www.file-upload.net/download-14661967/advanced.rar.html
104.26.5.82301 Moved Permanently 0 B URL HTTP/1.1 www.file-upload.net/download-14661967/advanced.rar.html
IP 104.26.5.82:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /download-14661967/advanced.rar.html HTTP/1.1
Host: www.file-upload.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 21:56:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 26 Nov 2022 22:56:54 GMT
Location: https://www.file-upload.net/download-14661967/advanced.rar.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9iFmVxAFzp3rPJkjrD3xPwRd%2FldPFCtVcN01QseVdnVVDj6u%2FQB84kouZae6JTWvrAz4%2FMeUUlvXQbwMo5M2Ha8gdQCTwYNnqB7tojbhenKzVPCyBtIHkGpJ%2FvAne0OrD5iMzRM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7705e072fcff1c06-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a9f1d4d98705c281fed3b60343463200
db6f8aa98d2eda4e5473b116a222c3055568bb78
164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8119
Expires: Sun, 27 Nov 2022 00:12:14 GMT
Date: Sat, 26 Nov 2022 21:56:55 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 15b59d5e62caedb4bec3ba6724906c1e
960f801e608a56fdd11449f4face29f62cad2b21
8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3707
Cache-Control: max-age=135360
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:56:55 GMT
Etag: "6381eaec-1d7"
Expires: Mon, 28 Nov 2022 11:32:55 GMT
Last-Modified: Sat, 26 Nov 2022 10:31:08 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 26 Nov 2022 21:17:33 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2362
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8969
Expires: Sun, 27 Nov 2022 00:26:24 GMT
Date: Sat, 26 Nov 2022 21:56:55 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Xi0yQfO5V2Mx58yrfIjsvdOYWKZY/m+NfpjnRi4v2WLPAXcIGwNRHaw/lMTU781j300q9wMZEOI=
x-amz-request-id: HCHZJDVZ6JJVQDAQ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 26 Nov 2022 21:41:22 GMT
age: 933
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 14395ac1e5e8f4d9f8db56ee99f09c92
cf4e61aa2799611b2de0c8aaddd70bea55a23a53
b4995c48afa201dd66d24d533c2353520e94200079bc933fecb64218b9904b87
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4068
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:56:55 GMT
Etag: "6381a341-116"
Last-Modified: Sat, 26 Nov 2022 20:49:07 GMT
Server: ECS (amb/6BAC)
X-Cache: HIT
Content-Length: 278
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 21:56:55 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.file-upload.net/include/werbebanner-ad.js
104.26.5.82200 OK 25 B URL HTTP/2 www.file-upload.net/include/werbebanner-ad.js
IP 104.26.5.82:0
File type ASCII text, with no line terminators
Hash 7c6bd0b89a8dc214296b7dbcea7d1a66
65e461ce823a6bb0597c361d65dc994f4eb3dbe7
2bcd607d4aa3c03220e7e0ccfd77f57bd8f2717627e933061f8dbe5b9d47dd71
GET /include/werbebanner-ad.js HTTP/1.1
Host: www.file-upload.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file-upload.net/download-14661967/advanced.rar.html
Cookie: PHPSESSID=h0qm1hc6q0660kivn1fig7evdo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:56:55 GMT
content-type: application/javascript
content-length: 25
last-modified: Mon, 15 Aug 2016 13:54:01 GMT
etag: "19-53a1c90862ada"
cache-control: max-age=2678400
expires: Sat, 10 Dec 2022 10:37:26 GMT
cf-cache-status: HIT
age: 1509569
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c3f3Zm5NnLGuO8I0xQL7%2F356Is5Qb2LGlIzLpXGclt%2BTzxPG0ZtzNQEd4q4q5kbfDPjTyPNoDLxTrUJpW%2Borlly%2F7Re%2BMDn5bxcMUuoh19D3989qflhj39CoyPbCa%2B0rNf5W%2FyU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7705e076a90f1c02-OSL
X-Firefox-Spdy: h2
www.file-upload.net/images/file-upload.png
104.26.5.82200 OK 9.9 kB URL HTTP/2 www.file-upload.net/images/file-upload.png
IP 104.26.5.82:0
File type PNG image data, 309 x 46, 8-bit/color RGBA, non-interlaced\012- data
Hash f03db94b751b6b480090dac48d8d9b26
28fbbd69d759d02aa6b99119de4c31aad5e29e9e
75fbe717629d2aa1a45ba6b3da35090acd83d378479dd92aa0f144ffb9527514
GET /images/file-upload.png HTTP/1.1
Host: www.file-upload.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file-upload.net/download-14661967/advanced.rar.html
Cookie: PHPSESSID=h0qm1hc6q0660kivn1fig7evdo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:56:55 GMT
content-type: image/png
content-length: 9880
last-modified: Mon, 09 Sep 2013 20:40:20 GMT
etag: "2698-4e5f96595a509"
cache-control: max-age=2678400
expires: Sat, 10 Dec 2022 10:07:04 GMT
cf-cache-status: HIT
age: 1511391
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SHKMMGjF8PReLoMth7XxZnQIRVJXYyoebaEOzj5jWUfCfVlthR593Hw5rk2h1tnCQ1xdCP5MNtuR75vAONAga9%2Fcf6ZthKmuQ5r%2FyEg5FLAsq5AKa9A5Zv%2Fuo0xZBxk9EYf84W8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7705e076a90b1c02-OSL
X-Firefox-Spdy: h2
www.file-upload.net/images/us.png
104.26.5.82200 OK 609 B URL HTTP/2 www.file-upload.net/images/us.png
IP 104.26.5.82:0
File type PNG image data, 16 x 11, 8-bit/color RGB, non-interlaced\012- data
Hash 968591e0050981be9fa94bd2597afb48
dd9e149e2b5ad59dd8b4b262f5fdeb5cc10ecf43
36cce5cae3d2e0045b2b2b6cbffdad7a0aba3e99919cc219bbf0578efdc45585
GET /images/us.png HTTP/1.1
Host: www.file-upload.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file-upload.net/download-14661967/advanced.rar.html
Cookie: PHPSESSID=h0qm1hc6q0660kivn1fig7evdo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:56:55 GMT
content-type: image/png
content-length: 609
last-modified: Mon, 09 Sep 2013 20:40:54 GMT
etag: "261-4e5f967958fa6"
cache-control: max-age=2678400
expires: Sat, 17 Dec 2022 19:57:41 GMT
cf-cache-status: HIT
age: 871154
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gcgmher4TS3PdxVKASmPT%2Blrk3DGuuoTVZ7SqrEu7WMKBF84uE3r%2F11abnYTeIzyfCWYslFcZ6pV8LN5j0RMQGx8HnO6Cn4Pt7eucQUC7Z%2Bpy8NxTW3%2FoMVIYO%2B1nAtCLYPI3Cc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7705e076b9121c02-OSL
X-Firefox-Spdy: h2
www.file-upload.net/images/button_login.png
104.26.5.82200 OK 1.8 kB URL HTTP/2 www.file-upload.net/images/button_login.png
IP 104.26.5.82:0
File type PNG image data, 46 x 22, 8-bit/color RGBA, non-interlaced\012- data
Hash 1bac747a20923426c99e91438bdf6878
237147e47a3c941035352f498aa187b38f3086d2
899d6f3d52d1df7e85d4936f3b8f41a2e94349be68d03018be46939cc559da4d
GET /images/button_login.png HTTP/1.1
Host: www.file-upload.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file-upload.net/download-14661967/advanced.rar.html
Cookie: PHPSESSID=h0qm1hc6q0660kivn1fig7evdo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:56:55 GMT
content-type: image/png
content-length: 1775
last-modified: Mon, 09 Sep 2013 20:39:49 GMT
etag: "6ef-4e5f963baf5f2"
cache-control: max-age=2678400
expires: Fri, 23 Dec 2022 21:33:42 GMT
cf-cache-status: HIT
age: 346993
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0AW0YwzPDTApOjDOrbLhc0MaHFTxYBLVm7jVZiJvB6vWcmdf3g4OUOEcFuwyfmf6mqtjyA0Gl2bU5PLEUVBc6Qxr8Q2%2FUSHgbPgBlq7ppuJeimaHeR4JlpYid5Gah43uBCr97Ac%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7705e076c91a1c02-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 30f833b25d6e5af2229d9584c6f6cf97
ee79c3fa994d53c1d0687ca61353d63cce459e25
1bc091991c4663dbc86ae735e47ddc3e887a24661050ad9f24b8d458bfd11a6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:56:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.file-upload.net/styles/styles.css
104.26.5.82200 OK 40 kB URL HTTP/2 www.file-upload.net/styles/styles.css
IP 104.26.5.82:0
File type assembler source text\012- assembler source, ASCII text, with very long lines (407), with CRLF line terminators
Hash d912c01fff70b8922a95f3be7bdaf1a5
cdefd97ed30b56c687131741402b58db9787b34d
17c913c76660eac13531c7ac8548ca88256fdc04beac159a3c0e1c387830a775
GET /styles/styles.css HTTP/1.1
Host: www.file-upload.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file-upload.net/download-14661967/advanced.rar.html
Cookie: PHPSESSID=h0qm1hc6q0660kivn1fig7evdo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:56:55 GMT
content-type: text/css
last-modified: Mon, 04 Jan 2021 23:04:16 GMT
etag: W/"690a-5b81b1bf34d63-gzip"
cache-control: max-age=2678400
expires: Sun, 27 Nov 2022 17:22:43 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 16452
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2myzrA%2FNb%2BZbm%2FxNHtJGyBnzUn%2BmxIDQgwyO7Uoq4OVEjXLazeBqkwtmIOqzpIqZqqi%2BQR2tGxltionEVQX7Rn10hgEXsXEQ1d%2BzoRQI6D9IF99UshEpn935H4i9mkbIljKWV5M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7705e076a9071c02-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.file-upload.net/images/mod_login_input.png
104.26.5.82200 OK 2.3 kB URL HTTP/2 www.file-upload.net/images/mod_login_input.png
IP 104.26.5.82:0
File type PNG image data, 122 x 69, 8-bit/color RGBA, non-interlaced\012- data
Hash 25d2191f8455a1b039fe08ecdfda33b3
6b3b130ee5ded3823035d13035255a32120e459e
70f68aaece59db92ea7933d27c8c8f3551a5801c63399e64ae69d22c69e6a82e
GET /images/mod_login_input.png HTTP/1.1
Host: www.file-upload.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file-upload.net/styles/styles.css
Cookie: PHPSESSID=h0qm1hc6q0660kivn1fig7evdo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:56:55 GMT
content-type: image/png
content-length: 2310
last-modified: Mon, 09 Sep 2013 20:40:35 GMT
etag: "906-4e5f9667d573a"
cache-control: max-age=2678400
expires: Sat, 24 Dec 2022 09:23:47 GMT
cf-cache-status: HIT
age: 304388
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2BYByTgwuhdUCk%2FW2PCNupBX9zHrKZqbCjOa7WRqUw%2Fv2mfx5G5grXUnU3JCjVEp7RM8yCHnRlNtcVmd5HquKkQpx%2BhknKaC4pdZKDrqfzynh240L3jft79qcj2p7h2GqyqhmSQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7705e07749b31c02-OSL
X-Firefox-Spdy: h2
www.file-upload.net/js/custom.js
104.26.5.82200 OK 1.2 kB URL HTTP/2 www.file-upload.net/js/custom.js
IP 104.26.5.82:0
File type ASCII text, with CRLF line terminators
Hash d661c53e2b0028eafdf022aa5ce9c384
f6683f16660d62f47c703000a5de7ef56c54f65e
96aa085bcddbaa012f56c76edd07b63ac36a8052d753c5e9310048bc21d5c675
GET /js/custom.js HTTP/1.1
Host: www.file-upload.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file-upload.net/download-14661967/advanced.rar.html
Cookie: PHPSESSID=h0qm1hc6q0660kivn1fig7evdo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:56:55 GMT
content-type: application/javascript
last-modified: Mon, 02 Jan 2017 12:52:24 GMT
etag: W/"10a-5451c05f3dc5a-gzip"
cache-control: max-age=2678400
expires: Sat, 24 Dec 2022 06:03:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 316401
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UfWNUV74J2MlI5LIeYPhc3AR23%2BpHNijXD2Ox2VqAhP%2BX6qKj2HxFLRL5RATFGLeTt9LlGOQEXUq%2BUM2408mqc0kBxRptMKMs6WAnNCtxFLi56M6H%2BTCDW1kG7IoQ56GHnEp3os%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7705e076b9161c02-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js
142.250.74.164200 OK 553 B URL HTTP/2 www.google.com/recaptcha/api.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (850), with no line terminators
Hash 1309ff133720d219cc98090d66a051ed
b96fc5a893e42be16d687d7abdecdb13d348a019
358683c66634ea5ee3021c93111d8621d583880bcbbfadf3ec2ff87a15ea1038
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file-upload.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sat, 26 Nov 2022 21:56:55 GMT
date: Sat, 26 Nov 2022 21:56:55 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 553
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.file-upload.net/images/header_menu.png
104.26.5.82200 OK 1.1 kB URL HTTP/2 www.file-upload.net/images/header_menu.png
IP 104.26.5.82:0
File type PNG image data, 250 x 32, 8-bit/color RGB, non-interlaced\012- data
Hash 4825188aca0fbfab7fb8657740eca06b
4a2c1130fd24dd40196c39c7b88e6e96d7ceedc9
39c1ac4a52c526b6bdcf137d12954bbfbf68907ad4d76d89ecff7390b3d4ebae
GET /images/header_menu.png HTTP/1.1
Host: www.file-upload.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file-upload.net/styles/styles.css
Cookie: PHPSESSID=h0qm1hc6q0660kivn1fig7evdo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:56:55 GMT
content-type: image/png
content-length: 1100
last-modified: Mon, 09 Sep 2013 20:40:28 GMT
etag: "44c-4e5f9660a58e3"
cache-control: max-age=2678400
expires: Sun, 04 Dec 2022 10:56:38 GMT
cf-cache-status: HIT
age: 2026817
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WxLkj4ICEV%2BJXMgfD%2FVGlpcmKe6%2BN9mFlP%2Fz3XzI%2B2LUU8s04P%2F%2FVjr120WROQOZ14xVvJinMCpVkCTKyed6KSSCHCSLD4BOqGo%2Fh5ZrvwK4gInXQqDWk%2FNsFtRtmAcf9zkoJWY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7705e07749cd1c02-OSL
X-Firefox-Spdy: h2
www.file-upload.net/images/container_top.png
104.26.5.82200 OK 1.1 kB URL HTTP/2 www.file-upload.net/images/container_top.png
IP 104.26.5.82:0
File type PNG image data, 960 x 9, 8-bit/color RGBA, non-interlaced\012- data
Hash 26efa62d85a335ccaa936aa28687a0e0
7cdcbf45d7ede62f87ac93bc9bfedbebd4ccd585
fdc872081d748e91b69a70d5f76fa0335ec895d9fc5979259d8e5242160da341
GET /images/container_top.png HTTP/1.1
Host: www.file-upload.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file-upload.net/styles/styles.css
Cookie: PHPSESSID=h0qm1hc6q0660kivn1fig7evdo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:56:55 GMT
content-type: image/png
content-length: 1137
last-modified: Mon, 09 Sep 2013 20:39:58 GMT
etag: "471-4e5f96444b893"
cache-control: max-age=2678400
expires: Sat, 10 Dec 2022 10:07:04 GMT
cf-cache-status: HIT
age: 1511391
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HqgC6UyXdAsHIfcXwH79sEqGwjcRLs96%2Btl1yKEcihtOkH%2B%2BZ%2B5kKhLnVo8mK6H1hxt5FBTmuhDGQ%2FE8n3oaviGE5KZP4ovoGyzBiBh5I9ODdGoQKQYoUil1hBn2So2ganMEQws%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7705e0779a121c02-OSL
X-Firefox-Spdy: h2
www.file-upload.net/images/dateiname.png
104.26.5.82200 OK 2.1 kB URL HTTP/2 www.file-upload.net/images/dateiname.png
IP 104.26.5.82:0
File type PNG image data, 845 x 52, 8-bit/color RGBA, non-interlaced\012- data
Hash 6255b329e01dacc5ea1f0bf705ae0047
55b5644b51bba39a0b3b8445dcb6e613ef67def2
05d165cc1de12f1d4537d9a3d21cce447e6ce8590b1e503d8fd3766ef352b34a
GET /images/dateiname.png HTTP/1.1
Host: www.file-upload.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file-upload.net/styles/styles.css
Cookie: PHPSESSID=h0qm1hc6q0660kivn1fig7evdo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:56:55 GMT
content-type: image/png
content-length: 2130
last-modified: Sun, 03 Dec 2017 19:58:56 GMT
etag: "852-55f75082f5558"
cache-control: max-age=2678400
expires: Sun, 27 Nov 2022 18:38:58 GMT
cf-cache-status: HIT
age: 2603877
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nXPO7BKBN2YM8VkuE9ClxCNGAvkReRjZMR0PJEW7fwx2F1HFSfjxA3nBUp8qkGqy1YBLuyy%2Bi98HP7nVL2Dmen3ezht433PcZhrb8J2qqq%2BOuYIDjhu%2BPewdC6VujsMzRJka9xw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7705e0779a161c02-OSL
X-Firefox-Spdy: h2
www.file-upload.net/images/klammer.png
104.26.5.82200 OK 1.4 kB URL HTTP/2 www.file-upload.net/images/klammer.png
IP 104.26.5.82:0
File type PNG image data, 25 x 45, 8-bit/color RGBA, non-interlaced\012- data
Hash 8bef927ffef9f77ecbc971aaa983d03f
938288cc044d8707e3555f83c8071d5384270470
18f1858ca6a48d6146dd0e09d83728345f061f37413f4ea307f5ea5aae6aa361
GET /images/klammer.png HTTP/1.1
Host: www.file-upload.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file-upload.net/styles/styles.css
Cookie: PHPSESSID=h0qm1hc6q0660kivn1fig7evdo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:56:55 GMT
content-type: image/png
content-length: 1406
last-modified: Mon, 09 Sep 2013 20:40:32 GMT
etag: "57e-4e5f9664f51a4"
cache-control: max-age=2678400
expires: Sat, 17 Dec 2022 19:57:41 GMT
cf-cache-status: HIT
age: 871154
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=msufHr9vb2FIygEnbHrb2Mfp30Qb8ClDSzBa%2FP%2FTpbzFRAJHVSOZ5loealxUaATtSUxquCH8yCAeab6S2LI0xz91GwPej9HphGqyzx%2FJqFJ2H0b5%2FHe4Yh0geOiOBIF8hWH0lp0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7705e0779a141c02-OSL
X-Firefox-Spdy: h2
www.file-upload.net/images/container.png
104.26.5.82200 OK 1.0 kB URL HTTP/2 www.file-upload.net/images/container.png
IP 104.26.5.82:0
File type PNG image data, 960 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 39217f2392a12f33822402e24c562474
6474a76df1f7c959b23b4587ffdb17fc6b907a80
a689740126d53eb144e9be8714e3989de4f0d0fe32e7d64596b799d674889029
GET /images/container.png HTTP/1.1
Host: www.file-upload.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file-upload.net/styles/styles.css
Cookie: PHPSESSID=h0qm1hc6q0660kivn1fig7evdo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:56:55 GMT
content-type: image/png
content-length: 1041
last-modified: Mon, 09 Sep 2013 20:39:55 GMT
etag: "411-4e5f96416c29d"
cache-control: max-age=2678400
expires: Sun, 04 Dec 2022 10:56:39 GMT
cf-cache-status: HIT
age: 2026816
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=guEZG2uZPPeyupjC50tVdLtN4CrCBHhZhaBxxslc7DALPz20n4IcNj1PD6kHFjSadcNUbKxTByToi11dMr265DHx%2F534Bod3hMnn4yDML%2FyXttDjOlH%2FQYUSz2y403EXTdhRM0s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7705e0779a131c02-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e922b25acaba2d7f8921ebe973a4b261
5dd4c237c84a652cbcf3db163529f3788ceafc46
a7856c7777aa01b671ddae097494f2b031cbbddc7b244fe8714a8c02b85d8589
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:56:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ae452333438465bef0a71a80768855a0
dae89646a66487e12b6dba40b7796c4b608506bd
dc15bc4a1e175a446f69fedc8475164a75477dd7a455b044f0ca85884f873917
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4762
Cache-Control: max-age=108306
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:56:55 GMT
Etag: "63817d1f-1d7"
Expires: Mon, 28 Nov 2022 04:02:01 GMT
Last-Modified: Sat, 26 Nov 2022 02:42:39 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
www.file-upload.net/include/cookie-consent.js
104.26.5.82200 OK 29 kB URL HTTP/2 www.file-upload.net/include/cookie-consent.js
IP 104.26.5.82:0
File type Unicode text, UTF-8 text, with very long lines (64407), with no line terminators
Hash faf095a9a64a1e5809807e4594f9780c
6813e65cfc1a4545eac5957e981e01cd8bb7edf7
0e6715fdce566df98dd83bad726c51c07c2923f1a62d077ddc507ff017254e2e
GET /include/cookie-consent.js HTTP/1.1
Host: www.file-upload.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file-upload.net/download-14661967/advanced.rar.html
Cookie: PHPSESSID=h0qm1hc6q0660kivn1fig7evdo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:56:55 GMT
content-type: application/javascript
last-modified: Wed, 02 Jun 2021 10:11:59 GMT
etag: W/"1afbb-5c3c5b06d5495-gzip"
cache-control: max-age=2678400
expires: Sun, 04 Dec 2022 10:56:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2026817
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ANUy75EmWqHhBK%2FgmOVmTwmcaygmSkP%2F1O%2BmRs3rL6b9q3nrI7R2RX1cjoYTBmcR08zKv5z826oOjWQJRiudVYBk16UP64NvDdFhrpQGxStW4wUxCVr9JJsYflBNcswAgXPo2A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7705e076b9171c02-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ae452333438465bef0a71a80768855a0
dae89646a66487e12b6dba40b7796c4b608506bd
dc15bc4a1e175a446f69fedc8475164a75477dd7a455b044f0ca85884f873917
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4762
Cache-Control: max-age=108306
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:56:55 GMT
Etag: "63817d1f-1d7"
Expires: Mon, 28 Nov 2022 04:02:01 GMT
Last-Modified: Sat, 26 Nov 2022 02:42:39 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 26 Nov 2022 21:11:12 GMT
cache-control: public,max-age=3600
age: 2743
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 770d1d93fcd1e38df170246c7e5cc6dc
161be6ba1c374e4912499c1da9ccf5ceba2fb2c1
3c825acaaa90f23a0d61eb28ed2bc3fa3437fe8d6b416fb8142be14f6a9e5054
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C825ACAAA90F23A0D61EB28ED2BC3FA3437FE8D6B416FB8142BE14F6A9E5054"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8563
Expires: Sun, 27 Nov 2022 00:19:38 GMT
Date: Sat, 26 Nov 2022 21:56:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 770d1d93fcd1e38df170246c7e5cc6dc
161be6ba1c374e4912499c1da9ccf5ceba2fb2c1
3c825acaaa90f23a0d61eb28ed2bc3fa3437fe8d6b416fb8142be14f6a9e5054
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C825ACAAA90F23A0D61EB28ED2BC3FA3437FE8D6B416FB8142BE14F6A9E5054"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8563
Expires: Sun, 27 Nov 2022 00:19:38 GMT
Date: Sat, 26 Nov 2022 21:56:55 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d3df71aab146eefc49acb608796aab63
8401892995193919376dfcd798b09c8261579454
a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4293
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:56:56 GMT
Last-Modified: Sat, 26 Nov 2022 20:45:23 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
pl16127240.trustedcpmrevenue.com/f5/29/02/f5290245e2d0af25a9b4828613ce8328.js
173.233.137.36200 OK 13 kB URL HTTP/1.1 pl16127240.trustedcpmrevenue.com/f5/29/02/f5290245e2d0af25a9b4828613ce8328.js
IP 173.233.137.36:0
File type ASCII text, with very long lines (37134), with no line terminators
Hash f46cd346ab09f2c8398391b331654a6f
e8b019982d76094a8de3e838528221ee628df427
4567cf640678c4f4ca3d7d0ea694c8c3836cc8023713aa5d62d870858e55b204
GET /f5/29/02/f5290245e2d0af25a9b4828613ce8328.js HTTP/1.1
Host: pl16127240.trustedcpmrevenue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file-upload.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 21:56:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f9914099287195a29b060f8a5f0e42a4
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
pl14294945.trustedcpmrevenue.com/84/4a/71/844a71fdf0e30c1b81395db55473a737.js
173.233.139.164200 OK 21 kB URL HTTP/1.1 pl14294945.trustedcpmrevenue.com/84/4a/71/844a71fdf0e30c1b81395db55473a737.js
IP 173.233.139.164:0
File type HTML document, ASCII text, with very long lines (60177), with no line terminators
Hash 4ae4643e616842a79a5d2ce08ffbd3d4
d6505fa16defd2841633adb38b33e151a6a45c9b
7ff9c2dccf245495b7139f8c2f632408d48c4a1758608a3fce01ba24dbd997fe
GET /84/4a/71/844a71fdf0e30c1b81395db55473a737.js HTTP/1.1
Host: pl14294945.trustedcpmrevenue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file-upload.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 21:56:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 012e1113b7cedaa47b53cbb60b3c2caf
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d438e1af63e2f2b0e0cdf2a74966ab91
37e36842937ddc6abf543f0623894e770cc06118
a5121c332d69fbec0378a247a93432ecc3f00014bd67df9b1ff613bea57af4d1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A5121C332D69FBEC0378A247A93432ECC3F00014BD67DF9B1FF613BEA57AF4D1"
Last-Modified: Fri, 25 Nov 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7298
Expires: Sat, 26 Nov 2022 23:58:34 GMT
Date: Sat, 26 Nov 2022 21:56:56 GMT
Connection: keep-alive
www.file-upload.net/images/container_bottom.png
104.26.5.82200 OK 1.3 kB URL HTTP/2 www.file-upload.net/images/container_bottom.png
IP 104.26.5.82:0
File type PNG image data, 960 x 19, 8-bit/color RGBA, non-interlaced\012- data
Hash 6ceda3386ff7467d4902b5e3032e80a2
24269149a40909870a579251b85740ba3ed0ac95
f025b6e422066c3b6e4facc0a92f353c60c59760a6823d08d0da5f3e5589cbdc
GET /images/container_bottom.png HTTP/1.1
Host: www.file-upload.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file-upload.net/styles/styles.css
Cookie: PHPSESSID=h0qm1hc6q0660kivn1fig7evdo; ppu_show_on_844a71fdf0e30c1b81395db55473a737=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:56:56 GMT
content-type: image/png
content-length: 1339
last-modified: Mon, 09 Sep 2013 20:39:57 GMT
etag: "53b-4e5f9642dc568"
cache-control: max-age=2678400
expires: Sat, 10 Dec 2022 13:05:01 GMT
cf-cache-status: HIT
age: 1500715
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D2RgR6ukUcv93LnMdH%2B4PxYLqHFhpcGURP5X186EoBuIW9iP063CgPnDYZFH1QgMHVqDYbr2aU5EAn4z6mIGi1hiv4SxppUrwwjRi1pM3BQzxnRhwBQK%2B%2FLsc4d9Bw0b%2FYhidI8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7705e07bdeac1c02-OSL
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.13.173.34101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.13.173.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: xwQ9XnDqPaktrvVQ1KVbDw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tiZ19k02yZ3BFpWixgTMoD4OyR0=
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 4af47334194a0d10c2bfd52f16eb91ac
8ea04d240499dea43f26c738c8428df118dd622d
6741505308b8f473e68a567b74e6cd099b7a624b3711cc0acab45b2add675f74
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=145932
Date: Sat, 26 Nov 2022 21:56:56 GMT
Etag: "63821517-1d7"
Expires: Mon, 28 Nov 2022 14:29:08 GMT
Last-Modified: Sat, 26 Nov 2022 13:31:03 GMT
Server: ECS (dcb/7F38)
X-Cache: Miss from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: zhzQOhiGTYLuqZmLIgGupxWKJ_qcCqSwW2Pd6ZIePec5smctfYMnpQ==
Age: 3485
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 4af47334194a0d10c2bfd52f16eb91ac
8ea04d240499dea43f26c738c8428df118dd622d
6741505308b8f473e68a567b74e6cd099b7a624b3711cc0acab45b2add675f74
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=146935
Date: Sat, 26 Nov 2022 21:56:56 GMT
Etag: "63821517-1d7"
Expires: Mon, 28 Nov 2022 14:45:51 GMT
Last-Modified: Sat, 26 Nov 2022 13:31:03 GMT
Server: ECS (dcb/7EEC)
X-Cache: Miss from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: rNZ3X7Z5xoKPmU2Z7kYfXGFQg97Vw-8thc2d3-702RlMlsSqcBhtzQ==
Age: 4488
simplewebanalysis.com/stats
18.185.190.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.185.190.54:0
File type ASCII text, with no line terminators
Hash 806d8219471c596dbfba0d0d701ff6d9
c60255150d085c4068f71b9585630798e5307eae
638f6ebb241c49d2276d10402cef635dbf86eac373eba1208f8857c745c84387
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.file-upload.net
Connection: keep-alive
Referer: https://www.file-upload.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:56:56 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.file-upload.net
access-control-allow-credentials: true
set-cookie: uid_id2=2b36d21b-ee23-463a-b553-e8e06fcc053a:1:1; expires=Tue, 23 Nov 2032 21:56:56 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d438e1af63e2f2b0e0cdf2a74966ab91
37e36842937ddc6abf543f0623894e770cc06118
a5121c332d69fbec0378a247a93432ecc3f00014bd67df9b1ff613bea57af4d1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A5121C332D69FBEC0378A247A93432ECC3F00014BD67DF9B1FF613BEA57AF4D1"
Last-Modified: Fri, 25 Nov 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7298
Expires: Sat, 26 Nov 2022 23:58:34 GMT
Date: Sat, 26 Nov 2022 21:56:56 GMT
Connection: keep-alive
simplewebanalysis.com/stats
18.185.190.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.185.190.54:0
File type ASCII text, with no line terminators
Hash a463a78913716d3612c98e3d85932cd0
b2155af59c2e2b9d9ad37254136f4b6e6c4e8541
ebeb12b5030fc993bbd5fcbffe159472c1daa0d67d83fa4395a82af63bd27b86
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.file-upload.net
Connection: keep-alive
Referer: https://www.file-upload.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:56:56 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.file-upload.net
access-control-allow-credentials: true
set-cookie: uid_id2=4adca8f1-5246-4f1c-9b17-78be783bc211:2:1; expires=Tue, 23 Nov 2032 21:56:56 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 110fe5160840681a476d93793f7942c0
f80a103ed642d0db8c008939d7bfc2621681747b
ded9668d16fdba5a785700ae8d8427758811695525d05419914b5e0fbdf8df7e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DED9668D16FDBA5A785700AE8D8427758811695525D05419914B5E0FBDF8DF7E"
Last-Modified: Sat, 26 Nov 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5383
Expires: Sat, 26 Nov 2022 23:26:39 GMT
Date: Sat, 26 Nov 2022 21:56:56 GMT
Connection: keep-alive
wastedinvaluable.com/pixel/purst?dl=0&th=0&sc=0&rs=1473&rd=1473&fd=884&bv=22.10.v.9&tmpl=70
192.243.61.227200 OK 0 B URL HTTP/1.1 wastedinvaluable.com/pixel/purst?dl=0&th=0&sc=0&rs=1473&rd=1473&fd=884&bv=22.10.v.9&tmpl=70
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/purst?dl=0&th=0&sc=0&rs=1473&rd=1473&fd=884&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: wastedinvaluable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file-upload.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 26 Nov 2022 21:56:56 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a22bc94a1116f343d9c3377cfd4fc5b2
b0bad6a620abd0c33a96c32721ad87849da9f9e6
294cd4b44650b17a93cbe9a4de887ad1da8ab8c11105707cccff17812a8d5890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:56:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:56:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ba38de08e280647cbb86344a1333d111
5554f52a584ccfde961c4f14c2cf1c3beb74af51
cc3953bcff0f9aaeb59b71e15c8b72bcac9d94ff203eeccbf159b40cf38521e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CC3953BCFF0F9AAEB59B71E15C8B72BCAC9D94FF203EECCBF159B40CF38521E9"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3217
Expires: Sat, 26 Nov 2022 22:50:34 GMT
Date: Sat, 26 Nov 2022 21:56:57 GMT
Connection: keep-alive
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.163200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.file-upload.net
Connection: keep-alive
Referer: https://www.file-upload.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 21:26:04 GMT
expires: Sun, 26 Nov 2023 21:26:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 1853
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1292383683261552
142.250.74.98200 OK 49 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1292383683261552
IP 142.250.74.98:0
File type ASCII text, with very long lines (4885)
Hash 3d6d4d3b0f18d44e56149a3de19584ed
ca966918cf030e324266e631500ffe0753c34a4a
f8c1dec457c00ccfe66c4dd40615b74cbd3185d796cebd5b8dac821246a95d90
GET /pagead/js/adsbygoogle.js?client=ca-pub-1292383683261552 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.file-upload.net
Connection: keep-alive
Referer: https://www.file-upload.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 26 Nov 2022 21:56:57 GMT
expires: Sat, 26 Nov 2022 21:56:57 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 1921206553205162435
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49268
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:56:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a22bc94a1116f343d9c3377cfd4fc5b2
b0bad6a620abd0c33a96c32721ad87849da9f9e6
294cd4b44650b17a93cbe9a4de887ad1da8ab8c11105707cccff17812a8d5890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:56:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash af7b8db21256a1e9513f134f4a83aa7f
a81fc3bc0519040bfcbd9e2875b6aaa44259bc4d
84eb422804f5bb5cb226d1e778f4e98e3bbc5b99e0a7f8ab91aeeb1a5502f117
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "84EB422804F5BB5CB226D1E778F4E98E3BBC5B99E0A7F8AB91AEEB1A5502F117"
Last-Modified: Fri, 25 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11320
Expires: Sun, 27 Nov 2022 01:05:37 GMT
Date: Sat, 26 Nov 2022 21:56:57 GMT
Connection: keep-alive
www.file-upload.net/images/downbutton2.gif
104.26.5.82200 OK 5.4 kB URL HTTP/2 www.file-upload.net/images/downbutton2.gif
IP 104.26.5.82:0
File type GIF image data, version 87a, 190 x 58\012- data
Hash d8d1c655831f6d65cda388ec1b5443ce
a040cbf6a35559471b4661052848ffb381225e88
4343a7a085c36c557f2dcb85f5c3c80294269a1e9d190240ec48ed1ac15d2c04
GET /images/downbutton2.gif HTTP/1.1
Host: www.file-upload.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file-upload.net/download-14661967/advanced.rar.html
Cookie: PHPSESSID=h0qm1hc6q0660kivn1fig7evdo; ppu_show_on_844a71fdf0e30c1b81395db55473a737=1; cookie_consent_level=%7B%22strictly-necessary%22%3Atrue%2C%22functionality%22%3Afalse%2C%22tracking%22%3Afalse%2C%22targeting%22%3Afalse%7D; dom3ic8zudi28v8lr6fgphwffqoz0j6c=4adca8f1-5246-4f1c-9b17-78be783bc211%3A2%3A1; sb_main_f5290245e2d0af25a9b4828613ce8328=1; sb_count_f5290245e2d0af25a9b4828613ce8328=1; ppu_main_844a71fdf0e30c1b81395db55473a737=1; ppu_exp_844a71fdf0e30c1b81395db55473a737=1669507016666
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:56:57 GMT
content-type: image/gif
content-length: 5351
last-modified: Sat, 05 Apr 2014 19:43:40 GMT
etag: "14e7-4f650d9e289db"
cache-control: max-age=2678400
expires: Sat, 10 Dec 2022 13:21:48 GMT
cf-cache-status: HIT
age: 1499709
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AoxGn3EyymVxKi0L%2BaD0IgopCex9W6hLCi5v8cfzoApyX3AAjpx5QZryfjIrbHPye8%2Fzp42rw49efb0PAmXnI7KP76bmcOeNarQFuktM6xU8VUtPqgWOcSgte3eUigNUQnc5P64%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7705e0818d741c02-OSL
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
142.250.74.66200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
IP 142.250.74.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20221110/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file-upload.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Sat, 26 Nov 2022 10:25:42 GMT
expires: Sat, 10 Dec 2022 10:25:42 GMT
cache-control: public, max-age=1209600
age: 41475
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
banquetunarmedgrater.com/advertisers.js
192.243.61.227200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file-upload.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 26 Nov 2022 21:56:57 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f8be671cca4c318e89b6918e1385b2e9
Strict-Transport-Security: max-age=0; includeSubdomains
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 12:31:58 GMT
expires: Sun, 26 Nov 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 33899
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 21:46:16 GMT
expires: Fri, 24 Nov 2023 21:46:16 GMT
cache-control: public, max-age=31536000
age: 173441
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17595
Expires: Sun, 27 Nov 2022 02:50:12 GMT
Date: Sat, 26 Nov 2022 21:56:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17595
Expires: Sun, 27 Nov 2022 02:50:12 GMT
Date: Sat, 26 Nov 2022 21:56:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17595
Expires: Sun, 27 Nov 2022 02:50:12 GMT
Date: Sat, 26 Nov 2022 21:56:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17595
Expires: Sun, 27 Nov 2022 02:50:12 GMT
Date: Sat, 26 Nov 2022 21:56:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17595
Expires: Sun, 27 Nov 2022 02:50:12 GMT
Date: Sat, 26 Nov 2022 21:56:57 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 433875a1b1fef34e45f2d8ac344c07e3
f2129466436cbbdd58abe42a47fb7af19eba58e6
ab1e7b46f3804640c7dd94d70c8c31ec2dfc3e2f0f015a8556d04d9d9089c450
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5099
x-amzn-requestid: 57648043-7820-453d-9549-0f743b6c2557
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4jFBvoAMFl1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-53b59d607b82c264180f469d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: VsdLWuh4rCawI5V0YYGaHxEMl2YEVNgsbjfCwzDsrnCZhRK2FkCkVw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:41 GMT
age: 316
etag: "f2129466436cbbdd58abe42a47fb7af19eba58e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AVwDLlKoy5pc9NNuR_OakMB0ONGAoO-k2AKwV--b2sjiaqYSKAWlZg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:37 GMT
age: 320
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 76c00eceed956377d7469ef58b0815cb
97a135335f5b1b042adeb385718f8808cb78528b
81fb72ab752b2eb39ab6ee015055304490b3b6c3259968703fd07c2a2eed1e61
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7380
x-amzn-requestid: 18589644-299c-4a39-9376-db1bd1472009
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iEegIAMFeuQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-23990acc0fdc599a75a534e3;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RqsZxAtbOkWBGbXJ3sZHxcS-ZvWOw7Yg2Qd4zj0QLhrp3wAXC8w6jA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:50:08 GMT
age: 409
etag: "97a135335f5b1b042adeb385718f8808cb78528b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
parkingridiculous.com/sbar.json?key=f5290245e2d0af25a9b4828613ce8328&uuid=2b36d21b-ee23-463a-b553-e8e06fcc053a%3A1%3A1
192.243.61.227200 OK 4.4 kB URL HTTP/1.1 parkingridiculous.com/sbar.json?key=f5290245e2d0af25a9b4828613ce8328&uuid=2b36d21b-ee23-463a-b553-e8e06fcc053a%3A1%3A1
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (6185), with no line terminators
Hash 19d904e4d43e47252a92e49fcb9f27e0
99612ff7261629a334386344643de56df2999afd
034e845811860cfc4275ebb22a4bd1c36db5658b9c81e3085002e0ff1fe0c925
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=f5290245e2d0af25a9b4828613ce8328&uuid=2b36d21b-ee23-463a-b553-e8e06fcc053a%3A1%3A1 HTTP/1.1
Host: parkingridiculous.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.file-upload.net
Connection: keep-alive
Referer: https://www.file-upload.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 26 Nov 2022 21:56:57 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.file-upload.net
Access-Control-Allow-Origin: https://www.file-upload.net
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16026741; expires=Sun, 27 Nov 2022 21:56:57 GMT; secure; SameSite=None
uid_id2=2b36d21b-ee23-463a-b553-e8e06fcc053a:1:1; expires=Sat, 03 Dec 2022 21:56:57 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 27 Nov 2022 21:56:57 GMT; secure; SameSite=None
uncs=1; expires=Sun, 27 Nov 2022 21:56:57 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sun, 27 Nov 2022 21:56:57 GMT; secure; SameSite=None
uncs29=1; expires=Sun, 27 Nov 2022 21:56:57 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ebfbee6f05104df78881572deda08beb
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1db6041a0bdb2319ae85afcc30caaeec
3b0ec6a7188dadf986f72fda8110296d9abd6f35
05f1f9b7834e7268dc34e3233434217f58cb68ee43a403cd08d0bb0ab4f37815
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13049
x-amzn-requestid: 2755f206-af23-4597-b4b9-7dae5001d6be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBsvpHDJoAMFhFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d5b30-600008f573bd7e0024585eb1;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 23:28:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: z7Hy7zEJmW8khrRb_uNcDa3UATX8DaKsdis-wUJAXfOZN4BM-0JtvQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 01:46:48 GMT
age: 72609
etag: "3b0ec6a7188dadf986f72fda8110296d9abd6f35"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde03fed4-26de-4471-bc0e-a0c0483636ce.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde03fed4-26de-4471-bc0e-a0c0483636ce.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6ee5071a31d351c552aa651e40b16189
6fca9136030ea6f67be44e428ea39c34ff3e28e7
8d52f14267b8bd47119954796ff6c5d54eb6aa5d23c6e8bbd246108a5b89c1d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde03fed4-26de-4471-bc0e-a0c0483636ce.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8254
x-amzn-requestid: e12624ea-58c6-4f39-826c-8a1d87ebc5ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFySQGegIAMF-HA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637efda7-2c5e216a0d8a1502615186a8;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 05:14:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0Ylris3tg94-66p8L5kYl2zgnVZ4mCc04ju96DslaB97Dfr-6nTyfA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:52:26 GMT
age: 271
etag: "6fca9136030ea6f67be44e428ea39c34ff3e28e7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 741ddfb19764ac9a77509e7e87cfbfb2
308c08784ce4a0757cbd112807555b83e17a1d56
e9271a76da94d8b655860c3b00d111396c5d3a227fd2f19e0ef400fd5e84d87e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8817
x-amzn-requestid: 31bd21c7-1d75-4159-af51-52035da16da4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-krGE6AIAMF2Kg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637c1b13-32a7b9c6642592c70783a0cf;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 00:42:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6v42KU65wdKKPvjE7TRA3Li3o2dvrdPH7oGVDZGPPsAepqFFjQJkkA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 16:15:20 GMT
age: 20497
etag: "308c08784ce4a0757cbd112807555b83e17a1d56"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f3424fd0abb5ab18be62cd209cb3d3dc
dbb2a21b12e92c8837c4346b6d052454bb6dffd6
e69548655278cf6a48fce549928656eb5a91d787e7b1afc12959e2bffb58990b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:56:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e922b25acaba2d7f8921ebe973a4b261
5dd4c237c84a652cbcf3db163529f3788ceafc46
a7856c7777aa01b671ddae097494f2b031cbbddc7b244fe8714a8c02b85d8589
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:56:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=www.file-upload.net
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=www.file-upload.net
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.file-upload.net HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file-upload.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 26 Nov 2022 21:56:57 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=www.file-upload.net
216.58.207.226200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=www.file-upload.net
IP 216.58.207.226:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.file-upload.net HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file-upload.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 26 Nov 2022 21:56:57 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f3424fd0abb5ab18be62cd209cb3d3dc
dbb2a21b12e92c8837c4346b6d052454bb6dffd6
e69548655278cf6a48fce549928656eb5a91d787e7b1afc12959e2bffb58990b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:56:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 69b4c95baca69139e9e4f7e5ffa6bace
a33af721a9defcb815716234aafdb69de7169455
9f752625bea112bc5402067fd695ba893590e6de9844de640a663e4e8fdc1475
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:56:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=www.file-upload.net&callback=_gfp_s_&client=ca-pub-1292383683261552&gpid_exp=1
172.217.21.162200 OK 256 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=www.file-upload.net&callback=_gfp_s_&client=ca-pub-1292383683261552&gpid_exp=1
IP 172.217.21.162:0
File type ASCII text, with very long lines (397), with no line terminators
Hash ab856e7a4ae3f208348a8fd66829ab9d
72bffa6653b5b326c63bbd0565513ab0389e88e3
1e8363294e43a250390a66dabd823ed56fd86ff712dd0c12caead80d6e980215
GET /gampad/cookie.js?domain=www.file-upload.net&callback=_gfp_s_&client=ca-pub-1292383683261552&gpid_exp=1 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file-upload.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 26 Nov 2022 21:56:57 GMT
server: cafe
cache-control: private
content-length: 256
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 69b4c95baca69139e9e4f7e5ffa6bace
a33af721a9defcb815716234aafdb69de7169455
9f752625bea112bc5402067fd695ba893590e6de9844de640a663e4e8fdc1475
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:56:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f3a3efe248a599bcccf04881f3d686cb
10e5741399303e7c20f334d8dd72b4b8c968c0d4
cef064183db51cefadcca610b91c5ea86154ae2024029d60e59a152a7a3b1723
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEF064183DB51CEFADCCA610B91C5EA86154AE2024029D60E59A152A7A3B1723"
Last-Modified: Sat, 26 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8150
Expires: Sun, 27 Nov 2022 00:12:47 GMT
Date: Sat, 26 Nov 2022 21:56:57 GMT
Connection: keep-alive
parkingridiculous.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuzo%2BLnhK8eFDm4EHBne0f07Mz5hASYyQYs0sSXfBWv3q2nJqupqp7enbxsCQgARUmJz32frObJRrU%2FAGCzHoJC8KOB1nE9SbelZxlZgdGH1S99%2Bp7h%2B%2F7Xn26U5wQHwU9XnvfbCmt6XJc92uvr6tUmNLVbt2tBX7dv1RbV2mzcak2mF62%2F1bgx3X%2Fjdq7knfNcugHvh%2F4Qe26sjIxg%2BUZCpU9aQf1tl9vhPUgbmBg%2F9%2B7woOjHkT%2FhFyEEpPzG8%2BeQvEx0t7316Tr5iZ7851eoWluLPpi%2F4O0m5oyRW9RJtZDku7Pp2HchJCvzsCk%2B3MFMP3dqQIwNSHerwFYuj%2BnCdbfO2XKNGQKJl5E2R9D6jEUHYOb%2B1DiiABc4NYq0t6jW8aWdPMUpVN0Qs49%2FxuqnJBzv7%2BEtPftVa0GtTtGF7kyqcMgqaAGY6jOGFlxgHzLgyoPwPN7UOJnsvz8JtLe7qrTBkocvxayqCnCgC1JGUZLjWZEl1gcR0uyJf1mwrkfR3RmkVJjqGQMLYegzkMxPcpDkXgoMg89cVyjcTvx%2FZWEJVHUanDOo4jzuNUUsYgarcRHwacahsizIbgegtttZHYbXfXwKL4IW%2FwIt1HBCQ8uJ%2BiLCqUkKB1BSQlKRVDmBGW%2F2hPaha56JLQrWDDP4TxH1cjknR26Z%2FKOTMlOdkIuzLz75%2FMCXXlcS%2BKw7YeNWIbCp0kY0zZrtMJWM4i4bEVhC05VUO7MTOnWdJHnc2RqQshvz8DoAZw%2BAFcXQItXQMvRSuiDbowaLR9b6XeJ0nKpyLShop7KHMJUyPJzyDe9HX1CXp5Raf%2FpQfLDy19%2BsfrHJfERuK2Q2Qofq58IOvrB6LYpye5tUzrydDXLVU9t0emK7%2BQ0l2e%2Ffk9ulsaKG9fc8PEVPgWm5ZO70uU3aSpU2nHkm6tKCGmvG8sl%2BeGGW5dsrXAbVwubFtnNtbev3%2BhlVjqnTDoGVUcffgKuJuQF25193lf%2FugJlx7BFhV5xSOYBZcbg2TZctmDvDIHVixmWeSiLamRDtnjUikDLRU9ZBfefni3qHfcAHeuB5veR9ir0bYW%2BrkD1EK44O8oze3j5l2gWYNobMW29XaatfnhqrVPHNRknfiL9ULKkzZIV6ot20mgz2g7kCotpgNxN%2BL3PHv8LAAD%2F%2FwEAAP%2F%2FguOb4ZQEAAA%3D
192.243.61.227200 OK 7 B URL HTTP/1.1 parkingridiculous.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuzo%2BLnhK8eFDm4EHBne0f07Mz5hASYyQYs0sSXfBWv3q2nJqupqp7enbxsCQgARUmJz32frObJRrU%2FAGCzHoJC8KOB1nE9SbelZxlZgdGH1S99%2Bp7h%2B%2F7Xn26U5wQHwU9XnvfbCmt6XJc92uvr6tUmNLVbt2tBX7dv1RbV2mzcak2mF62%2F1bgx3X%2Fjdq7knfNcugHvh%2F4Qe26sjIxg%2BUZCpU9aQf1tl9vhPUgbmBg%2F9%2B7woOjHkT%2FhFyEEpPzG8%2BeQvEx0t7316Tr5iZ7851eoWluLPpi%2F4O0m5oyRW9RJtZDku7Pp2HchJCvzsCk%2B3MFMP3dqQIwNSHerwFYuj%2BnCdbfO2XKNGQKJl5E2R9D6jEUHYOb%2B1DiiABc4NYq0t6jW8aWdPMUpVN0Qs49%2FxuqnJBzv7%2BEtPftVa0GtTtGF7kyqcMgqaAGY6jOGFlxgHzLgyoPwPN7UOJnsvz8JtLe7qrTBkocvxayqCnCgC1JGUZLjWZEl1gcR0uyJf1mwrkfR3RmkVJjqGQMLYegzkMxPcpDkXgoMg89cVyjcTvx%2FZWEJVHUanDOo4jzuNUUsYgarcRHwacahsizIbgegtttZHYbXfXwKL4IW%2FwIt1HBCQ8uJ%2BiLCqUkKB1BSQlKRVDmBGW%2F2hPaha56JLQrWDDP4TxH1cjknR26Z%2FKOTMlOdkIuzLz75%2FMCXXlcS%2BKw7YeNWIbCp0kY0zZrtMJWM4i4bEVhC05VUO7MTOnWdJHnc2RqQshvz8DoAZw%2BAFcXQItXQMvRSuiDbowaLR9b6XeJ0nKpyLShop7KHMJUyPJzyDe9HX1CXp5Raf%2FpQfLDy19%2BsfrHJfERuK2Q2Qofq58IOvrB6LYpye5tUzrydDXLVU9t0emK7%2BQ0l2e%2Ffk9ulsaKG9fc8PEVPgWm5ZO70uU3aSpU2nHkm6tKCGmvG8sl%2BeGGW5dsrXAbVwubFtnNtbev3%2BhlVjqnTDoGVUcffgKuJuQF25193lf%2FugJlx7BFhV5xSOYBZcbg2TZctmDvDIHVixmWeSiLamRDtnjUikDLRU9ZBfefni3qHfcAHeuB5veR9ir0bYW%2BrkD1EK44O8oze3j5l2gWYNobMW29XaatfnhqrVPHNRknfiL9ULKkzZIV6ot20mgz2g7kCotpgNxN%2BL3PHv8LAAD%2F%2FwEAAP%2F%2FguOb4ZQEAAA%3D
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuzo%2BLnhK8eFDm4EHBne0f07Mz5hASYyQYs0sSXfBWv3q2nJqupqp7enbxsCQgARUmJz32frObJRrU%2FAGCzHoJC8KOB1nE9SbelZxlZgdGH1S99%2Bp7h%2B%2F7Xn26U5wQHwU9XnvfbCmt6XJc92uvr6tUmNLVbt2tBX7dv1RbV2mzcak2mF62%2F1bgx3X%2Fjdq7knfNcugHvh%2F4Qe26sjIxg%2BUZCpU9aQf1tl9vhPUgbmBg%2F9%2B7woOjHkT%2FhFyEEpPzG8%2BeQvEx0t7316Tr5iZ7851eoWluLPpi%2F4O0m5oyRW9RJtZDku7Pp2HchJCvzsCk%2B3MFMP3dqQIwNSHerwFYuj%2BnCdbfO2XKNGQKJl5E2R9D6jEUHYOb%2B1DiiABc4NYq0t6jW8aWdPMUpVN0Qs49%2FxuqnJBzv7%2BEtPftVa0GtTtGF7kyqcMgqaAGY6jOGFlxgHzLgyoPwPN7UOJnsvz8JtLe7qrTBkocvxayqCnCgC1JGUZLjWZEl1gcR0uyJf1mwrkfR3RmkVJjqGQMLYegzkMxPcpDkXgoMg89cVyjcTvx%2FZWEJVHUanDOo4jzuNUUsYgarcRHwacahsizIbgegtttZHYbXfXwKL4IW%2FwIt1HBCQ8uJ%2BiLCqUkKB1BSQlKRVDmBGW%2F2hPaha56JLQrWDDP4TxH1cjknR26Z%2FKOTMlOdkIuzLz75%2FMCXXlcS%2BKw7YeNWIbCp0kY0zZrtMJWM4i4bEVhC05VUO7MTOnWdJHnc2RqQshvz8DoAZw%2BAFcXQItXQMvRSuiDbowaLR9b6XeJ0nKpyLShop7KHMJUyPJzyDe9HX1CXp5Raf%2FpQfLDy19%2BsfrHJfERuK2Q2Qofq58IOvrB6LYpye5tUzrydDXLVU9t0emK7%2BQ0l2e%2Ffk9ulsaKG9fc8PEVPgWm5ZO70uU3aSpU2nHkm6tKCGmvG8sl%2BeGGW5dsrXAbVwubFtnNtbev3%2BhlVjqnTDoGVUcffgKuJuQF25193lf%2FugJlx7BFhV5xSOYBZcbg2TZctmDvDIHVixmWeSiLamRDtnjUikDLRU9ZBfefni3qHfcAHeuB5veR9ir0bYW%2BrkD1EK44O8oze3j5l2gWYNobMW29XaatfnhqrVPHNRknfiL9ULKkzZIV6ot20mgz2g7kCotpgNxN%2BL3PHv8LAAD%2F%2FwEAAP%2F%2FguOb4ZQEAAA%3D HTTP/1.1
Host: parkingridiculous.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file-upload.net/
Cookie: u_pl=16026741; uid_id2=2b36d21b-ee23-463a-b553-e8e06fcc053a:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 26 Nov 2022 21:56:57 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ed8bc94e44a4fc60bc890342cea4d334
Strict-Transport-Security: max-age=0; includeSubdomains
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 666f0822fa3b2bd37642dc6f1f9b95ea
b082ce304fa32d1afd9eee2c00c4d751d444f730
ea0fd5b59bc464c03f64e107247d245f8b9e65b5ad6593400952e0f978ba5251
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "EA0FD5B59BC464C03F64E107247D245F8B9E65B5AD6593400952E0F978BA5251"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9957
Expires: Sun, 27 Nov 2022 00:42:55 GMT
Date: Sat, 26 Nov 2022 21:56:58 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 666f0822fa3b2bd37642dc6f1f9b95ea
b082ce304fa32d1afd9eee2c00c4d751d444f730
ea0fd5b59bc464c03f64e107247d245f8b9e65b5ad6593400952e0f978ba5251
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "EA0FD5B59BC464C03F64E107247D245F8B9E65B5AD6593400952E0F978BA5251"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9957
Expires: Sun, 27 Nov 2022 00:42:55 GMT
Date: Sat, 26 Nov 2022 21:56:58 GMT
Connection: keep-alive
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15340, version 1.0\012- data
Hash 19b7a0adfdd4f808b53af7e2ce2ad4e5
81d5d4c7b5035ad10cce63cf7100295e0c51fdda
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
GET /s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 01:26:24 GMT
expires: Sun, 26 Nov 2023 01:26:24 GMT
cache-control: public, max-age=31536000
age: 73834
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
parkingridiculous.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fdf%2Fbd%2F7a%2Fdfbd7a33d1397e7e7063b1664658e57d%2F1601889852.html&l=1379&fd=111
192.243.61.227200 OK 0 B URL HTTP/1.1 parkingridiculous.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fdf%2Fbd%2F7a%2Fdfbd7a33d1397e7e7063b1664658e57d%2F1601889852.html&l=1379&fd=111
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fdf%2Fbd%2F7a%2Fdfbd7a33d1397e7e7063b1664658e57d%2F1601889852.html&l=1379&fd=111 HTTP/1.1
Host: parkingridiculous.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file-upload.net/
Cookie: u_pl=16026741; uid_id2=2b36d21b-ee23-463a-b553-e8e06fcc053a:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 26 Nov 2022 21:56:58 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.creative-bars1.com/sb/notifications/dating/default/us/universal/white/ssp/css/animate.css
172.64.108.13200 OK 5.3 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/dating/default/us/universal/white/ssp/css/animate.css
IP 172.64.108.13:0
Hash d2fa6f1786c17744679be8c1083476b0
266931e1dd982ca77e82ad9ea78d38f019d14329
f94544d806cb8f1a6e54f1b534af57624d929a11174aa326b9c8d174cb6bd23b
GET /sb/notifications/dating/default/us/universal/white/ssp/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.file-upload.net
Connection: keep-alive
Referer: https://www.file-upload.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:56:58 GMT
content-type: text/css
last-modified: Mon, 05 Oct 2020 09:08:43 GMT
etag: W/"5f7ae29b-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 79092
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uIauVTwEhRxfHDf7TmBsUVwiDcYa1R6c667CUWH%2FMESCTrQbB0lerDhrGUIrigT6ueuVkw832rHuSX%2BqKVVvVcGBAQmzfZzu5NAJVJxabMQWvbf%2FmGo7Xk7t90AUb6QsoaWrUmOMaIIi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7705e0873a8a72f6-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 666f0822fa3b2bd37642dc6f1f9b95ea
b082ce304fa32d1afd9eee2c00c4d751d444f730
ea0fd5b59bc464c03f64e107247d245f8b9e65b5ad6593400952e0f978ba5251
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "EA0FD5B59BC464C03F64E107247D245F8B9E65B5AD6593400952E0F978BA5251"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9957
Expires: Sun, 27 Nov 2022 00:42:55 GMT
Date: Sat, 26 Nov 2022 21:56:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d544e647515cb189a384f9c20ec9bd24
b7b52713f8f4c02a47192ef56456e16d0ca408a9
375fc9ebeb579498db5f3df773f4a94debbab4b0f809abc2fa414e9c2bea052c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "375FC9EBEB579498DB5F3DF773F4A94DEBBAB4B0F809ABC2FA414E9C2BEA052C"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9227
Expires: Sun, 27 Nov 2022 00:30:45 GMT
Date: Sat, 26 Nov 2022 21:56:58 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 619fa0039b94697fc8a5bd24f57e8aa2
53a366391a51d625029cc6d32fb4e8b6060990fd
dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:56:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
parkingridiculous.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fdating%2Fdefault%2Fus%2Funiversal%2Fwhite%2Fssp%2Fcss%2Fanimate.css&l=79245&fd=124
192.243.61.227200 OK 0 B URL HTTP/1.1 parkingridiculous.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fdating%2Fdefault%2Fus%2Funiversal%2Fwhite%2Fssp%2Fcss%2Fanimate.css&l=79245&fd=124
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fdating%2Fdefault%2Fus%2Funiversal%2Fwhite%2Fssp%2Fcss%2Fanimate.css&l=79245&fd=124 HTTP/1.1
Host: parkingridiculous.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file-upload.net/
Cookie: u_pl=16026741; uid_id2=2b36d21b-ee23-463a-b553-e8e06fcc053a:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 26 Nov 2022 21:56:58 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.cloudimagesb.com/si/84/83/0e/84830eeb6afb1a25a871aa22c0042566/1667590271.png
45.133.44.9200 OK 33 kB URL HTTP/2 cdn.cloudimagesb.com/si/84/83/0e/84830eeb6afb1a25a871aa22c0042566/1667590271.png
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 2cb2500acb00f247ef19403c3a0f89e1
7c57e8b84b2bb0003810ffae7a14e24869155464
7efcd5082673b787603d2a0b8d768fb26807cf2ab79771a69886a916d0cda3ce
GET /si/84/83/0e/84830eeb6afb1a25a871aa22c0042566/1667590271.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:56:58 GMT
content-type: image/png
content-length: 32763
server: nginx/1.17.6
last-modified: Fri, 04 Nov 2022 19:31:19 GMT
etag: "63656887-7ffb"
expires: Mon, 28 Nov 2022 21:56:58 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
parkingridiculous.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fdating%2Fdefault%2Fus%2Funiversal%2Fwhite%2Fssp%2Fjs%2Fscript.js&l=386&fd=124
192.243.61.227200 OK 0 B URL HTTP/1.1 parkingridiculous.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fdating%2Fdefault%2Fus%2Funiversal%2Fwhite%2Fssp%2Fjs%2Fscript.js&l=386&fd=124
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fdating%2Fdefault%2Fus%2Funiversal%2Fwhite%2Fssp%2Fjs%2Fscript.js&l=386&fd=124 HTTP/1.1
Host: parkingridiculous.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file-upload.net/
Cookie: u_pl=16026741; uid_id2=2b36d21b-ee23-463a-b553-e8e06fcc053a:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 26 Nov 2022 21:56:58 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
142.250.74.10200 OK 660 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP 142.250.74.10:0
Hash 5860c780c8e9daa4f852038f02b5bdc2
c75c8b4db36bffe075ce493f06d011f855d5541a
f11b9f8e851e15c0c6abd53a9994c6dcef78ceeebd0f0b8bbde610fec8332c85
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 26 Nov 2022 21:56:58 GMT
date: Sat, 26 Nov 2022 21:56:58 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.file-upload.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:08 GMT
expires: Thu, 23 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 267770
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.file-upload.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:53:49 GMT
expires: Thu, 23 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
age: 270189
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 816d70da869514eb692b661a8226d9c1
a89905476481099656b3461acd454ad11ad5584d
cd03b16cdd0d63deb1336dec06481a119a46359358605c8faca8955f90939a34
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:56:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
parkingridiculous.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSu3h8XPe3ixYMyBw8KZtI%2Fpic97mHZdY0EYxJ2VwPeqquqJ%2BXUdDVV3dOT4CHsgiyoMHvSY%2BebZMPqou4fIMjEyxIQMh4kiPEm3pU9y0wGRh9Uvffqe4fv%2B159ulecERcFPd14X%2B9IpehiWHdrr2%2FKlOvS1tbu1jy37l6rbcq02bhW608u03vLc8O6%2B0btXcE6etF3Pdf1XK%2B2LI1IdH9xikJmT1peveXWG37dCxvom%2F%2F3tnBgqQPeOyNXIfn48tazp5BshLT7%2FS1hO7nO3nynWyiaa4MeP%2Fwg7aS6TNGdl4lxkKSHs2loOybkqwvQ6eFMAXRvf6IAsRwT51cPcXo4o4m4d3DONFYQKWL%2BIsreCEKNIOkITN%2BH5CcEYBxr60i7j9a0Ken2OUon6Jhcev43ZDkml35%2FCWn325tK9mt3tCpyqVOLflJB9keQ7RGy4gj5jgNZHoHl9yD5z2Tx%2BSrS7v66VRqSn77mx0GT%2B168IIQfLDSaAV2IwzBYEJFwmwljbhjQqUVSjiCTEZQYgFoHxeRIB0XioMgcdPlpjYatxHWXkjgJgqjBGAsCxsKoyUMeNKLERcEmGgbIswGYGoCZXWRmFx358CS8ClP8CLtVwXIHNifo8QqlICgtQUkJSklQ5gRlrzrgyvq2esSVLWJvlv1ZDqqhztt79EDnbZGSveyMXJl698%2FnBTritJaEfsv1G6HwuUsTP6StuBH5UdMLmIgCP4KVFaS9MFW6M1nk5RyZHBPy2zPE9AhWHYHJK6DFK6DlcMl3QbeGjcjFTvpdIpVYKDKlKa%2BnIgfXFbL8EvJtZ0%2BdkZenVFp%2FOhDs%2BPqXX6z%2FcY1%2FBGYqZKbCx%2FIngrZ6MLytS7J%2FW5eWPF3PctmVO3Sy4js5zcXFr98T26U2fOWWHTy%2BwSbApHxyV9h8laZcpm1LvrkpORdmWRsmyA8rdlPEG4XdulmYtMhWN95eXulmRlgrdToClScffgImx%2BQF05l%2B3lf%2FugFpRjBFhW5xTGYBqUdg2S5sNmdvNYFR85k4c1AW1dD48fxRSQIl5j2NK9j%2F9PG83rMP0DYOaH4fabdCz1ToqQpUDWCLi8M8M8fXfwmmgVg5w1gZZz9WRj08t9bK01roNUQUR0uM81gw7i35QRS4rs95Y6klvBZyO2b3Pnv8LwAAAP%2F%2FAQAA%2F%2F%2BW6xUHlAQAAA%3D%3D
192.243.61.227200 OK 7 B URL HTTP/1.1 parkingridiculous.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSu3h8XPe3ixYMyBw8KZtI%2Fpic97mHZdY0EYxJ2VwPeqquqJ%2BXUdDVV3dOT4CHsgiyoMHvSY%2BebZMPqou4fIMjEyxIQMh4kiPEm3pU9y0wGRh9Uvffqe4fv%2B159ulecERcFPd14X%2B9IpehiWHdrr2%2FKlOvS1tbu1jy37l6rbcq02bhW608u03vLc8O6%2B0btXcE6etF3Pdf1XK%2B2LI1IdH9xikJmT1peveXWG37dCxvom%2F%2F3tnBgqQPeOyNXIfn48tazp5BshLT7%2FS1hO7nO3nynWyiaa4MeP%2Fwg7aS6TNGdl4lxkKSHs2loOybkqwvQ6eFMAXRvf6IAsRwT51cPcXo4o4m4d3DONFYQKWL%2BIsreCEKNIOkITN%2BH5CcEYBxr60i7j9a0Ken2OUon6Jhcev43ZDkml35%2FCWn325tK9mt3tCpyqVOLflJB9keQ7RGy4gj5jgNZHoHl9yD5z2Tx%2BSrS7v66VRqSn77mx0GT%2B168IIQfLDSaAV2IwzBYEJFwmwljbhjQqUVSjiCTEZQYgFoHxeRIB0XioMgcdPlpjYatxHWXkjgJgqjBGAsCxsKoyUMeNKLERcEmGgbIswGYGoCZXWRmFx358CS8ClP8CLtVwXIHNifo8QqlICgtQUkJSklQ5gRlrzrgyvq2esSVLWJvlv1ZDqqhztt79EDnbZGSveyMXJl698%2FnBTritJaEfsv1G6HwuUsTP6StuBH5UdMLmIgCP4KVFaS9MFW6M1nk5RyZHBPy2zPE9AhWHYHJK6DFK6DlcMl3QbeGjcjFTvpdIpVYKDKlKa%2BnIgfXFbL8EvJtZ0%2BdkZenVFp%2FOhDs%2BPqXX6z%2FcY1%2FBGYqZKbCx%2FIngrZ6MLytS7J%2FW5eWPF3PctmVO3Sy4js5zcXFr98T26U2fOWWHTy%2BwSbApHxyV9h8laZcpm1LvrkpORdmWRsmyA8rdlPEG4XdulmYtMhWN95eXulmRlgrdToClScffgImx%2BQF05l%2B3lf%2FugFpRjBFhW5xTGYBqUdg2S5sNmdvNYFR85k4c1AW1dD48fxRSQIl5j2NK9j%2F9PG83rMP0DYOaH4fabdCz1ToqQpUDWCLi8M8M8fXfwmmgVg5w1gZZz9WRj08t9bK01roNUQUR0uM81gw7i35QRS4rs95Y6klvBZyO2b3Pnv8LwAAAP%2F%2FAQAA%2F%2F%2BW6xUHlAQAAA%3D%3D
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSu3h8XPe3ixYMyBw8KZtI%2Fpic97mHZdY0EYxJ2VwPeqquqJ%2BXUdDVV3dOT4CHsgiyoMHvSY%2BebZMPqou4fIMjEyxIQMh4kiPEm3pU9y0wGRh9Uvffqe4fv%2B159ulecERcFPd14X%2B9IpehiWHdrr2%2FKlOvS1tbu1jy37l6rbcq02bhW608u03vLc8O6%2B0btXcE6etF3Pdf1XK%2B2LI1IdH9xikJmT1peveXWG37dCxvom%2F%2F3tnBgqQPeOyNXIfn48tazp5BshLT7%2FS1hO7nO3nynWyiaa4MeP%2Fwg7aS6TNGdl4lxkKSHs2loOybkqwvQ6eFMAXRvf6IAsRwT51cPcXo4o4m4d3DONFYQKWL%2BIsreCEKNIOkITN%2BH5CcEYBxr60i7j9a0Ken2OUon6Jhcev43ZDkml35%2FCWn325tK9mt3tCpyqVOLflJB9keQ7RGy4gj5jgNZHoHl9yD5z2Tx%2BSrS7v66VRqSn77mx0GT%2B168IIQfLDSaAV2IwzBYEJFwmwljbhjQqUVSjiCTEZQYgFoHxeRIB0XioMgcdPlpjYatxHWXkjgJgqjBGAsCxsKoyUMeNKLERcEmGgbIswGYGoCZXWRmFx358CS8ClP8CLtVwXIHNifo8QqlICgtQUkJSklQ5gRlrzrgyvq2esSVLWJvlv1ZDqqhztt79EDnbZGSveyMXJl698%2FnBTritJaEfsv1G6HwuUsTP6StuBH5UdMLmIgCP4KVFaS9MFW6M1nk5RyZHBPy2zPE9AhWHYHJK6DFK6DlcMl3QbeGjcjFTvpdIpVYKDKlKa%2BnIgfXFbL8EvJtZ0%2BdkZenVFp%2FOhDs%2BPqXX6z%2FcY1%2FBGYqZKbCx%2FIngrZ6MLytS7J%2FW5eWPF3PctmVO3Sy4js5zcXFr98T26U2fOWWHTy%2BwSbApHxyV9h8laZcpm1LvrkpORdmWRsmyA8rdlPEG4XdulmYtMhWN95eXulmRlgrdToClScffgImx%2BQF05l%2B3lf%2FugFpRjBFhW5xTGYBqUdg2S5sNmdvNYFR85k4c1AW1dD48fxRSQIl5j2NK9j%2F9PG83rMP0DYOaH4fabdCz1ToqQpUDWCLi8M8M8fXfwmmgVg5w1gZZz9WRj08t9bK01roNUQUR0uM81gw7i35QRS4rs95Y6klvBZyO2b3Pnv8LwAAAP%2F%2FAQAA%2F%2F%2BW6xUHlAQAAA%3D%3D HTTP/1.1
Host: parkingridiculous.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file-upload.net/
Cookie: u_pl=16026741; uid_id2=2b36d21b-ee23-463a-b553-e8e06fcc053a:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 26 Nov 2022 21:56:58 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: af43a1a1c1035f7987ec4e2bf1c47f4f
Strict-Transport-Security: max-age=0; includeSubdomains
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
142.250.74.33200 OK 7.5 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1540)
Hash d22e40b1bc4f1b0f1727b96a0f32f7dd
57030c5040f0013120cca1e77fe38af35d4610e0
6f6d3797f9b19ffcd2f416a7566a58cf70fd4fb0ab17dec03fa5b690c6939494
GET /pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 7458
x-xss-protection: 0
date: Sat, 26 Nov 2022 15:55:37 GMT
expires: Sat, 10 Dec 2022 15:55:37 GMT
cache-control: public, max-age=1209600
age: 21681
etag: 16870613375306414947
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
parkingridiculous.com/pixel/sbs?c=1
192.243.61.227200 OK 0 B URL HTTP/1.1 parkingridiculous.com/pixel/sbs?c=1
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: parkingridiculous.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file-upload.net/
Cookie: u_pl=16026741; uid_id2=2b36d21b-ee23-463a-b553-e8e06fcc053a:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 26 Nov 2022 21:56:58 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
142.250.74.162200 OK 48 kB URL HTTP/2 www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
IP 142.250.74.162:0
File type ASCII text, with very long lines (3502)
Hash 297e24828abaf97fb29460fd75369140
e9e02d737f1bcf9874a55562edff5f795a1c170c
cdbe4e689ca060e94f00f0aa4c45a89efacddac90df42929ff42a3bff44a9d3e
GET /activeview/js/current/rx_lidar.js?cache=r20110914 HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-length: 48265
date: Sat, 26 Nov 2022 21:56:58 GMT
expires: Sat, 26 Nov 2022 21:56:58 GMT
cache-control: private, max-age=3000
etag: "1668095300071091"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115739&plc=4254520&sid=18330&DVP_PROG_REP=1&prr=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVP_PP_IMP_ID=ABAjH0gEN_FZLCMw4_U41ow_Go0S&DVP_DBM_1=3060631&DVP_DBM_2=11796640&DVP_DBM_3=34081968&DVP_DBM_4=210342129&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1549165130&turl=https://www.file-upload.net/download-14661967/advanced.rar.html&DVP_PP_BUNDLE_ID=&dvregion=0&unit=300x250
95.101.11.115200 OK 1.2 kB URL HTTP/1.1 cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115739&plc=4254520&sid=18330&DVP_PROG_REP=1&prr=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVP_PP_IMP_ID=ABAjH0gEN_FZLCMw4_U41ow_Go0S&DVP_DBM_1=3060631&DVP_DBM_2=11796640&DVP_DBM_3=34081968&DVP_DBM_4=210342129&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1549165130&turl=https://www.file-upload.net/download-14661967/advanced.rar.html&DVP_PP_BUNDLE_ID=&dvregion=0&unit=300x250
IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
File type HTML document, ASCII text, with very long lines (536)
Hash b974c4683c6725f577ee625986e65a76
217fbdcf62a25d594b02f8ba8fe4a15972edefb4
ff229c4f0b8ae55be880d63b94b37c6890a08f6c617f779e869ba1bdab60d86c
GET /dvbs_src.js?ctx=1828362&cmp=115739&plc=4254520&sid=18330&DVP_PROG_REP=1&prr=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVP_PP_IMP_ID=ABAjH0gEN_FZLCMw4_U41ow_Go0S&DVP_DBM_1=3060631&DVP_DBM_2=11796640&DVP_DBM_3=34081968&DVP_DBM_4=210342129&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1549165130&turl=https://www.file-upload.net/download-14661967/advanced.rar.html&DVP_PP_BUNDLE_ID=&dvregion=0&unit=300x250 HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=86400
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Sun, 30 Oct 2022 09:55:21 GMT
Accept-Ranges: bytes
ETag: "42b02eb945ecd81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Timing-Allow-Origin: *
Content-Length: 1170
Date: Sat, 26 Nov 2022 21:56:58 GMT
Connection: keep-alive
cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVPX_PP_IMP_ID=ABAjH0gEN_FZLCMw4_U41ow_Go0S&DVP_DBM_1=3060631&DVP_DBM_2=11796640&DVP_DBM_3=34081968&DVP_DBM_4=210342129&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1549165130&turl=https://www.file-upload.net/download-14661967/advanced.rar.html&DVP_PP_BUNDLE_ID=
95.101.11.115200 OK 3.3 kB URL HTTP/1.1 cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVPX_PP_IMP_ID=ABAjH0gEN_FZLCMw4_U41ow_Go0S&DVP_DBM_1=3060631&DVP_DBM_2=11796640&DVP_DBM_3=34081968&DVP_DBM_4=210342129&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1549165130&turl=https://www.file-upload.net/download-14661967/advanced.rar.html&DVP_PP_BUNDLE_ID=
IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (7951)
Hash 9b7ce23aa4ed2d545251051de21faa86
e28916ece42e6fd50e00245de0b8bd37010b87a4
caf980ab1ffa6adf92204724f64b3870cd37f012a00d5128f81c0447fc8e8b0e
GET /dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVPX_PP_IMP_ID=ABAjH0gEN_FZLCMw4_U41ow_Go0S&DVP_DBM_1=3060631&DVP_DBM_2=11796640&DVP_DBM_3=34081968&DVP_DBM_4=210342129&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1549165130&turl=https://www.file-upload.net/download-14661967/advanced.rar.html&DVP_PP_BUNDLE_ID= HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=900
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 22 Nov 2022 11:10:24 GMT
Accept-Ranges: bytes
ETag: "0509c463fed81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 3314
Date: Sat, 26 Nov 2022 21:56:58 GMT
Connection: keep-alive
cdn.doubleverify.com/dvbs_src_internal113.js
95.101.11.115200 OK 19 kB URL HTTP/1.1 cdn.doubleverify.com/dvbs_src_internal113.js
IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2636), with CRLF, LF line terminators
Hash d66be7d7dd010ff660d5fe2b671011a2
b75b84ac9f612a3e352eb87f4946841042b2c0cc
b137a6abe42b5d609f347d9cec11d342c2320c4efa0c3ab72acc69b5f4b8be3e
GET /dvbs_src_internal113.js HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=946080000
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Sun, 30 Oct 2022 09:56:00 GMT
Accept-Ranges: bytes
ETag: "0b85bd045ecd81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 19448
Date: Sat, 26 Nov 2022 21:56:58 GMT
Connection: keep-alive
ocsp.netsolssl.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 6f4e239884913aacfb9109b58e6b49e3
50e5c7519f33f75b3fff20703af8dff1de34a10a
8c0f04c70281e806fe1a52a6ce21ceb743da476e940cb6487afab447927716c4
POST / HTTP/1.1
Host: ocsp.netsolssl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 21:56:58 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 00:10:19 GMT
Expires: Thu, 01 Dec 2022 00:10:18 GMT
Etag: "50e5c7519f33f75b3fff20703af8dff1de34a10a"
Cache-Control: max-age=352999,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7705e08c0d9a1c06-OSL
rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_652343367464&jsTagObjCallback=__tagObject_callback_652343367464&num=6&ctx=1828362&cmp=115739&plc=4254520&sid=18330&advid=&adsrv=&unit=300x250&isdvvid=&uid=652343367464&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Linux%20x86_64&dvp_strhd=0.00&dvpx_strhd=0.00&brid=0&brver=&bridua=2&dup=null&turl=https://www.file-upload.net/download-14661967/advanced.rar.html&chro=0&hist=1&winh=280&winw=336&wouh=1024&wouw=1280&scah=1002&scaw=1280&srcurlD=0&ssl=1&refD=2&htmlmsging=1&tstype=128&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVP_PP_IMP_ID=ABAjH0gEN_FZLCMw4_U41ow_Go0S&DVP_DBM_1=3060631&DVP_DBM_2=11796640&DVP_DBM_3=34081968&DVP_DBM_4=210342129&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1549165130&DVP_PP_BUNDLE_ID=&prr=1&aUrlD=-1&m1=13&noc=16&fcifrms=9&brh=1&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=161&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D7%3A%3D6%5CFA%3D%4025%5D%3F6ETauU2%26C%3Dl9EEADTbpTauTauHHH%5D7%3A%3D6%5CFA%3D%4025%5D%3F6ETau5%40H%3F%3D%4025%5C%60cee%60hefTau25G2%3F465%5DC2C%5D9E%3E%3D&dvp_exetime=12.00&callbackName=__verify_callback_652343367464
34.149.12.213200 OK 265 B URL HTTP/1.1 rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_652343367464&jsTagObjCallback=__tagObject_callback_652343367464&num=6&ctx=1828362&cmp=115739&plc=4254520&sid=18330&advid=&adsrv=&unit=300x250&isdvvid=&uid=652343367464&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Linux%20x86_64&dvp_strhd=0.00&dvpx_strhd=0.00&brid=0&brver=&bridua=2&dup=null&turl=https://www.file-upload.net/download-14661967/advanced.rar.html&chro=0&hist=1&winh=280&winw=336&wouh=1024&wouw=1280&scah=1002&scaw=1280&srcurlD=0&ssl=1&refD=2&htmlmsging=1&tstype=128&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVP_PP_IMP_ID=ABAjH0gEN_FZLCMw4_U41ow_Go0S&DVP_DBM_1=3060631&DVP_DBM_2=11796640&DVP_DBM_3=34081968&DVP_DBM_4=210342129&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1549165130&DVP_PP_BUNDLE_ID=&prr=1&aUrlD=-1&m1=13&noc=16&fcifrms=9&brh=1&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=161&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D7%3A%3D6%5CFA%3D%4025%5D%3F6ETauU2%26C%3Dl9EEADTbpTauTauHHH%5D7%3A%3D6%5CFA%3D%4025%5D%3F6ETau5%40H%3F%3D%4025%5C%60cee%60hefTau25G2%3F465%5DC2C%5D9E%3E%3D&dvp_exetime=12.00&callbackName=__verify_callback_652343367464
IP 34.149.12.213:0
Hash 91b84a02be600003dce6025f7ffda179
5cd8ea8e50550ce10cc2d63253163e7899f65b5f
a1ca573c5ce0c7c18968546c0beac93f936ec25e1d4b1174552ee22a696760fb
GET /verify.js?flvr=0&jsCallback=__verify_callback_652343367464&jsTagObjCallback=__tagObject_callback_652343367464&num=6&ctx=1828362&cmp=115739&plc=4254520&sid=18330&advid=&adsrv=&unit=300x250&isdvvid=&uid=652343367464&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Linux%20x86_64&dvp_strhd=0.00&dvpx_strhd=0.00&brid=0&brver=&bridua=2&dup=null&turl=https://www.file-upload.net/download-14661967/advanced.rar.html&chro=0&hist=1&winh=280&winw=336&wouh=1024&wouw=1280&scah=1002&scaw=1280&srcurlD=0&ssl=1&refD=2&htmlmsging=1&tstype=128&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVP_PP_IMP_ID=ABAjH0gEN_FZLCMw4_U41ow_Go0S&DVP_DBM_1=3060631&DVP_DBM_2=11796640&DVP_DBM_3=34081968&DVP_DBM_4=210342129&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1549165130&DVP_PP_BUNDLE_ID=&prr=1&aUrlD=-1&m1=13&noc=16&fcifrms=9&brh=1&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=161&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D7%3A%3D6%5CFA%3D%4025%5D%3F6ETauU2%26C%3Dl9EEADTbpTauTauHHH%5D7%3A%3D6%5CFA%3D%4025%5D%3F6ETau5%40H%3F%3D%4025%5C%60cee%60hefTau25G2%3F465%5DC2C%5D9E%3E%3D&dvp_exetime=12.00&callbackName=__verify_callback_652343367464 HTTP/1.1
Host: rtb0.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 21:56:58 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: close
Cache-Control: max-age=0
Content-Encoding: br
Expires: 11/25/2022 21:56:58
Pragma: no-cache
Vary: Accept-Encoding
X-DV-Response: 0
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1d9982c4a878719ddada7e301fb40eca
b088389e7b4dca42ef7391324d6ebc7fc7d8e796
64dbc2a8bcfd6e778293004e63430dc61138124ce7a82e564d9bde62e90b5a60
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 127
Cache-Control: max-age=115925
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:56:59 GMT
Etag: "6381ad01-1d7"
Expires: Mon, 28 Nov 2022 06:09:04 GMT
Last-Modified: Sat, 26 Nov 2022 06:06:57 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
adobe.demdex.net/event?d_stuff=1&d_rtbd=json&d_cb=fltk
18.203.75.86302 Found 0 B URL HTTP/1.1 adobe.demdex.net/event?d_stuff=1&d_rtbd=json&d_cb=fltk
IP 18.203.75.86:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event?d_stuff=1&d_rtbd=json&d_cb=fltk HTTP/1.1
Host: adobe.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v045-0e6039550.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://adobe.demdex.net/firstevent?d_stuff=1&d_rtbd=json&d_cb=fltk
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=69293142928740363080793378766425048748; Max-Age=15552000; Expires=Thu, 25 May 2023 21:56:59 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 2PTGtaC6Rwk=
Content-Length: 0
Connection: keep-alive
adobe.demdex.net/firstevent?d_stuff=1&d_rtbd=json&d_cb=fltk
18.203.75.86200 OK 34 B URL HTTP/1.1 adobe.demdex.net/firstevent?d_stuff=1&d_rtbd=json&d_cb=fltk
IP 18.203.75.86:0
File type ASCII text, with no line terminators
Hash 172c41d6e5091275076fb86a0c069146
ad6111551bc17f301d183e5d1696dd965869cc93
40942d4c9bf4671bd978b99d2b41ad7f72196651baa180fa808ecd679828b10b
GET /firstevent?d_stuff=1&d_rtbd=json&d_cb=fltk HTTP/1.1
Host: adobe.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://googleads.g.doubleclick.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/javascript;charset=utf-8
DCS: dcs-prod-irl1-1-v045-028e6f909.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: u7AO5rldTL8=
Content-Length: 34
Connection: keep-alive
servedby.flashtalking.com/imp/8/115739;4254520;201;js;DV360;DV360FY20EDUBEHCustomIntentNODSKBAN300x250/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-1292383683261552%26output%3Dhtml%26h%3D280%26slotname%3D7657039991%26adk%3D2206994673%26adf%3D810369294%26pi%3Dt.ma~as.7657039991%26w%3D336%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1669499817%26rafmt%3D1%26format%3D336x280%26url%3Dhttps%253A%252F%252Fwww.file-upload.net%252Fdownload-14661967%252Fadvanced.rar.html%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26dt%3D1669499817067%26bpp%3D2%26bdt%3D1818%26idt%3D630%26shv%3Dr20221110%26mjsv%3Dm202211100101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D6eaeb4d6f12979ad-2235f0599dd700f1%253AT%253D1669499817%253ART%253D1669499817%253AS%253DALNI_MatLvZHhC66yyh9MXJU2h5b4mJAQA%26gpic%3DUID%253D00000b87dbd3c1e2%253AT%253D1669499817%253ART%253D1669499817%253AS%253DALNI_MYfnn4nc8QhEv84mKA-swPqCd4M-w%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D2896389323883%26frm%3D20%26pv%3D1%26ga_vid%3D913393343.1669499818%26ga_sid%3D1669499818%26ga_hid%3D408381640%26ga_fc&ft_section=undefined__&cachebuster=17182.18134540772
2.23.132.54200 OK 1.1 kB URL HTTP/1.1 servedby.flashtalking.com/imp/8/115739;4254520;201;js;DV360;DV360FY20EDUBEHCustomIntentNODSKBAN300x250/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-1292383683261552%26output%3Dhtml%26h%3D280%26slotname%3D7657039991%26adk%3D2206994673%26adf%3D810369294%26pi%3Dt.ma~as.7657039991%26w%3D336%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1669499817%26rafmt%3D1%26format%3D336x280%26url%3Dhttps%253A%252F%252Fwww.file-upload.net%252Fdownload-14661967%252Fadvanced.rar.html%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26dt%3D1669499817067%26bpp%3D2%26bdt%3D1818%26idt%3D630%26shv%3Dr20221110%26mjsv%3Dm202211100101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D6eaeb4d6f12979ad-2235f0599dd700f1%253AT%253D1669499817%253ART%253D1669499817%253AS%253DALNI_MatLvZHhC66yyh9MXJU2h5b4mJAQA%26gpic%3DUID%253D00000b87dbd3c1e2%253AT%253D1669499817%253ART%253D1669499817%253AS%253DALNI_MYfnn4nc8QhEv84mKA-swPqCd4M-w%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D2896389323883%26frm%3D20%26pv%3D1%26ga_vid%3D913393343.1669499818%26ga_sid%3D1669499818%26ga_hid%3D408381640%26ga_fc&ft_section=undefined__&cachebuster=17182.18134540772
IP 2.23.132.54:0
ASN #1299 Telia Company AB
File type ASCII text, with very long lines (1144), with CRLF, CR, LF line terminators
Hash 173aa522cf9b5229704f2e20331691c7
a1f1e01c096d6d3a41097116df532978d90b0942
58899d14747430e16bbbf8d593c25dcb09a6a7e67172fbc26b63801e3c9d6735
GET /imp/8/115739;4254520;201;js;DV360;DV360FY20EDUBEHCustomIntentNODSKBAN300x250/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-1292383683261552%26output%3Dhtml%26h%3D280%26slotname%3D7657039991%26adk%3D2206994673%26adf%3D810369294%26pi%3Dt.ma~as.7657039991%26w%3D336%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1669499817%26rafmt%3D1%26format%3D336x280%26url%3Dhttps%253A%252F%252Fwww.file-upload.net%252Fdownload-14661967%252Fadvanced.rar.html%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26dt%3D1669499817067%26bpp%3D2%26bdt%3D1818%26idt%3D630%26shv%3Dr20221110%26mjsv%3Dm202211100101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D6eaeb4d6f12979ad-2235f0599dd700f1%253AT%253D1669499817%253ART%253D1669499817%253AS%253DALNI_MatLvZHhC66yyh9MXJU2h5b4mJAQA%26gpic%3DUID%253D00000b87dbd3c1e2%253AT%253D1669499817%253ART%253D1669499817%253AS%253DALNI_MYfnn4nc8QhEv84mKA-swPqCd4M-w%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D2896389323883%26frm%3D20%26pv%3D1%26ga_vid%3D913393343.1669499818%26ga_sid%3D1669499818%26ga_hid%3D408381640%26ga_fc&ft_section=undefined__&cachebuster=17182.18134540772 HTTP/1.1
Host: servedby.flashtalking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript;charset=ISO-8859-1
Server: prod-xre-app26.frk11
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Sat, 26 Nov 2022 21:56:59 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 26 Nov 2022 21:56:59 GMT
Content-Length: 1127
Connection: keep-alive
Strict-Transport-Security: max-age=86400
cdn.flashtalking.com/xre/425/4254520/4118282/js/j-4254520-4118282.js
205.185.216.10200 OK 15 kB URL HTTP/1.1 cdn.flashtalking.com/xre/425/4254520/4118282/js/j-4254520-4118282.js
IP 205.185.216.10:0
File type ASCII text, with very long lines (2897), with CRLF, CR, LF line terminators
Hash a26a03ad4e8a93c971a7664a83175250
ef6b4640453600c889d4c4c0a62d6cbea67f4d42
819bc5240943a722969134139795af2120ccb634c83d0bda40c3ed32246221ef
GET /xre/425/4254520/4118282/js/j-4254520-4118282.js HTTP/1.1
Host: cdn.flashtalking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 21:56:59 GMT
Connection: Keep-Alive
Cache-Control: max-age=762
Content-Encoding: gzip
Content-Length: 15221
Content-Type: text/javascript; charset=utf-8
Last-Modified: Thu, 10 Nov 2022 11:37:47 GMT
Accept-Ranges: bytes
x-amz-id-2: +6/bqbe8GUmhF3GptmGfHtCUvzJvyYfwR91Gw5oBAoXRGSjimSgaQMOt0zo08NdAtCkMLVUa5oU=
x-amz-request-id: WYENV6YWZ2RMAFND
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age: 3000
ETag: W/"343ee971d5fa1830a5a13a18ec3a5735"
X-HW: 1669499819.dop069.sk1.t,1669499819.cds236.sk1.shn,1669499819.dop069.sk1.t,1669499819.cds202.sk1.c
cdn.doubleverify.com/dv-measurements3225.js
95.101.11.115200 OK 107 kB URL HTTP/1.1 cdn.doubleverify.com/dv-measurements3225.js
IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Size 107 kB (107051 bytes)
Hash 91ae00b659005c9ae9ab9a3e80f8fc0c
524b8dd3a0a1beeb52d875f907a76a16b9e2d1e6
119a00e46e5ec2cc579840435b0f501d92f2727b51631638147c48067e48b161
GET /dv-measurements3225.js HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=946080900
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 22 Nov 2022 09:55:39 GMT
Accept-Ranges: bytes
ETag: "809f579358fed81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 107051
Date: Sat, 26 Nov 2022 21:56:59 GMT
Connection: keep-alive
cdn.doubleverify.com/dvtp_src.js?ctx=1828362&cmp=115739&sid=18330&plc=4254520&num=&adid=&advid=&adsrv=29&btreg=4254520&btadsrv=flashtalking&crt=4118282&crtname=&chnl=&unit=&pid=&uid=&dvtagver=6.1.src&dvp_ftimpid=8E79AA4E-EF35-9A0E-625F-0168FD1778B6&auevent=&715576433
95.101.11.115200 OK 3.3 kB URL HTTP/1.1 cdn.doubleverify.com/dvtp_src.js?ctx=1828362&cmp=115739&sid=18330&plc=4254520&num=&adid=&advid=&adsrv=29&btreg=4254520&btadsrv=flashtalking&crt=4118282&crtname=&chnl=&unit=&pid=&uid=&dvtagver=6.1.src&dvp_ftimpid=8E79AA4E-EF35-9A0E-625F-0168FD1778B6&auevent=&715576433
IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (7951)
Hash 9b7ce23aa4ed2d545251051de21faa86
e28916ece42e6fd50e00245de0b8bd37010b87a4
caf980ab1ffa6adf92204724f64b3870cd37f012a00d5128f81c0447fc8e8b0e
GET /dvtp_src.js?ctx=1828362&cmp=115739&sid=18330&plc=4254520&num=&adid=&advid=&adsrv=29&btreg=4254520&btadsrv=flashtalking&crt=4118282&crtname=&chnl=&unit=&pid=&uid=&dvtagver=6.1.src&dvp_ftimpid=8E79AA4E-EF35-9A0E-625F-0168FD1778B6&auevent=&715576433 HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=900
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 22 Nov 2022 11:10:24 GMT
Accept-Ranges: bytes
ETag: "0509c463fed81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 3314
Date: Sat, 26 Nov 2022 21:56:59 GMT
Connection: keep-alive
cdn.creative-bars1.com/sb/notifications/dating/default/us/universal/white/ssp/css/style.css
172.64.108.13200 OK 26 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/dating/default/us/universal/white/ssp/css/style.css
IP 172.64.108.13:0
Hash fbbd4d6f29977f17e6bfbdd2eb30d687
74d9daad4731995bf052f4e0ec2f4048ee11ef6f
e493a7b98c5a89f3568c2c617cd9436dfb837c96bb3b7d0b328e4444611c3963
GET /sb/notifications/dating/default/us/universal/white/ssp/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.file-upload.net
Connection: keep-alive
Referer: https://www.file-upload.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:56:58 GMT
content-type: text/css
last-modified: Fri, 27 Aug 2021 12:48:43 GMT
etag: W/"6128df2b-112c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 79092
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EcXg9jikg0k9kDmQ%2FUrTw36IJDJhWqpNh6i56XFfZXUfDNAkwbvNQ3SxeoLP9N1Q92XgbaXI%2BDNh%2BN3XjE8imXA85KUn0R3mtK0RQCEFz3Ff%2F%2FRjacQvvyPIyelZH%2FkLSy%2B3nLkiZfFq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7705e0874aa272f6-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
secure.flashtalking.com/oba/icon/iconc.png?EDAA_icon=y
23.38.200.44200 OK 1.3 kB URL HTTP/1.1 secure.flashtalking.com/oba/icon/iconc.png?EDAA_icon=y
IP 23.38.200.44:0
File type PNG image data, 19 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash db320ef6f3c45ab5c90887ef618de2bb
7d4bd175166545ea775fcb69b406eba11f7fa3ec
f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025
GET /oba/icon/iconc.png?EDAA_icon=y HTTP/1.1
Host: secure.flashtalking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sat, 12 Apr 2014 19:14:32 GMT
Content-Type: image/png
ETag: W/"db320ef6f3c45ab5c90887ef618de2bb"
X-Varnish: 440713868 434560932
Accept-Ranges: bytes
Content-Length: 1308
Cache-Control: max-age=646693
Expires: Sun, 04 Dec 2022 09:35:12 GMT
Date: Sat, 26 Nov 2022 21:56:59 GMT
Connection: keep-alive
Server: Flashtalking (AKA)
secure.flashtalking.com/oba/icon/consumer-privacy-logo.png
23.38.200.44200 OK 6.0 kB URL HTTP/1.1 secure.flashtalking.com/oba/icon/consumer-privacy-logo.png
IP 23.38.200.44:0
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash d675694ab4d4d2eb56cca854c25d9c36
34174b9397a3cb289f892f1f98ccc51a63698360
49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98
GET /oba/icon/consumer-privacy-logo.png HTTP/1.1
Host: secure.flashtalking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Thu, 11 Feb 2021 15:39:51 GMT
Content-Type: image/png
ETag: W/"d675694ab4d4d2eb56cca854c25d9c36"
X-Varnish: 721542519 721664610
Accept-Ranges: bytes
Content-Length: 5953
Cache-Control: max-age=1043
Expires: Sat, 26 Nov 2022 22:14:22 GMT
Date: Sat, 26 Nov 2022 21:56:59 GMT
Connection: keep-alive
Server: Flashtalking (AKA)
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 7cd82e88dba1e1fe7b952033d03676c4
701d2f858762b5ce8865855b0b07436953c989a9
d9b9bad0a4190bc4e675468cd8e26a880af92c13d632ffa7439937c657289c69
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 26 Nov 2022 21:57:00 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 26 Nov 2022 20:49:29 GMT
Expires: Sun, 27 Nov 2022 20:49:29 GMT
ETag: "701d2f858762b5ce8865855b0b07436953c989a9"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=133&ttfrms=17&bridua=2&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D7%3A%3D6%5CFA%3D%4025%5D%3F6ETauU2%26C%3Dl9EEADTbpTauTauHHH%5D7%3A%3D6%5CFA%3D%4025%5D%3F6ETau5%40H%3F%3D%4025%5C%60cee%60hefTau25G2%3F465%5DC2C%5D9E%3E%3D&srcurlD=0&aUrlD=-1&ssl=https:&dfs=965&ddur=93&uid=1669499819652447&jsCallback=dvCallback_1669499819652888&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&htmlmsging=1&chro=0&hist=1&winh=250&winw=300&wouh=1024&wouw=1280&scah=1002&scaw=1280&jsver=3225&tgjsver=3225&lvvn=28&m1=13&refD=2&fcifrms=9&brh=1&sdf=2&dvp_epl=184&noc=16&nav_pltfrm=Linux%20x86_64&ctx=1828362&cmp=115739&sid=18330&plc=4254520&crt=4118282&btreg=4254520&btadsrv=flashtalking&adsrv=29&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_ftimpid=8E79AA4E-EF35-9A0E-625F-0168FD1778B6&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=998074826658.757&dvp_tukv=118429503721.1967&dvp_uuid=1248843713319.7834&dvp_strhd=1&dvpx_strhd=1&dvp_tuid=756696234642
213.254.244.24200 OK 1.0 kB URL HTTP/1.1 tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=133&ttfrms=17&bridua=2&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D7%3A%3D6%5CFA%3D%4025%5D%3F6ETauU2%26C%3Dl9EEADTbpTauTauHHH%5D7%3A%3D6%5CFA%3D%4025%5D%3F6ETau5%40H%3F%3D%4025%5C%60cee%60hefTau25G2%3F465%5DC2C%5D9E%3E%3D&srcurlD=0&aUrlD=-1&ssl=https:&dfs=965&ddur=93&uid=1669499819652447&jsCallback=dvCallback_1669499819652888&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&htmlmsging=1&chro=0&hist=1&winh=250&winw=300&wouh=1024&wouw=1280&scah=1002&scaw=1280&jsver=3225&tgjsver=3225&lvvn=28&m1=13&refD=2&fcifrms=9&brh=1&sdf=2&dvp_epl=184&noc=16&nav_pltfrm=Linux%20x86_64&ctx=1828362&cmp=115739&sid=18330&plc=4254520&crt=4118282&btreg=4254520&btadsrv=flashtalking&adsrv=29&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_ftimpid=8E79AA4E-EF35-9A0E-625F-0168FD1778B6&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=998074826658.757&dvp_tukv=118429503721.1967&dvp_uuid=1248843713319.7834&dvp_strhd=1&dvpx_strhd=1&dvp_tuid=756696234642
IP 213.254.244.24:0
File type ASCII text, with very long lines (2445), with no line terminators
Hash 734f3cbdc7f02aff069825de05e8f638
4c89f47cfcedc2fc595824893f09ac42122f4bc7
0d7e760d564b88f0156543a41d8a8ac4d310097c779450dd5bea887feeceae45
GET /visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=133&ttfrms=17&bridua=2&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D7%3A%3D6%5CFA%3D%4025%5D%3F6ETauU2%26C%3Dl9EEADTbpTauTauHHH%5D7%3A%3D6%5CFA%3D%4025%5D%3F6ETau5%40H%3F%3D%4025%5C%60cee%60hefTau25G2%3F465%5DC2C%5D9E%3E%3D&srcurlD=0&aUrlD=-1&ssl=https:&dfs=965&ddur=93&uid=1669499819652447&jsCallback=dvCallback_1669499819652888&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&htmlmsging=1&chro=0&hist=1&winh=250&winw=300&wouh=1024&wouw=1280&scah=1002&scaw=1280&jsver=3225&tgjsver=3225&lvvn=28&m1=13&refD=2&fcifrms=9&brh=1&sdf=2&dvp_epl=184&noc=16&nav_pltfrm=Linux%20x86_64&ctx=1828362&cmp=115739&sid=18330&plc=4254520&crt=4118282&btreg=4254520&btadsrv=flashtalking&adsrv=29&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_ftimpid=8E79AA4E-EF35-9A0E-625F-0168FD1778B6&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=998074826658.757&dvp_tukv=118429503721.1967&dvp_uuid=1248843713319.7834&dvp_strhd=1&dvpx_strhd=1&dvp_tuid=756696234642 HTTP/1.1
Host: tps.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 21:56:59 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Cache-Control: max-age=0
Content-Encoding: br
Expires: 11/25/2022 21:56:59
Pragma: no-cache
Vary: Accept-Encoding
cdn.doubleverify.com/redirect/?host=tpsc-frc¶m=akipv6&impid=63653a1f7c9a4381a955fa36c7957018&dup=&cbust=1669499819906734
95.101.11.115302 Moved Temporarily 0 B URL HTTP/1.1 cdn.doubleverify.com/redirect/?host=tpsc-frc¶m=akipv6&impid=63653a1f7c9a4381a955fa36c7957018&dup=&cbust=1669499819906734
IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect/?host=tpsc-frc¶m=akipv6&impid=63653a1f7c9a4381a955fa36c7957018&dup=&cbust=1669499819906734 HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://tpsc-frc.doubleverify.com/event.png?impid=63653a1f7c9a4381a955fa36c7957018&akipv6=&dup=
Date: Sat, 26 Nov 2022 21:57:00 GMT
Connection: keep-alive
ocsp.starfieldtech.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash da1fdd9065cd0cb43974da8082f3e33d
baafd4422c44f5341e1dcdec5ce666b95ee9db59
3825371d858a8ba16aef38e9203970ebd05da82888a6edf27b45c419cabae41c
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 26 Nov 2022 21:57:00 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 26 Nov 2022 19:51:37 GMT
Expires: Sun, 27 Nov 2022 19:51:37 GMT
ETag: "baafd4422c44f5341e1dcdec5ce666b95ee9db59"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
tpsc-frc.doubleverify.com/event.png?impid=63653a1f7c9a4381a955fa36c7957018&akipv6=&dup=
213.254.244.24204 No Content 0 B URL HTTP/1.1 tpsc-frc.doubleverify.com/event.png?impid=63653a1f7c9a4381a955fa36c7957018&akipv6=&dup=
IP 213.254.244.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event.png?impid=63653a1f7c9a4381a955fa36c7957018&akipv6=&dup= HTTP/1.1
Host: tpsc-frc.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://googleads.g.doubleclick.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Sat, 26 Nov 2022 21:56:58 GMT
Cache-Control: max-age=0
Expires: 11/25/2022 21:57:00
Pragma: no-cache
pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstWMjE8BadSJvpzcstvQfVGZyjv8IObOgQ-BOOWxlPX9XhjSHVMwffDQ2RQMj4ThlYKMLbKMaTVJbxcNthRA16bHcfAECnFtSlfgbcv8RKl6A7crVkPbTuN0Nw9CXpCAAy6G5ASoe4&sai=AMfl-YTIuoF0XMunDuroladQQ3DRaPm_iZS_hDGaGRff3_1Tgpfai3IOcXG_oYGNV5Vjn6zVWIsp3iywqtR5NzF2HvM-F6CR-EW9IwrvMW3jrd4n5gPZ8Tkh1BYXbGVm9GjuLg&sig=Cg0ArKJSzHbXDVx7Y-TkEAE&cid=CAQSPgDq26N985DjYkhG6a3Jnd5tRhiDSLGjDk6tCrImLVRwqoZfcZH99rfr-cudzuqvH0xACvkbFNehJRFtHhydGAEgEw&id=lidar2&mcvt=1002&p=0,0,250,300&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2206994673&rs=2&la=0&cr=0&vs=4&r=v&rst=1669499818439&rpt=1111&met=mue&wmsd=0&pbe=0
142.250.74.98200 OK 42 B URL HTTP/2 pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstWMjE8BadSJvpzcstvQfVGZyjv8IObOgQ-BOOWxlPX9XhjSHVMwffDQ2RQMj4ThlYKMLbKMaTVJbxcNthRA16bHcfAECnFtSlfgbcv8RKl6A7crVkPbTuN0Nw9CXpCAAy6G5ASoe4&sai=AMfl-YTIuoF0XMunDuroladQQ3DRaPm_iZS_hDGaGRff3_1Tgpfai3IOcXG_oYGNV5Vjn6zVWIsp3iywqtR5NzF2HvM-F6CR-EW9IwrvMW3jrd4n5gPZ8Tkh1BYXbGVm9GjuLg&sig=Cg0ArKJSzHbXDVx7Y-TkEAE&cid=CAQSPgDq26N985DjYkhG6a3Jnd5tRhiDSLGjDk6tCrImLVRwqoZfcZH99rfr-cudzuqvH0xACvkbFNehJRFtHhydGAEgEw&id=lidar2&mcvt=1002&p=0,0,250,300&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2206994673&rs=2&la=0&cr=0&vs=4&r=v&rst=1669499818439&rpt=1111&met=mue&wmsd=0&pbe=0
IP 142.250.74.98:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pcs/activeview?xai=AKAOjstWMjE8BadSJvpzcstvQfVGZyjv8IObOgQ-BOOWxlPX9XhjSHVMwffDQ2RQMj4ThlYKMLbKMaTVJbxcNthRA16bHcfAECnFtSlfgbcv8RKl6A7crVkPbTuN0Nw9CXpCAAy6G5ASoe4&sai=AMfl-YTIuoF0XMunDuroladQQ3DRaPm_iZS_hDGaGRff3_1Tgpfai3IOcXG_oYGNV5Vjn6zVWIsp3iywqtR5NzF2HvM-F6CR-EW9IwrvMW3jrd4n5gPZ8Tkh1BYXbGVm9GjuLg&sig=Cg0ArKJSzHbXDVx7Y-TkEAE&cid=CAQSPgDq26N985DjYkhG6a3Jnd5tRhiDSLGjDk6tCrImLVRwqoZfcZH99rfr-cudzuqvH0xACvkbFNehJRFtHhydGAEgEw&id=lidar2&mcvt=1002&p=0,0,250,300&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2206994673&rs=2&la=0&cr=0&vs=4&r=v&rst=1669499818439&rpt=1111&met=mue&wmsd=0&pbe=0 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://googleads.g.doubleclick.net/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: image/gif
date: Sat, 26 Nov 2022 21:57:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=171&ttfrms=30&bridua=2&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D7%3A%3D6%5CFA%3D%4025%5D%3F6ETauU2%26C%3Dl9EEADTbpTauTauHHH%5D7%3A%3D6%5CFA%3D%4025%5D%3F6ETau5%40H%3F%3D%4025%5C%60cee%60hefTau25G2%3F465%5DC2C%5D9E%3E%3D&srcurlD=0&aUrlD=-1&ssl=https:&dfs=965&ddur=93&uid=1669499819604344&jsCallback=dvCallback_1669499819604748&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&htmlmsging=1&chro=0&hist=1&winh=250&winw=300&wouh=1024&wouw=1280&scah=1002&scaw=1280&jsver=3225&tgjsver=3225&lvvn=28&m1=13&refD=2&fcifrms=9&brh=1&sdf=2&dvp_epl=184&noc=16&nav_pltfrm=Linux%20x86_64&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://www.file-upload.net/download-14661967/advanced.rar.html&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVPX_PP_IMP_ID=ABAjH0gEN_FZLCMw4_U41ow_Go0S&DVP_DBM_1=3060631&DVP_DBM_2=11796640&DVP_DBM_3=34081968&DVP_DBM_4=210342129&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1549165130&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=998074826658.757&dvp_tukv=25630779363.399616&dvp_uuid=451919.71458972036&dvp_strhd=1&dvpx_strhd=1&dvp_tuid=549703536585
213.254.244.24200 OK 670 B URL HTTP/1.1 tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=171&ttfrms=30&bridua=2&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D7%3A%3D6%5CFA%3D%4025%5D%3F6ETauU2%26C%3Dl9EEADTbpTauTauHHH%5D7%3A%3D6%5CFA%3D%4025%5D%3F6ETau5%40H%3F%3D%4025%5C%60cee%60hefTau25G2%3F465%5DC2C%5D9E%3E%3D&srcurlD=0&aUrlD=-1&ssl=https:&dfs=965&ddur=93&uid=1669499819604344&jsCallback=dvCallback_1669499819604748&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&htmlmsging=1&chro=0&hist=1&winh=250&winw=300&wouh=1024&wouw=1280&scah=1002&scaw=1280&jsver=3225&tgjsver=3225&lvvn=28&m1=13&refD=2&fcifrms=9&brh=1&sdf=2&dvp_epl=184&noc=16&nav_pltfrm=Linux%20x86_64&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://www.file-upload.net/download-14661967/advanced.rar.html&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVPX_PP_IMP_ID=ABAjH0gEN_FZLCMw4_U41ow_Go0S&DVP_DBM_1=3060631&DVP_DBM_2=11796640&DVP_DBM_3=34081968&DVP_DBM_4=210342129&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1549165130&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=998074826658.757&dvp_tukv=25630779363.399616&dvp_uuid=451919.71458972036&dvp_strhd=1&dvpx_strhd=1&dvp_tuid=549703536585
IP 213.254.244.24:0
File type ASCII text, with very long lines (1169), with no line terminators
Hash 99cadb93724b733730c4e1b5d798fc4d
727d9a56c57029638b1f58c1aca4dfd1d7d68f1d
6940a10c2ede6a2cae1f932da8f5bea2cbd37c4ed789d7b0cccd54ff180e0078
GET /visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=171&ttfrms=30&bridua=2&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D7%3A%3D6%5CFA%3D%4025%5D%3F6ETauU2%26C%3Dl9EEADTbpTauTauHHH%5D7%3A%3D6%5CFA%3D%4025%5D%3F6ETau5%40H%3F%3D%4025%5C%60cee%60hefTau25G2%3F465%5DC2C%5D9E%3E%3D&srcurlD=0&aUrlD=-1&ssl=https:&dfs=965&ddur=93&uid=1669499819604344&jsCallback=dvCallback_1669499819604748&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&htmlmsging=1&chro=0&hist=1&winh=250&winw=300&wouh=1024&wouw=1280&scah=1002&scaw=1280&jsver=3225&tgjsver=3225&lvvn=28&m1=13&refD=2&fcifrms=9&brh=1&sdf=2&dvp_epl=184&noc=16&nav_pltfrm=Linux%20x86_64&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://www.file-upload.net/download-14661967/advanced.rar.html&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVPX_PP_IMP_ID=ABAjH0gEN_FZLCMw4_U41ow_Go0S&DVP_DBM_1=3060631&DVP_DBM_2=11796640&DVP_DBM_3=34081968&DVP_DBM_4=210342129&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1549165130&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=998074826658.757&dvp_tukv=25630779363.399616&dvp_uuid=451919.71458972036&dvp_strhd=1&dvpx_strhd=1&dvp_tuid=549703536585 HTTP/1.1
Host: tps.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 21:57:01 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Cache-Control: max-age=0
Content-Encoding: br
Expires: 11/25/2022 21:57:00
Pragma: no-cache
Vary: Accept-Encoding
cdn.doubleverify.com/redirect/?host=tpsc-frc¶m=akipv6&impid=8feea728e850414abea55a26387c0eb4&dup=&cbust=1669499820797971
95.101.11.115302 Moved Temporarily 0 B URL HTTP/1.1 cdn.doubleverify.com/redirect/?host=tpsc-frc¶m=akipv6&impid=8feea728e850414abea55a26387c0eb4&dup=&cbust=1669499820797971
IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect/?host=tpsc-frc¶m=akipv6&impid=8feea728e850414abea55a26387c0eb4&dup=&cbust=1669499820797971 HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://tpsc-frc.doubleverify.com/event.png?impid=8feea728e850414abea55a26387c0eb4&akipv6=&dup=
Date: Sat, 26 Nov 2022 21:57:00 GMT
Connection: keep-alive
tpsc-frc.doubleverify.com/event.png?impid=8feea728e850414abea55a26387c0eb4&akipv6=&dup=
213.254.244.24204 No Content 0 B URL HTTP/1.1 tpsc-frc.doubleverify.com/event.png?impid=8feea728e850414abea55a26387c0eb4&akipv6=&dup=
IP 213.254.244.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event.png?impid=8feea728e850414abea55a26387c0eb4&akipv6=&dup= HTTP/1.1
Host: tpsc-frc.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://googleads.g.doubleclick.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Sat, 26 Nov 2022 21:57:00 GMT
Cache-Control: max-age=0
Expires: 11/25/2022 21:57:00
Pragma: no-cache
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env
142.250.74.98200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env
IP 142.250.74.98:0
File type JSON data\012- , ASCII text, with very long lines (14723), with no line terminators
Hash 75cd25a3a223383560daa6cdcf0a5945
8082cb1ab1bbd90fbc0cbb78a473361f0a484de1
9901e1be4b56284d760d8b5947f8cc9f7c22009dba080bc045c8866afee83166
GET /getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.file-upload.net
Connection: keep-alive
Referer: https://www.file-upload.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Sat, 26 Nov 2022 21:57:00 GMT
server: cafe
content-length: 11109
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c0285adfe1c03ece15941876c3655519
ad3012f2c06e7d5e0036026aac114da29db4e2a3
28d1729de2f16e8b2feec61b058f0953920c3d5713fc8f25af3ee9f6b6f79c3b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28D1729DE2F16E8B2FEEC61B058F0953920C3D5713FC8F25AF3EE9F6B6F79C3B"
Last-Modified: Sat, 26 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3878
Expires: Sat, 26 Nov 2022 23:01:39 GMT
Date: Sat, 26 Nov 2022 21:57:01 GMT
Connection: keep-alive
unseenreport.com/pxf.gif?uuid=4adca8f1-5246-4f1c-9b17-78be783bc211&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=f5290245e2d0af25a9b4828613ce8328&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21
192.243.61.225200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=4adca8f1-5246-4f1c-9b17-78be783bc211&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=f5290245e2d0af25a9b4828613ce8328&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=4adca8f1-5246-4f1c-9b17-78be783bc211&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=f5290245e2d0af25a9b4828613ce8328&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file-upload.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 26 Nov 2022 21:57:01 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9c48d1d797745e3ce649ce0968f6e74d
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=4adca8f1-5246-4f1c-9b17-78be783bc211&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=844a71fdf0e30c1b81395db55473a737&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21
192.243.61.225200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=4adca8f1-5246-4f1c-9b17-78be783bc211&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=844a71fdf0e30c1b81395db55473a737&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=4adca8f1-5246-4f1c-9b17-78be783bc211&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=844a71fdf0e30c1b81395db55473a737&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file-upload.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 26 Nov 2022 21:57:01 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e9aaae589d65dd82a687a6a03a6ca3b4
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 7cd82e88dba1e1fe7b952033d03676c4
701d2f858762b5ce8865855b0b07436953c989a9
d9b9bad0a4190bc4e675468cd8e26a880af92c13d632ffa7439937c657289c69
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 26 Nov 2022 21:57:02 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 26 Nov 2022 20:49:29 GMT
Expires: Sun, 27 Nov 2022 20:49:29 GMT
ETag: "701d2f858762b5ce8865855b0b07436953c989a9"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash be0da545931a6e6f06c7eb8395b8a3af
bea09f1e5d361abfe41135f1497b1b469699b912
3428d08f184d29f34d4067e1796ecfa6aa9f9cc6e76006fac23aaf175bdd4eaf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:57:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash be0da545931a6e6f06c7eb8395b8a3af
bea09f1e5d361abfe41135f1497b1b469699b912
3428d08f184d29f34d4067e1796ecfa6aa9f9cc6e76006fac23aaf175bdd4eaf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:57:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ad.doubleclick.net/activity;src=1295336;type=cs;cat=Viewa0;u14=115739;u15=18330;u16=%5BDVP_ADID%5D;ord=1?&cbust=1669499822012662
142.250.74.102302 Found 0 B URL HTTP/2 ad.doubleclick.net/activity;src=1295336;type=cs;cat=Viewa0;u14=115739;u15=18330;u16=%5BDVP_ADID%5D;ord=1?&cbust=1669499822012662
IP 142.250.74.102:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /activity;src=1295336;type=cs;cat=Viewa0;u14=115739;u15=18330;u16=%5BDVP_ADID%5D;ord=1?&cbust=1669499822012662 HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 21:57:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://adservice.google.com/ddm/fls/p/src=1295336;type=cs;cat=Viewa0;u14=115739;u15=18330;u16=%5BDVP_ADID%5D;ord=1?&cbust=1669499822012662&~oref=https://googleads.g.doubleclick.net/
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 26-Nov-2022 22:12:02 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ad.doubleclick.net/ddm/activity/src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115739;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?%20&cbust=1669499822014190
142.250.74.102302 Found 0 B URL HTTP/2 ad.doubleclick.net/ddm/activity/src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115739;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?%20&cbust=1669499822014190
IP 142.250.74.102:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ddm/activity/src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115739;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?%20&cbust=1669499822014190 HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 21:57:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://adservice.google.com/ddm/fls/p/src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115739;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?%20&cbust=1669499822014190&~oref=https://googleads.g.doubleclick.net/
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 26-Nov-2022 22:12:02 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash be0da545931a6e6f06c7eb8395b8a3af
bea09f1e5d361abfe41135f1497b1b469699b912
3428d08f184d29f34d4067e1796ecfa6aa9f9cc6e76006fac23aaf175bdd4eaf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:57:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpsc-frc.doubleverify.com/event.png?impid=63653a1f7c9a4381a955fa36c7957018&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=246&eoid=11&msrjs=3225&sdf=67108866&vit=2&isvelg=1&rmi=16&tltms=93&tetms=5&msltms=16&vltms=246&sei=146&vetms=9&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=456&msrcannum=4&ismms=25&isumms=24&nvr=6&isgmmims=25&isgmv4mims=25&elmtp=6&isbxdms=2360&b0=100&b11=2338&adhgt=250&adwdth=300&norwdth=300&norhgt=250&vsos=6&dvp_vsosnmr=16&lftb=2438&sftb=2438&msrdp=1&naral=192&vct=512&vphgt=1024&vpwdth=1280&chgt=250&cwdth=300&invcs=false&scrhgt=1024&scrwdth=1280&strp=0&advisonl=false&isiabvms=1092&isuiabvms=1092&isgmpims=177&isgmv4dpims=1092&ispmxpms=1092&engalms=23&dvp_dpr=1&ttfurm=3268&cbust=1669499822905558
213.254.244.24204 No Content 0 B URL HTTP/1.1 tpsc-frc.doubleverify.com/event.png?impid=63653a1f7c9a4381a955fa36c7957018&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=246&eoid=11&msrjs=3225&sdf=67108866&vit=2&isvelg=1&rmi=16&tltms=93&tetms=5&msltms=16&vltms=246&sei=146&vetms=9&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=456&msrcannum=4&ismms=25&isumms=24&nvr=6&isgmmims=25&isgmv4mims=25&elmtp=6&isbxdms=2360&b0=100&b11=2338&adhgt=250&adwdth=300&norwdth=300&norhgt=250&vsos=6&dvp_vsosnmr=16&lftb=2438&sftb=2438&msrdp=1&naral=192&vct=512&vphgt=1024&vpwdth=1280&chgt=250&cwdth=300&invcs=false&scrhgt=1024&scrwdth=1280&strp=0&advisonl=false&isiabvms=1092&isuiabvms=1092&isgmpims=177&isgmv4dpims=1092&ispmxpms=1092&engalms=23&dvp_dpr=1&ttfurm=3268&cbust=1669499822905558
IP 213.254.244.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /event.png?impid=63653a1f7c9a4381a955fa36c7957018&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=246&eoid=11&msrjs=3225&sdf=67108866&vit=2&isvelg=1&rmi=16&tltms=93&tetms=5&msltms=16&vltms=246&sei=146&vetms=9&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=456&msrcannum=4&ismms=25&isumms=24&nvr=6&isgmmims=25&isgmv4mims=25&elmtp=6&isbxdms=2360&b0=100&b11=2338&adhgt=250&adwdth=300&norwdth=300&norhgt=250&vsos=6&dvp_vsosnmr=16&lftb=2438&sftb=2438&msrdp=1&naral=192&vct=512&vphgt=1024&vpwdth=1280&chgt=250&cwdth=300&invcs=false&scrhgt=1024&scrwdth=1280&strp=0&advisonl=false&isiabvms=1092&isuiabvms=1092&isgmpims=177&isgmv4dpims=1092&ispmxpms=1092&engalms=23&dvp_dpr=1&ttfurm=3268&cbust=1669499822905558 HTTP/1.1
Host: tpsc-frc.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/1.1 204 No Content
Date: Sat, 26 Nov 2022 21:56:10 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0
Expires: 11/25/2022 21:57:03
Pragma: no-cache
www.file-upload.net/download-14661967/advanced.rar.html
104.26.5.82200 OK 0 B URL HTTP/2 www.file-upload.net/download-14661967/advanced.rar.html
IP 104.26.5.82:0
GET /download-14661967/advanced.rar.html HTTP/1.1
Host: www.file-upload.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:56:55 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=h0qm1hc6q0660kivn1fig7evdo; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NFN20OEaE13U6ifHHnitSDU3%2FMx5HNa3%2FB7JJhGQTcNHg9G6rO8Aqsw%2F%2Fv8sLbwwD4lLDjfTRlLpQlc9ffe5S46Z%2BX1s%2Bg0zEYJDsftWmdT%2Fq%2BQ0tTss5d2hNHNswtmy45Y4YEU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7705e0753ff11c02-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.file-upload.net/favicon.ico
104.26.5.82200 OK 0 B URL HTTP/2 www.file-upload.net/favicon.ico
IP 104.26.5.82:0
GET /favicon.ico HTTP/1.1
Host: www.file-upload.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file-upload.net/download-14661967/advanced.rar.html
Cookie: PHPSESSID=h0qm1hc6q0660kivn1fig7evdo; ppu_show_on_844a71fdf0e30c1b81395db55473a737=1; cookie_consent_level=%7B%22strictly-necessary%22%3Atrue%2C%22functionality%22%3Afalse%2C%22tracking%22%3Afalse%2C%22targeting%22%3Afalse%7D; dom3ic8zudi28v8lr6fgphwffqoz0j6c=4adca8f1-5246-4f1c-9b17-78be783bc211%3A2%3A1; sb_main_f5290245e2d0af25a9b4828613ce8328=1; sb_count_f5290245e2d0af25a9b4828613ce8328=1; ppu_main_844a71fdf0e30c1b81395db55473a737=1; ppu_exp_844a71fdf0e30c1b81395db55473a737=1669507016666
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:56:56 GMT
content-type: image/vnd.microsoft.icon
last-modified: Mon, 09 Sep 2013 20:39:35 GMT
etag: W/"e36-4e5f962de8e76"
cache-control: max-age=2678400
expires: Sun, 04 Dec 2022 17:31:55 GMT
cf-cache-status: HIT
age: 2003101
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Us9gtu%2FQlZYQVSgfRA8CRbwjlE3RAsjgs5peX98%2FQ27yyYQyHcrRY9JejrP%2BPPsE5AavTyWYzvQmlAqlrvjIfI7%2BC5StDi0i59XZGjuD3hxnkxOSjvwZoBeaF%2FNGZJxv2q2E34I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7705e0800bc31c02-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.file-upload.net/byteflex/bf.js
104.26.5.82200 OK 0 B URL HTTP/2 www.file-upload.net/byteflex/bf.js
IP 104.26.5.82:0
GET /byteflex/bf.js HTTP/1.1
Host: www.file-upload.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file-upload.net/download-14661967/advanced.rar.html
Cookie: PHPSESSID=h0qm1hc6q0660kivn1fig7evdo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:56:55 GMT
content-type: application/javascript
last-modified: Fri, 13 Jan 2017 10:06:59 GMT
etag: W/"5790-545f6fe9efa6a-gzip"
cache-control: max-age=2678400
expires: Sat, 10 Dec 2022 10:07:04 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1511391
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EKm%2BT8FBDHJB092W5YvikoxzuxaO6qucW5DAwzfeOhxsXCFFQ7P1Pa%2BwPi2X1m1oa%2FSB4VNL29FIoLMjY0cFcF29eH5iufUH2UyyEhypx2i%2FPU1D2SDH9ZWhOCEF9ojWcJkBuEQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7705e076b9141c02-OSL
content-encoding: br
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
104.21.234.92200 OK 0 B URL HTTP/2 friendshipmale.com/sfp.js
IP 104.21.234.92:0
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file-upload.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:56:56 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: aa72df665c02100c7bf9936268664e94
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 26 Nov 2022 21:56:56 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xU6AdlxsqeBXUQNeOCOVWMuDxb56IGDSLMt9oaUvr6n6SkdnswwcGoBjGJLZhSqQEfNhHeuuX9PprwElsCZmaq%2BEuesh3DtppmPyfJaYskOvZZO2UEzCfbAM6NNIIbOCV4gCnP4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7705e07baf64777f-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.file-upload.net/js/jquery-1.7.2.min.js
104.26.5.82200 OK 0 B URL HTTP/2 www.file-upload.net/js/jquery-1.7.2.min.js
IP 104.26.5.82:0
GET /js/jquery-1.7.2.min.js HTTP/1.1
Host: www.file-upload.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.file-upload.net/download-14661967/advanced.rar.html
Cookie: PHPSESSID=h0qm1hc6q0660kivn1fig7evdo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:56:55 GMT
content-type: application/javascript
last-modified: Mon, 09 Sep 2013 20:41:22 GMT
etag: W/"17278-4e5f969448aeb-gzip"
cache-control: max-age=2678400
expires: Tue, 29 Nov 2022 08:28:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2467697
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NN1yRysXVwUs0UWo9Odsfk4CfvqoxPssD49fuaukaYqPzlvVZ1M%2FBLT20E37hWdJIy7fkt2GLXEXgem3I6KrqhC9dUtvCIjfeESbtv6CagB5EfMjVwOvAK34vxb%2Fizcgbst3YaI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7705e076b9131c02-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/au/df/bd/7a/dfbd7a33d1397e7e7063b1664658e57d/1601889852.html
45.133.44.4200 OK 0 B URL HTTP/2 cdn.barscreative1.com/sb/au/df/bd/7a/dfbd7a33d1397e7e7063b1664658e57d/1601889852.html
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert fortinet Phishing
GET /sb/au/df/bd/7a/dfbd7a33d1397e7e7063b1664658e57d/1601889852.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.file-upload.net
Connection: keep-alive
Referer: https://www.file-upload.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:56:57 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Mon, 16 Nov 2020 15:00:21 GMT
etag: W/"5fb29405-563"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sat, 26 Nov 2022 22:56:57 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/dating/default/us/universal/white/ssp/js/script.js
172.64.108.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/dating/default/us/universal/white/ssp/js/script.js
IP 172.64.108.13:0
GET /sb/notifications/dating/default/us/universal/white/ssp/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.file-upload.net
Connection: keep-alive
Referer: https://www.file-upload.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:56:58 GMT
content-type: application/javascript
last-modified: Mon, 05 Oct 2020 09:08:48 GMT
etag: W/"5f7ae2a0-182"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 79092
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZCuQHXBHkk9MA0xyc0d738vnhL8a2vd1l%2FUErMD7y4qmktTtYuZ6%2BYuQ8esm%2FThi7O22AGNmhMZ51cSHcjMkELSWAi6nKr1%2BL5TTDY%2FfQulMTMVVGKSMqT0zV8z6I%2BH5APNbayFL5%2B2I"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7705e0874a9c72f6-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2