQH1vFHxDLoCcdTRX5YMiQP7l9CeuAq78iXP278oTojvQoEDeoEhRzBoroJQ88SxDjP8qRl29lJYEIepOBj8Xl1nwHUToCSN9fLgYkdACr7tppGnrQ5ov4UKxVHCfLHABAfrNOQRirlwWmduejksSPxV1i39_uupz94qqVZ4LtXFY9T14GFMHCfFireXc2RrutF-KmzaJCblLuC9tCT2__j_PdsNKHMiN3NH-qANXAE5-le4goI8gGOVNtlM_8qc-QYNk-T8qg8s8v1v6zJR_WnJtMBnuf12OXQmhypmz5c4XcwnlWJLgw9aN7YCS6zR9fJCYFGFt8JjizZ07JBe5CCgqXzNMx5c428oOoZRrK-Mvv8jHNZEQs5eoPZgeirOL7jnL7YLo2NWoyc17dHSFCeWvWP47PMTzwN--hDdpigfj9rDLFYya63t3Eg5T3il4eOTezRtp4CgBpkaNR69arNdqgtwTJw_GzYWxMTmQth0I6k5a_113tG_Dp_9bi_hdkJwuIGM81vY_MFcuTuCV57UahAF8330Slyhi-4obl-8mOSHpcCRFwF5bMoRYPZrQcgBWngZzHrijzGz9dBIJi07_85lahq0VK5gLnlrjBMNggyDHEl5gHoPBv4CXS8SZY0bvqtmemsAigkes1AmG4rO-Ljpm8YQ9S3EZc7gGTjCfNFa2QhGbAOCyOU4GRQNLjsanBO0lbOfe4C4uf6Fd-XpdEDlO-WjTb1ydZisaPz-umoLWz0ThCIifyUriOxUKrKd0s0ZAHrliC5vqGGCjjRDBV9q5NwWC06p2xKQ7gmsHjNOhCygE-6bgKYFiWsOTvP-vFytZYgAjZEMPymK-DvEcCtwhK5mIt99q6AXNdszEBHhqb8jP8PLWg1ZRFndGTdn-dpRe7qu90OLadeVyL4g7qBZP1-ZLCg3hgqBIbLXg1po2BozJgqRxN9z1mZy2rC57suXoBUDU_0chk3YhdXgPjRHLjfCZvQ7b2XrEAmvQ8T8KjIIeHK1rP304KjIzhwSLH1sdy22LplJJGLV_NHX58JbWS0mIJLc0ML1ezYDRJEgHCOOWAKzrDzvW4PGLk4aYXFiqgVELdKDEBAEnLIxtdqb6Id7Z4cLQ5E2tO1bg8qmCIVZqOTVNVzoBVsB9hp5WL9tuPziMdq8cp-0L&sai=AMfl-YRzA3UoUKw40ia3DVU8JNVYQF7eqr-Cwjx7T5t-skfWBZZUQMkE7Vbdb_8XNY-4z8MVWnjv9Ulwu0D4T81Znvzm6PuptSLVnNWB9214mw81S_2jJ43XHteExjzw5XeUrpf2h740K4YZmL2CNt-IS96UW1eQr4OkHVKkSEn0ozVoq1Tb8apsX0-EzMsEJfLgPXjSGuf6WdpoaO9zfYismAGYa4VSgE7VmNDa0tUXC41-8NB3lHQleNDtgb_y_oyGxHUiX4QUcYgzxh-2OeuyvqcTk_0wDbGGWwwmmYsjX4YgA0Nn7PE&sig=Cg0ArKJSzKssbaKCr3F9EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=775&vt=11&dtpt=774&dett=2&cstd=0&cisv=r20230124.61454&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b3b7764334149e2c11c22a0d325dac0c.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cache-control: private
access-control-allow-origin: *
content-type: image/gif
x-content-type-options: nosniff
date: Fri, 27 Jan 2023 11:30:24 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 27-Jan-2023 11:45:24 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 27 Jan 2023 11:30:24 GMT
X-Firefox-Spdy: h2
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssitJBHVnF5NHXEfusZgF3Lsaki-Ai1XDj41NfcHnONTQVx-HG5jTowbrbgqcld8DLraWvEFLv4i0oMK1ciZA7l9YIHx8p1immIIB1ptaKser8j3h9crHLkdxP0JhwiD5XKfxqd9_aNqMHJ8eBn0TueJOoMDtc31JzvW6y_AIxO6DFiaGBOqhv_z_BCZ5hpC2u4nkMJYLpVR7AOIZdr95Jtk2ipj7_Z1C4ZxB67hSgdm6MPk09gT5UkzMyhAp_lfpDIsgqP2FZTXkpfzo4dfYzEWewudab8-TnzgOTB9_z9QCz8KS-K61in7MB561D7u_7UpuKhlPVU4gooHbX--WI-J61xQqfxKWZAWEwBJwirSRSjx1fs_-VbOiFMaLrdIbgn5_8Ra08TrcmT2XwxNYjRDhERqXmIxnxdTS_8pcW4KUZKm9qFpFD4fM0NvUofrdIST7zEwxZII8joLRUzW6CSFZG1dFLX2s3TlEMEmJ-p61uqQUKs8qvT6Jtwbi2a-UobjN4edyLp-s4SLcTBi1OK_P1cCXvkUb7OnofsjEuoVphZd29s70dEG2-Xp83_R6xuEDSrsTjQUFwQCAFjBjrqgkG_ikXgMPbRFtD_it9MZSuQti2-HXQ3ycc29EkQ-8nCaHaDLWn5ld3ixEQW9_lwDgyGiwsVLywY0arO59bniJ_kjsA-xaiOPKP0wA2NXHd17RfjfUnHcYDy4TlodToslkvJSXpgouQh7YsWUTVVDPtLr6j_cq4eftfihRb5SA0GyqemgLt1Jj3i542yo0qkWFs8Jouss_A5ykBlx-M6GztotQFRPdvUt2GSe60lWULPVtbv5JbfUp0s-FaM6BxGKARo7H1pCgsaWWpUEchLG5QYvWarTq6zrrUaMzhqpEq80H4BleMeJ8LKzTdR2RWtgUtkqXrNNnuy3gJImdD-lAeUzdVKklzVr-pTBh1ymRlUmp-RSmkcPJArwPWYO6xQWZQbFYAU7c9T5irlshd2i42vUgoBb9OskldR2q6UlOUr3Y9T0RfHEsGOhnv00aP35AW8ItO6POb28e-iQmoM1FjenSF1liy0sS18E6LUOo1gGMLfCWYPGj7jAfYblfKTycK5cNR2nHQNBesQjgpeSzeoWbVhq-gP_SJySoPhPe2xLyIdCUjlMBtCowE1oze7wt1NoQBiVkdNsW15-AOTbgqtUVsyWDpRPrYQ-o5CNVpvWAR8Miw&sai=AMfl-YRq27mxD9qtisOTMLzvnw6QIpjcD0w712XOoFk4F4QLofk3sezuWoHoUPf1Otbq0Vb2MojlXjwMDoZTMbkxA7nuyCZnJ0iyTpqG6EVdqzClZQKDXb7MsFHmCA72ox-yVstAu_Zdi9kRlonmUchqkaws9hr9KvPecZgg1vpFEl0e6vIab_8gONNnkO9qRPqlVTucA5SUBuPL6GwDOOYknw9gFTs0KGxXK95mA7HhtZHZGuIwwpBtcyI8VXBhncrTRC_de-JfeB2pE6VlfXZuNxXbN7ShHjn-LLAACwjkpj4MW-3b2-o&sig=Cg0ArKJSzGkPxs8Ynap8EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=811&vt=11&dtpt=810&dett=2&cstd=0&cisv=r20230124.02157&arae=0&ftch=1&adurl=
142.250.74.66200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssitJBHVnF5NHXEfusZgF3Lsaki-Ai1XDj41NfcHnONTQVx-HG5jTowbrbgqcld8DLraWvEFLv4i0oMK1ciZA7l9YIHx8p1immIIB1ptaKser8j3h9crHLkdxP0JhwiD5XKfxqd9_aNqMHJ8eBn0TueJOoMDtc31JzvW6y_AIxO6DFiaGBOqhv_z_BCZ5hpC2u4nkMJYLpVR7AOIZdr95Jtk2ipj7_Z1C4ZxB67hSgdm6MPk09gT5UkzMyhAp_lfpDIsgqP2FZTXkpfzo4dfYzEWewudab8-TnzgOTB9_z9QCz8KS-K61in7MB561D7u_7UpuKhlPVU4gooHbX--WI-J61xQqfxKWZAWEwBJwirSRSjx1fs_-VbOiFMaLrdIbgn5_8Ra08TrcmT2XwxNYjRDhERqXmIxnxdTS_8pcW4KUZKm9qFpFD4fM0NvUofrdIST7zEwxZII8joLRUzW6CSFZG1dFLX2s3TlEMEmJ-p61uqQUKs8qvT6Jtwbi2a-UobjN4edyLp-s4SLcTBi1OK_P1cCXvkUb7OnofsjEuoVphZd29s70dEG2-Xp83_R6xuEDSrsTjQUFwQCAFjBjrqgkG_ikXgMPbRFtD_it9MZSuQti2-HXQ3ycc29EkQ-8nCaHaDLWn5ld3ixEQW9_lwDgyGiwsVLywY0arO59bniJ_kjsA-xaiOPKP0wA2NXHd17RfjfUnHcYDy4TlodToslkvJSXpgouQh7YsWUTVVDPtLr6j_cq4eftfihRb5SA0GyqemgLt1Jj3i542yo0qkWFs8Jouss_A5ykBlx-M6GztotQFRPdvUt2GSe60lWULPVtbv5JbfUp0s-FaM6BxGKARo7H1pCgsaWWpUEchLG5QYvWarTq6zrrUaMzhqpEq80H4BleMeJ8LKzTdR2RWtgUtkqXrNNnuy3gJImdD-lAeUzdVKklzVr-pTBh1ymRlUmp-RSmkcPJArwPWYO6xQWZQbFYAU7c9T5irlshd2i42vUgoBb9OskldR2q6UlOUr3Y9T0RfHEsGOhnv00aP35AW8ItO6POb28e-iQmoM1FjenSF1liy0sS18E6LUOo1gGMLfCWYPGj7jAfYblfKTycK5cNR2nHQNBesQjgpeSzeoWbVhq-gP_SJySoPhPe2xLyIdCUjlMBtCowE1oze7wt1NoQBiVkdNsW15-AOTbgqtUVsyWDpRPrYQ-o5CNVpvWAR8Miw&sai=AMfl-YRq27mxD9qtisOTMLzvnw6QIpjcD0w712XOoFk4F4QLofk3sezuWoHoUPf1Otbq0Vb2MojlXjwMDoZTMbkxA7nuyCZnJ0iyTpqG6EVdqzClZQKDXb7MsFHmCA72ox-yVstAu_Zdi9kRlonmUchqkaws9hr9KvPecZgg1vpFEl0e6vIab_8gONNnkO9qRPqlVTucA5SUBuPL6GwDOOYknw9gFTs0KGxXK95mA7HhtZHZGuIwwpBtcyI8VXBhncrTRC_de-JfeB2pE6VlfXZuNxXbN7ShHjn-LLAACwjkpj4MW-3b2-o&sig=Cg0ArKJSzGkPxs8Ynap8EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=811&vt=11&dtpt=810&dett=2&cstd=0&cisv=r20230124.02157&arae=0&ftch=1&adurl=
IP 142.250.74.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjssitJBHVnF5NHXEfusZgF3Lsaki-Ai1XDj41NfcHnONTQVx-HG5jTowbrbgqcld8DLraWvEFLv4i0oMK1ciZA7l9YIHx8p1immIIB1ptaKser8j3h9crHLkdxP0JhwiD5XKfxqd9_aNqMHJ8eBn0TueJOoMDtc31JzvW6y_AIxO6DFiaGBOqhv_z_BCZ5hpC2u4nkMJYLpVR7AOIZdr95Jtk2ipj7_Z1C4ZxB67hSgdm6MPk09gT5UkzMyhAp_lfpDIsgqP2FZTXkpfzo4dfYzEWewudab8-TnzgOTB9_z9QCz8KS-K61in7MB561D7u_7UpuKhlPVU4gooHbX--WI-J61xQqfxKWZAWEwBJwirSRSjx1fs_-VbOiFMaLrdIbgn5_8Ra08TrcmT2XwxNYjRDhERqXmIxnxdTS_8pcW4KUZKm9qFpFD4fM0NvUofrdIST7zEwxZII8joLRUzW6CSFZG1dFLX2s3TlEMEmJ-p61uqQUKs8qvT6Jtwbi2a-UobjN4edyLp-s4SLcTBi1OK_P1cCXvkUb7OnofsjEuoVphZd29s70dEG2-Xp83_R6xuEDSrsTjQUFwQCAFjBjrqgkG_ikXgMPbRFtD_it9MZSuQti2-HXQ3ycc29EkQ-8nCaHaDLWn5ld3ixEQW9_lwDgyGiwsVLywY0arO59bniJ_kjsA-xaiOPKP0wA2NXHd17RfjfUnHcYDy4TlodToslkvJSXpgouQh7YsWUTVVDPtLr6j_cq4eftfihRb5SA0GyqemgLt1Jj3i542yo0qkWFs8Jouss_A5ykBlx-M6GztotQFRPdvUt2GSe60lWULPVtbv5JbfUp0s-FaM6BxGKARo7H1pCgsaWWpUEchLG5QYvWarTq6zrrUaMzhqpEq80H4BleMeJ8LKzTdR2RWtgUtkqXrNNnuy3gJImdD-lAeUzdVKklzVr-pTBh1ymRlUmp-RSmkcPJArwPWYO6xQWZQbFYAU7c9T5irlshd2i42vUgoBb9OskldR2q6UlOUr3Y9T0RfHEsGOhnv00aP35AW8ItO6POb28e-iQmoM1FjenSF1liy0sS18E6LUOo1gGMLfCWYPGj7jAfYblfKTycK5cNR2nHQNBesQjgpeSzeoWbVhq-gP_SJySoPhPe2xLyIdCUjlMBtCowE1oze7wt1NoQBiVkdNsW15-AOTbgqtUVsyWDpRPrYQ-o5CNVpvWAR8Miw&sai=AMfl-YRq27mxD9qtisOTMLzvnw6QIpjcD0w712XOoFk4F4QLofk3sezuWoHoUPf1Otbq0Vb2MojlXjwMDoZTMbkxA7nuyCZnJ0iyTpqG6EVdqzClZQKDXb7MsFHmCA72ox-yVstAu_Zdi9kRlonmUchqkaws9hr9KvPecZgg1vpFEl0e6vIab_8gONNnkO9qRPqlVTucA5SUBuPL6GwDOOYknw9gFTs0KGxXK95mA7HhtZHZGuIwwpBtcyI8VXBhncrTRC_de-JfeB2pE6VlfXZuNxXbN7ShHjn-LLAACwjkpj4MW-3b2-o&sig=Cg0ArKJSzGkPxs8Ynap8EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=811&vt=11&dtpt=810&dett=2&cstd=0&cisv=r20230124.02157&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b3b7764334149e2c11c22a0d325dac0c.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cache-control: private
access-control-allow-origin: *
content-type: image/gif
x-content-type-options: nosniff
date: Fri, 27 Jan 2023 11:30:24 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 27-Jan-2023 11:45:24 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 27 Jan 2023 11:30:24 GMT
X-Firefox-Spdy: h2
upfilesurls.com/d7II?auth=eyJpdiI6IlV5VmwrVUNpVWhPWGpWeTZkSmFFYUE9PSIsInZhbHVlIjoiVURGejlmNUl1SU5jdi9nMXFsc05qUT09IiwibWFjIjoiMGQ3MTAzYTM4ZTE0MWM2MDlkOGY5YjEyOWJmNmFkZWU0YWZhMmIxMTBiYTI5YzJiM2ZhYWUxM2Y0N2FhYzBiYiIsInRhZyI6IiJ9
104.26.8.138302 Found 0 B URL HTTP/2 upfilesurls.com/d7II?auth=eyJpdiI6IlV5VmwrVUNpVWhPWGpWeTZkSmFFYUE9PSIsInZhbHVlIjoiVURGejlmNUl1SU5jdi9nMXFsc05qUT09IiwibWFjIjoiMGQ3MTAzYTM4ZTE0MWM2MDlkOGY5YjEyOWJmNmFkZWU0YWZhMmIxMTBiYTI5YzJiM2ZhYWUxM2Y0N2FhYzBiYiIsInRhZyI6IiJ9
IP 104.26.8.138:0
GET /d7II?auth=eyJpdiI6IlV5VmwrVUNpVWhPWGpWeTZkSmFFYUE9PSIsInZhbHVlIjoiVURGejlmNUl1SU5jdi9nMXFsc05qUT09IiwibWFjIjoiMGQ3MTAzYTM4ZTE0MWM2MDlkOGY5YjEyOWJmNmFkZWU0YWZhMmIxMTBiYTI5YzJiM2ZhYWUxM2Y0N2FhYzBiYiIsInRhZyI6IiJ9 HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Fri, 27 Jan 2023 11:30:20 GMT
content-type: text/html; charset=UTF-8
location: https://upfilesurls.com/d7II
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: auth=eyJpdiI6IlV5VmwrVUNpVWhPWGpWeTZkSmFFYUE9PSIsInZhbHVlIjoiVURGejlmNUl1SU5jdi9nMXFsc05qUT09IiwibWFjIjoiMGQ3MTAzYTM4ZTE0MWM2MDlkOGY5YjEyOWJmNmFkZWU0YWZhMmIxMTBiYTI5YzJiM2ZhYWUxM2Y0N2FhYzBiYiIsInRhZyI6IiJ9; path=/; secure; httponly; samesite=lax
XSRF-TOKEN=eyJpdiI6IlBKdUFUYmJYTkFPWmJkYmJvVk9vTmc9PSIsInZhbHVlIjoibzVGVWN3RDI3ck83QW1RSlF2bnduTHFaYnRtQWxVb2xaNzhqVnBBdG1YZkxRaURodjVLcll2VjhlbnRHZjQ4VHlQYW9KT00xWU1IT0owM2JpSXdGNGhjclB1NVZwVkVpTjQ4c2d3a09vamJKc2xYek5xUkVDUThUNkhXVzhWYnoiLCJtYWMiOiJhZGRmZTYxOTNhYjZmN2Q2MzcxMzgyYjgwMjQ4ZGZmMzQwZjljODljMmJjNDIxM2JkZjgyZmU5N2UwZWE3OGVkIiwidGFnIjoiIn0%3D; expires=Fri, 27-Jan-2023 13:30:20 GMT; Max-Age=7200; path=/; samesite=lax
upfiles_session=eyJpdiI6IlMxdXlkdXBUUHhkSk5mQVdGRXZzbFE9PSIsInZhbHVlIjoiVTdHMnVYcGNuamcvaGVqaGIyWDRZUUlKTm9hTGkvanpKTUg5TERWU2w4QkhzeEc2VHAwMEthVWtvRExiRThyRXQ3aEQwZ0NSdTNMWWM0WjlDMklzaEJPdFl1YUE4Qkl4Z3JXREpEM3pNSVJFSkFTU1ZkZGRKTjVqdlBXMjFudnoiLCJtYWMiOiJkNjE0ZDNiMzZlNWMxNGMyZmRjNjk3YTkyYTdlNDYxZTVkYzI3ZTIyNDU0NmFkYjUzMjMzNWU0ZWU5ZGNhOTYzIiwidGFnIjoiIn0%3D; expires=Fri, 27-Jan-2023 13:30:20 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rJHWSdAoc%2FWADXOMZ0bgY7ZmL8ifZb%2Fq2gN7lkZYNSwlF0dliCGhTZhFXpxfagp5UbWo%2FX%2F6d9Ve9zQdgFIJdUSs%2BEDb0mgYGDZyvzWHqR%2FGMmpNKthIBO1bkFeeuGaG1A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790127dd1edcb523-OSL
X-Firefox-Spdy: h2
upfilesurls.com/d7II
104.26.8.138200 OK 0 B IP 104.26.8.138:0
GET /d7II HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: auth=eyJpdiI6IlV5VmwrVUNpVWhPWGpWeTZkSmFFYUE9PSIsInZhbHVlIjoiVURGejlmNUl1SU5jdi9nMXFsc05qUT09IiwibWFjIjoiMGQ3MTAzYTM4ZTE0MWM2MDlkOGY5YjEyOWJmNmFkZWU0YWZhMmIxMTBiYTI5YzJiM2ZhYWUxM2Y0N2FhYzBiYiIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6IlBKdUFUYmJYTkFPWmJkYmJvVk9vTmc9PSIsInZhbHVlIjoibzVGVWN3RDI3ck83QW1RSlF2bnduTHFaYnRtQWxVb2xaNzhqVnBBdG1YZkxRaURodjVLcll2VjhlbnRHZjQ4VHlQYW9KT00xWU1IT0owM2JpSXdGNGhjclB1NVZwVkVpTjQ4c2d3a09vamJKc2xYek5xUkVDUThUNkhXVzhWYnoiLCJtYWMiOiJhZGRmZTYxOTNhYjZmN2Q2MzcxMzgyYjgwMjQ4ZGZmMzQwZjljODljMmJjNDIxM2JkZjgyZmU5N2UwZWE3OGVkIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6IlMxdXlkdXBUUHhkSk5mQVdGRXZzbFE9PSIsInZhbHVlIjoiVTdHMnVYcGNuamcvaGVqaGIyWDRZUUlKTm9hTGkvanpKTUg5TERWU2w4QkhzeEc2VHAwMEthVWtvRExiRThyRXQ3aEQwZ0NSdTNMWWM0WjlDMklzaEJPdFl1YUE4Qkl4Z3JXREpEM3pNSVJFSkFTU1ZkZGRKTjVqdlBXMjFudnoiLCJtYWMiOiJkNjE0ZDNiMzZlNWMxNGMyZmRjNjk3YTkyYTdlNDYxZTVkYzI3ZTIyNDU0NmFkYjUzMjMzNWU0ZWU5ZGNhOTYzIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 11:30:20 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6ImNuR0c4QXVodzdiWk1ERWw3OUhpNmc9PSIsInZhbHVlIjoiS1o1SGVlQnUrN3Z0UkhGY3ZIclB5eVZ1bzVtd09kcVZMSm1UYTFUSkNpREpmeVVYSEYyNVB0R05TZEpzWW9SaGNRRVBySFZpcW1yWHprN2JtQ3RuL3lPcDF6dGZnME14NHVFbVBZZjdpVkdta1dGTWo5VHdKRDFLQmUyN0RxeUciLCJtYWMiOiJlMDJkMzdhZDIwYmI5ZDU4NzUyNzgwZDMwMzk4ZjZhOWU5OTg5MThjNTJjMzU4ZGFlYzZmODg2YzlhMWRlZTU3IiwidGFnIjoiIn0%3D; expires=Fri, 27-Jan-2023 13:30:20 GMT; Max-Age=7200; path=/; samesite=lax
upfiles_session=eyJpdiI6Iks4Q0VDenVVN0dBL3JNcng4cUFpL2c9PSIsInZhbHVlIjoiRlJyMnhzdHYyQW41Vm5YVzJmRmlXM3JtU0hLNHdjYmplajJZcllFWCttekR0VzJKdXF2bVVKOUthZjgrY2pOQnNPVmVYVWZUQmIyRE8waGg5RWFIL2VUcEJBL3N5USt2bUZJREpMbWlhT2JaNmt2L2R5b1E3bFhVRHBveVNKVmwiLCJtYWMiOiI0YTljYTMwNTIxYTZmMTYxOGI5Mjc4MWY3MzE3ZDQ4MzRiZjQ0OGVhYjY0Nzg5MDk5MTcyNjMyYTExODhjNjg2IiwidGFnIjoiIn0%3D; expires=Fri, 27-Jan-2023 13:30:20 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=coe30jFWaNAyzojOW%2FGEieQGLC2GNX4JxU%2FT0vs2yZX9M3Bp3ohADUu8QOh%2FLiM%2BbKuyjmsl1P%2Bavcz%2BJfQtvbvOLCtvJwn4L6mZxdBuuSyEosqrHjiNHuSuCa%2F6KyUrWA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790127de485cb523-OSL
content-encoding: br
X-Firefox-Spdy: h2
upfilesurls.com/img/menu.svg
104.26.8.138200 OK 0 B URL HTTP/2 upfilesurls.com/img/menu.svg
IP 104.26.8.138:0
GET /img/menu.svg HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/d7II
Cookie: auth=eyJpdiI6IlV5VmwrVUNpVWhPWGpWeTZkSmFFYUE9PSIsInZhbHVlIjoiVURGejlmNUl1SU5jdi9nMXFsc05qUT09IiwibWFjIjoiMGQ3MTAzYTM4ZTE0MWM2MDlkOGY5YjEyOWJmNmFkZWU0YWZhMmIxMTBiYTI5YzJiM2ZhYWUxM2Y0N2FhYzBiYiIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6ImNuR0c4QXVodzdiWk1ERWw3OUhpNmc9PSIsInZhbHVlIjoiS1o1SGVlQnUrN3Z0UkhGY3ZIclB5eVZ1bzVtd09kcVZMSm1UYTFUSkNpREpmeVVYSEYyNVB0R05TZEpzWW9SaGNRRVBySFZpcW1yWHprN2JtQ3RuL3lPcDF6dGZnME14NHVFbVBZZjdpVkdta1dGTWo5VHdKRDFLQmUyN0RxeUciLCJtYWMiOiJlMDJkMzdhZDIwYmI5ZDU4NzUyNzgwZDMwMzk4ZjZhOWU5OTg5MThjNTJjMzU4ZGFlYzZmODg2YzlhMWRlZTU3IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6Iks4Q0VDenVVN0dBL3JNcng4cUFpL2c9PSIsInZhbHVlIjoiRlJyMnhzdHYyQW41Vm5YVzJmRmlXM3JtU0hLNHdjYmplajJZcllFWCttekR0VzJKdXF2bVVKOUthZjgrY2pOQnNPVmVYVWZUQmIyRE8waGg5RWFIL2VUcEJBL3N5USt2bUZJREpMbWlhT2JaNmt2L2R5b1E3bFhVRHBveVNKVmwiLCJtYWMiOiI0YTljYTMwNTIxYTZmMTYxOGI5Mjc4MWY3MzE3ZDQ4MzRiZjQ0OGVhYjY0Nzg5MDk5MTcyNjMyYTExODhjNjg2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 11:30:20 GMT
content-type: image/svg+xml
last-modified: Fri, 13 Jan 2023 13:29:35 GMT
vary: Accept-Encoding
etag: W/"63c15cbf-6c8"
cache-control: max-age=2592000
cf-cache-status: HIT
age: 243425
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VpxwfEy5WZx9GRlkQL2LywIlf5NrW1OalsNmgJgcmuJp0oNr260y2r%2BHO73QfZelMbzPXgLi8aQshcMOh0%2BYLi3B%2FigScrRB5AyMguiVPdEmRY0cb12Hidg8%2FyzZM%2FnBiA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790127e04b5cb523-OSL
content-encoding: br
X-Firefox-Spdy: h2
pogothere.xyz/
172.64.107.19200 OK 0 B IP 172.64.107.19:0
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Origin: https://upfilesurls.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 11:30:22 GMT
content-type: text/plain
set-cookie: csu=1352534842779013@1@1674819022; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://upfilesurls.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9entVBh9Bpqw00E%2FbZjCVJMaQGtAErw%2BukO%2F3yfIT0mrd%2Bc6F1w9cS3iwN0S0srzD9RiqEaY01FbxAnmiixLZqKaZGOa0jxy%2F7wl5AIswSnX72jiArOF8bqew0on6BkY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790127e7bc408862-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.id5-sync.com/api/1.0/esp.js
104.22.52.86200 OK 0 B URL HTTP/2 cdn.id5-sync.com/api/1.0/esp.js
IP 104.22.52.86:0
GET /api/1.0/esp.js HTTP/1.1
Host: cdn.id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 11:30:22 GMT
content-type: text/javascript;charset=utf-8
x-amz-id-2: FVMlFSmcD0Wn/+rph/xJPSMD8h1xLItGxMiFojs1e+J1f7LO28QsQCtM5wu1mlkwy4pwPQtZ0SQ=
x-amz-request-id: H5PSQWN45SZ0RJ5Q
last-modified: Wed, 18 Jan 2023 10:47:58 GMT
etag: W/"854d94282c6b6d99cd8ba33bb311e621"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
cf-cache-status: HIT
age: 1878
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 790127ec6f87fab4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.107.19200 OK 0 B IP 172.64.107.19:0
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Origin: https://upfilesurls.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 27 Jan 2023 11:30:21 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://upfilesurls.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 4536
last-modified: Fri, 27 Jan 2023 10:14:45 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TsjKWRccVccAxOq7yrm50mbr2dPQ3sKREoXIsQrnlI5TktkyXO3t3mY5Cj9aOvkUHGwNstNObyWa1Y0%2FiL1XSG0cpY1%2BLQ%2Bq%2BqP4m5CNTAnEF9XRW7umeFZi0XS5jjao"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 790127e76bcf8862-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
upfiles.com/authenticate/d7II
172.67.173.106302 Found 0 B URL HTTP/2 upfiles.com/authenticate/d7II
IP 172.67.173.106:0
GET /authenticate/d7II HTTP/1.1
Host: upfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Fri, 27 Jan 2023 11:30:20 GMT
content-type: text/html; charset=UTF-8
location: https://upfilesurls.com/d7II?auth=eyJpdiI6IlV5VmwrVUNpVWhPWGpWeTZkSmFFYUE9PSIsInZhbHVlIjoiVURGejlmNUl1SU5jdi9nMXFsc05qUT09IiwibWFjIjoiMGQ3MTAzYTM4ZTE0MWM2MDlkOGY5YjEyOWJmNmFkZWU0YWZhMmIxMTBiYTI5YzJiM2ZhYWUxM2Y0N2FhYzBiYiIsInRhZyI6IiJ9
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6ImRrZmNORkxjek0wNVNyL2V4QWZwdXc9PSIsInZhbHVlIjoicXF3WC9GZXBiRjUxaWMzci85eEpWZDk4NTlmNDFuQTFaMzBiZUFZdnRkWDJXanJrUXIvZjYxRzNzb2pVRFlsOVplVFNFVnJwc2k4bTZaRnpYQjVseDBJVDdFZGtmUklsa0JsOEIySWlaWlI1dDVYY21Jc2lTdk9LRHdYL004U2EiLCJtYWMiOiJjMTQzNTMxMjgyZWJmMzVjNDVlZmRhOTM3MmJkZDE1YTVjYTNlNjJmYzkzNTQwNTI2OTJlM2FhYTRmNjVmMTIwIiwidGFnIjoiIn0%3D; expires=Fri, 27-Jan-2023 13:30:20 GMT; Max-Age=7200; path=/; samesite=lax
upfiles_session=eyJpdiI6IjRmaHloN0pDanFRTlYvMUUyWWhrNWc9PSIsInZhbHVlIjoiQ1k3UzJzM05zVDhvUzdVYUFyeUI3T3ZnZmdFNVlLVVFubXlwZU1IQit2bFVSNlNRY1pJNnNxMW1hSUp3eGJ2MkswcU5TZ0xoR3BtUVF2U3NUdUNjT0VWM3NmWFA5SytGL25HWWVmWW1vY1lxb0xkaG5JajB4bUpxMnZBZG9YSVoiLCJtYWMiOiJiZTBjYmZkMWU0YWRhY2Q1N2M4YzBjZjdlODJmNDY3MTFkZThiM2E5MDc2OGQ2NzVlZDRlNmI3OWFjYzBhODRkIiwidGFnIjoiIn0%3D; expires=Fri, 27-Jan-2023 13:30:20 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2F7tAKrP6dk03h%2BjmRiDBgFjsL4aA3Gglv9TlQCTNvjmtxtqEEUzuj9Hd%2BML4tN89zF1XhQg651G8YarM7jO8vGDP9QaKof9aVQNlZKykOA7GZvFD%2FzPLBkL0QeKLg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790127dbbfa7b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/
172.64.107.19200 OK 0 B IP 172.64.107.19:0
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Origin: https://upfilesurls.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 11:30:22 GMT
content-type: text/plain
set-cookie: csu=216718188357424@1@1674819021; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://upfilesurls.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gk5QnxsaKPMRCukhVQPn%2BGbvedBsM1JJOoUUeGGGCfx7Bjy4flLgJQksJBobZRfscpqaV%2BkNzBtY1YbghFIVSlSbp3R%2FtAakLnuFt2iSIK0DiPOluPBzhWyKwSwANvMD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790127e70b368862-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
upfilesurls.com/img/logo.svg
104.26.8.138200 OK 0 B URL HTTP/2 upfilesurls.com/img/logo.svg
IP 104.26.8.138:0
GET /img/logo.svg HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/d7II
Cookie: auth=eyJpdiI6IlV5VmwrVUNpVWhPWGpWeTZkSmFFYUE9PSIsInZhbHVlIjoiVURGejlmNUl1SU5jdi9nMXFsc05qUT09IiwibWFjIjoiMGQ3MTAzYTM4ZTE0MWM2MDlkOGY5YjEyOWJmNmFkZWU0YWZhMmIxMTBiYTI5YzJiM2ZhYWUxM2Y0N2FhYzBiYiIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6ImNuR0c4QXVodzdiWk1ERWw3OUhpNmc9PSIsInZhbHVlIjoiS1o1SGVlQnUrN3Z0UkhGY3ZIclB5eVZ1bzVtd09kcVZMSm1UYTFUSkNpREpmeVVYSEYyNVB0R05TZEpzWW9SaGNRRVBySFZpcW1yWHprN2JtQ3RuL3lPcDF6dGZnME14NHVFbVBZZjdpVkdta1dGTWo5VHdKRDFLQmUyN0RxeUciLCJtYWMiOiJlMDJkMzdhZDIwYmI5ZDU4NzUyNzgwZDMwMzk4ZjZhOWU5OTg5MThjNTJjMzU4ZGFlYzZmODg2YzlhMWRlZTU3IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6Iks4Q0VDenVVN0dBL3JNcng4cUFpL2c9PSIsInZhbHVlIjoiRlJyMnhzdHYyQW41Vm5YVzJmRmlXM3JtU0hLNHdjYmplajJZcllFWCttekR0VzJKdXF2bVVKOUthZjgrY2pOQnNPVmVYVWZUQmIyRE8waGg5RWFIL2VUcEJBL3N5USt2bUZJREpMbWlhT2JaNmt2L2R5b1E3bFhVRHBveVNKVmwiLCJtYWMiOiI0YTljYTMwNTIxYTZmMTYxOGI5Mjc4MWY3MzE3ZDQ4MzRiZjQ0OGVhYjY0Nzg5MDk5MTcyNjMyYTExODhjNjg2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 11:30:20 GMT
content-type: image/svg+xml
last-modified: Fri, 08 Apr 2022 10:55:45 GMT
etag: W/"625014b1-56e8"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 243425
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i91QpGCJtDmiN%2F1XXhQVIp2vNdcn5QqBQ%2FRXDnm7y9FZkg31FdsSunD0zGeVHKEDRj9mmZlufFimIPBpOSP5llpKkpcZNNNUSyGnGLdYbkZkfG1ci%2B0fot2hPpqzrhP%2BDg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 790127e04b5bb523-OSL
content-encoding: br
X-Firefox-Spdy: h2
live.demand.supply/p4/v16-2-0/dXBmaWxlc3VybHMuY29tL2Q3SUk=
104.16.133.22200 OK 0 B URL HTTP/2 live.demand.supply/p4/v16-2-0/dXBmaWxlc3VybHMuY29tL2Q3SUk=
IP 104.16.133.22:0
GET /p4/v16-2-0/dXBmaWxlc3VybHMuY29tL2Q3SUk= HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/
Cookie: demandSupplyTi=8713c95f-3391-42de-9222-e28cce40cf00; __cf_bm=hvrZc0uiyJMTJB4g807iwQMW6O6dZatlvg.AjrFnUdo-1674819021-0-AYQStnSohNeRylFLDgDDWRAfURpZT2mXrs7DZWjrHF71yd16BdairuLSB/VMYBmGcNqfjEbeqy3SmBTatU3XSYs=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 11:30:21 GMT
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
vary: Accept-Encoding
server: cloudflare
cf-ray: 790127e2fbf4b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
upfilesurls.com/js/frontend.js?id=88f283c744d8a6e43cfb
104.26.8.138200 OK 0 B URL HTTP/2 upfilesurls.com/js/frontend.js?id=88f283c744d8a6e43cfb
IP 104.26.8.138:0
GET /js/frontend.js?id=88f283c744d8a6e43cfb HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://upfilesurls.com/d7II
Cookie: auth=eyJpdiI6IlV5VmwrVUNpVWhPWGpWeTZkSmFFYUE9PSIsInZhbHVlIjoiVURGejlmNUl1SU5jdi9nMXFsc05qUT09IiwibWFjIjoiMGQ3MTAzYTM4ZTE0MWM2MDlkOGY5YjEyOWJmNmFkZWU0YWZhMmIxMTBiYTI5YzJiM2ZhYWUxM2Y0N2FhYzBiYiIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6ImNuR0c4QXVodzdiWk1ERWw3OUhpNmc9PSIsInZhbHVlIjoiS1o1SGVlQnUrN3Z0UkhGY3ZIclB5eVZ1bzVtd09kcVZMSm1UYTFUSkNpREpmeVVYSEYyNVB0R05TZEpzWW9SaGNRRVBySFZpcW1yWHprN2JtQ3RuL3lPcDF6dGZnME14NHVFbVBZZjdpVkdta1dGTWo5VHdKRDFLQmUyN0RxeUciLCJtYWMiOiJlMDJkMzdhZDIwYmI5ZDU4NzUyNzgwZDMwMzk4ZjZhOWU5OTg5MThjNTJjMzU4ZGFlYzZmODg2YzlhMWRlZTU3IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6Iks4Q0VDenVVN0dBL3JNcng4cUFpL2c9PSIsInZhbHVlIjoiRlJyMnhzdHYyQW41Vm5YVzJmRmlXM3JtU0hLNHdjYmplajJZcllFWCttekR0VzJKdXF2bVVKOUthZjgrY2pOQnNPVmVYVWZUQmIyRE8waGg5RWFIL2VUcEJBL3N5USt2bUZJREpMbWlhT2JaNmt2L2R5b1E3bFhVRHBveVNKVmwiLCJtYWMiOiI0YTljYTMwNTIxYTZmMTYxOGI5Mjc4MWY3MzE3ZDQ4MzRiZjQ0OGVhYjY0Nzg5MDk5MTcyNjMyYTExODhjNjg2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 11:30:20 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=980842
etag: W/"63baab19-ef76a"
last-modified: Sun, 08 Jan 2023 11:38:01 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Accept-Encoding
cf-cache-status: HIT
age: 1638889
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=axZR9DXw5XmvFCl5m9%2B%2Fy9rotSeM2RhOXQMkela7vnkZYmDunOmUymEq%2FP1%2BqIfhOwG%2BTx2uylNq6dmskjrHyC2KY%2Bo7RFCawcohRKBt7YYvlrKfoU3CExQTg1%2BItq2h9g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790127e04b65b523-OSL
content-encoding: br
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.107.19200 OK 0 B IP 172.64.107.19:0
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Origin: https://upfilesurls.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 27 Jan 2023 11:30:21 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://upfilesurls.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 4536
last-modified: Fri, 27 Jan 2023 10:14:45 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=29tzfmNVBd3bFkLPLCz9B80Kr5JZdSGTHF2UmZS4VJjIU%2F15RjLpiodHCUikpdfYakmsU3gYwjC3M2qDQxhNW9f6jdNV2TNREiVNndGANoKUCs%2F%2F5%2BprsDGbOYGeWdPX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 790127e70b3b8862-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2