Report - upfion.com/5kHgXxAg?token=eyJpdiI6IjRVQW1iek40QUNCS3BselRmemNid2c9PSIsInZhbHVlIjoiWjdzU3h2NjBVS0xGZXczdTNrV2dqUT09IiwibWFjIjoiYTgxNGE0MmExNWEwZTNjM2UzYWMyZDFjZDg0NWU5OGFmN2M2Y2MzNzlkZjM5OWUwYjEyOTI4ZmNlMTE5MzNlNSIsInRhZyI6IiJ9

Report Overview

Visited public
2025-02-26 19:27:48
Tags
URL
upfion.com/5kHgXxAg?token=eyJpdiI6IjRVQW1iek40QUNCS3BselRmemNid2c9PSIsInZhbHVlIjoiWjdzU3h2NjBVS0xGZXczdTNrV2dqUT09IiwibWFjIjoiYTgxNGE0MmExNWEwZTNjM2UzYWMyZDFjZDg0NWU5OGFmN2M2Y2MzNzlkZjM5OWUwYjEyOTI4ZmNlMTE5MzNlNSIsInRhZyI6IiJ9
Finishing URL
upfion.com/5kHgXxAg
IP / ASN
172.67.185.120
#13335 CLOUDFLARENET
Title
paingain99.mp4

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
gpp.netpub.media	unknown	2021-06-11	2024-12-11	2025-02-21	891 B	50 kB	104.22.53.160
accounts.google.com	81	1997-09-15	2012-05-23	2025-02-26	3.7 kB	14 kB	74.125.205.84
www.gstatic.com	unknown	2008-02-11	2012-05-29	2025-02-26	482 B	221 kB	142.250.74.3
undefined	142677	unknown	2020-01-28	2025-02-19	974 B	0 B	0.0.0.0
www.recaptcha.net	2060	2007-01-06	2012-07-11	2025-02-26	464 B	1.7 kB	216.58.207.195
upfion.com	unknown	2025-02-09	2025-02-26	2025-02-26	14 kB	2.0 MB	104.21.68.26
fstatic.netpub.media	974484	2021-06-11	2022-01-24	2025-02-24	423 B	559 B	104.22.53.160
remarkedoneoftheo.org	unknown	2025-02-17	2025-02-26	2025-02-26	2.8 kB	4.2 kB	104.21.74.69
ukankingwithea.com	unknown	2024-01-01	2024-09-05	2025-02-20	858 B	105 kB	104.21.80.1
d3eksfxlf7bv9h.cloudfront.net	unknown	2008-04-25	2025-01-08	2025-02-10	2.3 kB	257 kB	54.230.241.119
www.googletagmanager.com	75	2011-11-11	2012-10-04	2025-02-26	1.4 kB	467 kB	142.250.74.168
orbsdiacle.com	unknown	2024-04-21	2024-07-16	2025-02-10	407 B	1.2 kB	23.109.170.113
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2025-02-26	3.3 kB	243 kB	142.250.74.35
hecathedralinth.org	unknown	2025-02-17	2025-02-26	2025-02-26	2.0 kB	4.5 kB	3.164.230.5
pagead2.googlesyndication.com	101	2003-01-21	2012-05-21	2025-02-19	884 B	1.6 kB	216.58.211.2
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-02-26	504 B	33 kB	142.250.74.10

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-02-26	medium	orbsdiacle.com	Sinkholed
2025-02-26	medium	undefined	Sinkholed

ThreatFox

No alerts detected

JavaScript (18)

	URL	From	Size	First Seen	Last Seen
	upfion.com/sandbox%20eval%20code		147 B	2023-04-11	2025-05-08
Pretty URL upfion.com/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-08 04:44 Times Seen341056 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	upfion.com/js/ads.js	ScriptElement	1.5 kB	2024-11-30	2025-04-29
Pretty URL upfion.com/js/ads.js IP 104.21.68.26 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-11-30 23:21 Last Seen2025-04-29 18:10 Times Seen72 Hash cfda8d31536e90428f6d37f17590d92d c161162410c27db721479da020406e9e56a8b851 d92d2a6719b8462f29f2c9dc8f7c84be379feb798fdcc85ddade83fbb8fb2a45 Loading...

	www.googletagmanager.com/gtag/js?id=UA-197252557-1	ScriptElement	253 kB	2025-02-26	2025-02-26
Pretty URL www.googletagmanager.com/gtag/js?id=UA-197252557-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-26 19:27 Last Seen2025-02-26 19:27 Times Seen1 Hash a6fd3505ee64a2914b3eec6c2b42e633 514d9e48d3840f8ef01b2fa2eb62545042aa3ffc e1d0f84c94eb43e05a543e27438565c799b1aa76eb7d0454014af328596b8807 Loading...

	www.gstatic.com/recaptcha/releases/rW64dpMGAGrjU7JJQr9xxPl8/recaptcha__en.js	ScriptElement	557 kB	2025-02-20	2025-03-20
Pretty URL www.gstatic.com/recaptcha/releases/rW64dpMGAGrjU7JJQr9xxPl8/recaptcha__en.js IP 142.250.74.3 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-20 17:37 Last Seen2025-03-20 14:12 Times Seen4316 Hash 37cdee965051dd07fe782f0ca8bd2b95 21aa7b4463ddee54fabda733e7779a1792b36501 261da78085b862b1e5611b30aeeffc0922553ee403c98aeff2a78b727e3a84ce Loading...

	upfion.com/5kHgXxAg	ScriptElement	137 B	2024-06-14	2025-05-07
Pretty URL upfion.com/5kHgXxAg IP 104.21.68.26 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-06-14 21:34 Last Seen2025-05-07 02:35 Times Seen633 Hash ce3c6c91583912d465bfb227ebe3195b d311ab64071f1d4e574e70e1f977a5519ebf32bc dfd654ee36c9dcabb9e5f23054f77fff5968d4aa29dd66bf296c9286fb18b552 Loading...

	orbsdiacle.com/1clkn/34742	ScriptElement	6 B	2023-03-07	2025-05-08
Pretty URL orbsdiacle.com/1clkn/34742 IP 23.109.170.113 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-08 04:25 Times Seen12471 Hash 9082dc37e5e8046929da411544ad071a 41e0e3963ed94e59e8a2f115994c382712411537 b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550 Loading...

	upfion.com/5kHgXxAg	ScriptElement	65 kB	2025-01-18	2025-04-28
Pretty URL upfion.com/5kHgXxAg IP 104.21.68.26 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-01-18 18:36 Last Seen2025-04-28 04:10 Times Seen28 Hash dcf8f0374cb83d8b49199c4fda4b4e03 f3339926cb3dfebe1f33be44cd3f9e89c62c035a 3989ed4e7c9c8941b3a7ac7215932d4d45ea05b9253728cacfa186613af0c5ad Loading...

	upfion.com/5kHgXxAg	ScriptElement	1.0 kB	2025-02-26	2025-02-26
Pretty URL upfion.com/5kHgXxAg IP 104.21.68.26 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-02-26 19:27 Last Seen2025-02-26 19:27 Times Seen1 Hash 3567f2dac03e2ecb96643a7cf4a4b53c d17e37c3069bc2cacfd2dd1cc4a80b63871f9f09 2d30a2f0f63233126133ca6c3555fddc93b5290b172763ece4c74830c8e301fc Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-05-08
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-08 04:44 Times Seen340262 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	fstatic.netpub.media/extra/cmp/cmp-gdpr.js	ScriptElement	739 B	2024-12-11	2025-05-07
Pretty URL fstatic.netpub.media/extra/cmp/cmp-gdpr.js IP 104.22.53.160 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-11 18:21 Last Seen2025-05-07 13:02 Times Seen525 Hash aaee79c1ad6d5d6ce8c18aa000285386 3c20aa1526d0d2a123a665e563b3b7427b3b33cb 078ca4194bef5fc3c8e4c9e79f0f65254c1bf602d7c8ad4d589a60052a618074 Loading...

	www.googletagmanager.com/gtag/js?id=G-X2GS5JDQMX	ScriptElement	295 kB	2025-02-26	2025-02-26
Pretty URL www.googletagmanager.com/gtag/js?id=G-X2GS5JDQMX IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-26 19:27 Last Seen2025-02-26 19:27 Times Seen1 Hash 72afbc228fed764190f13f587c12da1a 29e8d75ab80f7709880cce1f85842952aac4ba49 09c8aa74ca5b3a34cadc5f547eb51ce6cd82d7860c8a45c493e44924dea9697d Loading...

	www.googletagmanager.com/gtag/js?id=G-75C4L64NEB&l=dataLayer&cx=c&gtm=457e52o0za200&tag_exp=101732282~101732284~102067808~102482433~102539968~102558064~102587591~102605417~102640600~102658453	ScriptElement	310 kB	2025-02-26	2025-02-26
Pretty URL www.googletagmanager.com/gtag/js?id=G-75C4L64NEB&l=dataLayer&cx=c&gtm=457e52o0za200&tag_exp=101732282~101732284~102067808~102482433~102539968~102558064~102587591~102605417~102640600~102658453 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-26 19:27 Last Seen2025-02-26 19:27 Times Seen1 Hash e52401b27a1997069a6fe13029e8f1dc 715f101dea8010a05de6fed12090e8643047b11c 6d1d74e29e22201ea7f799104150002fa4b8ed4c66167a524357c46096af62c0 Loading...

	upfion.com/5kHgXxAg	ScriptElement	205 B	2024-08-31	2025-04-28
Pretty URL upfion.com/5kHgXxAg IP 104.21.68.26 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-31 03:54 Last Seen2025-04-28 04:10 Times Seen117 Hash 1f91d7c0b21b5fb7e2315eb075b7919b 0238127f6ba64eb33a76fcaf4816cf59f913ad7b c5cad620a326c31474dbb15667204511db0845970467bf17d6e57348fb0f67cf Loading...

	upfion.com/js/frontend.js?id=a9ead52fa97a2708e6e9	ScriptElement	1.4 MB	2024-11-30	2025-04-29
Pretty URL upfion.com/js/frontend.js?id=a9ead52fa97a2708e6e9 IP 104.21.68.26 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-11-30 23:21 Last Seen2025-04-29 18:10 Times Seen77 Hash a9ead52fa97a2708e6e909b3777bd7fc b03c394ee849507472f56ab74b7535f6732334f7 b57bb1cc8f2421dfce98acb639dc6177ef3588289d0a175b1f7eac9d704e6b9f Loading...

	upfion.com/5kHgXxAg	ScriptElement	155 B	2023-03-08	2025-04-29
Pretty URL upfion.com/5kHgXxAg IP 104.21.68.26 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 15:28 Last Seen2025-04-29 18:10 Times Seen1148 Hash a1e0d623f9e510e759498d67c8281999 65e9e9287fd8060ebb5b624463ff977040e3d154 c66a236b63a0191f0cc1cb5a3c1b675c0fb7bf7d5e56b8c5ed34d70b10059aa7 Loading...

	d3eksfxlf7bv9h.cloudfront.net/?fsked=1139924	ScriptElement	385 kB	2025-02-26	2025-02-26
Pretty URL d3eksfxlf7bv9h.cloudfront.net/?fsked=1139924 IP 54.230.241.119 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-26 19:27 Last Seen2025-02-26 19:27 Times Seen1 Hash 70dc9517cdecaca4c8e8409a7ec08250 350a09fbdc1d47c99a811d7b09c58875dd0d0c13 c6b6468c7e370ac1fbbd9ced64b068753fe1d88d167e69b6273035c2c88618d5 Loading...

	www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit	ScriptElement	982 B	2025-02-21	2025-03-06
Pretty URL www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit IP 216.58.207.195 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-21 21:51 Last Seen2025-03-06 04:22 Times Seen11 Hash 85d8127bca8424bfabd708ff8fc4f7fe 5213878fd3a00672f9a5fa7e4c2de4ba30ad50dd 84050af6c8174225abce7f396d5531405b87016a5745ac887e3cc6dd70445d54 Loading...

	gpp.netpub.media/17405980451460.7837991321891906/run.js?v=17405980451460.7837991321891906	ScriptElement	251 B	2024-02-21	2025-05-07
Pretty URL gpp.netpub.media/17405980451460.7837991321891906/run.js?v=17405980451460.7837991321891906 IP 104.22.53.160 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-21 20:01 Last Seen2025-05-07 13:02 Times Seen1498 Hash 54f643b0fa8a7d71cb117679a6fbb2ce 573d440c0f9fa4cf53e85cf86a86eba173933a1c 851d2ece063bcac9a5addec55308a32557f978d2daf3950395fc3dc41e9e9336 Loading...

HTTP Transactions (51)

URL IP Response Size

upfion.com/

104.21.68.26

301 Moved Permanently

178 B

URL
upfion.com/
IP
104.21.68.26:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
bd2695f4b079c71dbddde3436286fb9c
733c05da132193d6cf1d8e242d12e2525c03bab4
2e04a18ff185ba5b16f762a0538339bc4049aceaef9738edd43af77d2ceb788b

HTTP Headers

GET / HTTP/1.1
Host: upfion.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Wed, 26 Feb 2025 19:27:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://upfion.com/
cf-cache-status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i%2Bf0cBr06%2BfBj2XwpUlICdM6VmiP09wo%2BBzCiKPUrs7x0IdAdEI8lqL3lFiM1ftnfeI3axrjCkI4TKbt7xbPmCYVnpxJrnTMXcVQkGBSAi8zngHXot3cDY2JFkCa"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 9182550f5e88b4f9-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=502&min_rtt=502&rtt_var=251&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=275&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

fstatic.netpub.media/extra/cmp/cmp-gdpr.js

104.22.53.160

307 Temporary Redirect

169 B

URL GET HTTP/2
fstatic.netpub.media/extra/cmp/cmp-gdpr.js
IP
104.22.53.160:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfion.com/5kHgXxAg
Certificate
IssuerGoogle Trust Services
Subjectnetpub.media
Fingerprint18:A3:E5:9C:B9:99:9D:6C:19:2B:CB:0C:A6:A6:35:59:EA:52:33:67
ValidityMon, 30 Dec 2024 07:31:49 GMT - Sun, 30 Mar 2025 08:31:31 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
169 B (169 bytes)
Hash
c2f0b06c1140ce9f7ad48858f9f34354
0e7d03830d70c77948ca229ba3e2c2f645fe8acf
7108fef32b066dcb8e074d4114e8614cfb6f1efeb9497c0b0268b7b4039f22bc

HTTP Headers

GET /extra/cmp/cmp-gdpr.js HTTP/1.1
Host: fstatic.netpub.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfion.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 307 Temporary Redirect
date: Wed, 26 Feb 2025 19:27:24 GMT
content-type: text/html
content-length: 169
location: https://gpp.netpub.media/init.js
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 91825512284eb509-OSL
X-Firefox-Spdy: h2

upfion.com/5kHgXxAg?token=eyJpdiI6IjRVQW1iek40QUNCS3BselRmemNid2c9PSIsInZhbHVlIjoiWjdzU3h2NjBVS0xGZXczdTNrV2dqUT09IiwibWFjIjoiYTgxNGE0MmExNWEwZTNjM2UzYWMyZDFjZDg0NWU5OGFmN2M2Y2MzNzlkZjM5OWUwYjEyOTI4ZmNlMTE5MzNlNSIsInRhZyI6IiJ9

104.21.68.26

302 Found

90 kB

URL User Request GET HTTP/2
upfion.com/5kHgXxAg?token=eyJpdiI6IjRVQW1iek40QUNCS3BselRmemNid2c9PSIsInZhbHVlIjoiWjdzU3h2NjBVS0xGZXczdTNrV2dqUT09IiwibWFjIjoiYTgxNGE0MmExNWEwZTNjM2UzYWMyZDFjZDg0NWU5OGFmN2M2Y2MzNzlkZjM5OWUwYjEyOTI4ZmNlMTE5MzNlNSIsInRhZyI6IiJ9
IP
104.21.68.26:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectupfion.com
FingerprintD0:24:D6:44:F7:F5:FE:7B:1D:B1:DB:60:4A:72:02:48:58:4C:9F:C5
ValiditySat, 22 Feb 2025 04:52:16 GMT - Fri, 23 May 2025 05:51:02 GMT

File type
data
Size
90 kB (89978 bytes)
Hash
b0cd03ead15da0f0af6c771cb5b099c3
ae7cfa89260c2ac9354fc3eb49b72951d9302796
fae74e4034647c63534a1517e634e5c659c2e09fc7ddeaae58d68167e8c028d6

HTTP Headers

GET /5kHgXxAg?token=eyJpdiI6IjRVQW1iek40QUNCS3BselRmemNid2c9PSIsInZhbHVlIjoiWjdzU3h2NjBVS0xGZXczdTNrV2dqUT09IiwibWFjIjoiYTgxNGE0MmExNWEwZTNjM2UzYWMyZDFjZDg0NWU5OGFmN2M2Y2MzNzlkZjM5OWUwYjEyOTI4ZmNlMTE5MzNlNSIsInRhZyI6IiJ9 HTTP/1.1
Host: upfion.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Wed, 26 Feb 2025 19:27:22 GMT
content-type: text/html; charset=UTF-8
location: https://upfion.com/5kHgXxAg
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: XSRF-TOKEN=eyJpdiI6Im1YdFducVVibnhJREM1eHlpTmdVckE9PSIsInZhbHVlIjoiWVZXWWJLWlR4aGlPbFBlbFgvQTVIV2xwdDdDZDRYNHE0SDlxTHVrak1aVExvaGVIK1ljMlBrSTVOaVV3ZmhtQ2lld2JoZ2c0TVIwbU96VlFZbkhrUGNiT2RQR3JqdnhNalhRWkZVbk1KUjdaWHAzUjlJQkQ2SVc2Z3hLTlhCTVIiLCJtYWMiOiJmMzM4ZTdlODU5ZGFhMWQzNGU1MDJjNDhlYWZjMWIyODYxYmRiOTNlM2RiYWJiNTE3NzUwMTliMjNhYTFmMTM2IiwidGFnIjoiIn0%3D; expires=Wed, 05-Mar-2025 19:27:22 GMT; Max-Age=604800; path=/; samesite=lax
upfiles_session=eyJpdiI6IkFUWENEZUgvK0UvTTA3a1BqczhIZkE9PSIsInZhbHVlIjoibzRtYk1vMmE4OFJEaXMySEpxMHZjOXpqTWdSRFYwMjA4Ri91dm1KQnZtbTZyU2ROVm9KWnMwcm1lV0trOVhMU3pRalpKTE1jYyswS2NtVlVTZk1mS2hYcGJRUDRrbTF3dXQ0OHVmd2h4aWRlT25TTjhXbStuUkoxOFVGRmlMYXkiLCJtYWMiOiI3Y2M2ZGZkNTNmNTg3NDNmODk5YjczMDAyMjZlODVmOTg0YzdiYmU0NTE0ZDY0MDdkZjAzZDM4Y2VhMTZhMTBiIiwidGFnIjoiIn0%3D; expires=Wed, 05-Mar-2025 19:27:22 GMT; Max-Age=604800; path=/; httponly; samesite=lax
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t3wNH43wYEI0Nm1aqnPYFmnoh%2FFKOxv1jXVlsM2tbDQyzxDaDoL6GT3PTHaJ6MRD8N1ro4vASRMrwlqPwYGm%2BPUBf3Ys05NNG02JzFyC6uNni76vFHnBtKv44P4r"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 918254fd2b4956c5-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=658&min_rtt=480&rtt_var=394&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3268&recv_bytes=1421&delivery_rate=6819466&cwnd=250&unsent_bytes=0&cid=b1e178d78264d786&ts=1813&x=0"
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-X2GS5JDQMX

142.250.74.168

200 OK

103 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-X2GS5JDQMX
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://upfion.com/5kHgXxAg
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintFD:F1:10:28:52:E9:04:06:B0:B4:B4:46:D2:2D:83:CA:9D:67:5E:8D
ValidityMon, 03 Feb 2025 08:36:05 GMT - Mon, 28 Apr 2025 08:36:04 GMT

File type
JavaScript source, ASCII text, with very long lines (5960)
Size
103 kB (102848 bytes)
Hash
72afbc228fed764190f13f587c12da1a
29e8d75ab80f7709880cce1f85842952aac4ba49
09c8aa74ca5b3a34cadc5f547eb51ce6cd82d7860c8a45c493e44924dea9697d

HTTP Headers

GET /gtag/js?id=G-X2GS5JDQMX HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfion.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 26 Feb 2025 19:27:24 GMT
expires: Wed, 26 Feb 2025 19:27:24 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1003:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1003:0
report-to: {"group":"ascgcycc:1003:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1003:0"}],}
server: Google Tag Manager
content-length: 102848
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

d3eksfxlf7bv9h.cloudfront.net/?fsked=1139924

54.230.241.119

200 OK

127 kB

URL GET HTTP/2
d3eksfxlf7bv9h.cloudfront.net/?fsked=1139924
IP
54.230.241.119:443
ASN
#16509 AMAZON-02

Requested by
https://upfion.com/5kHgXxAg
Certificate
IssuerAmazon
Subject*.cloudfront.net
Fingerprint28:D3:87:79:3C:E8:8B:3C:D9:10:45:E5:F7:64:7A:6D:44:4E:5A:62
ValidityTue, 30 Jul 2024 00:00:00 GMT - Thu, 03 Jul 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (38488)
Size
127 kB (126911 bytes)
Hash
70dc9517cdecaca4c8e8409a7ec08250
350a09fbdc1d47c99a811d7b09c58875dd0d0c13
c6b6468c7e370ac1fbbd9ced64b068753fe1d88d167e69b6273035c2c88618d5

HTTP Headers

GET /?fsked=1139924 HTTP/1.1
Host: d3eksfxlf7bv9h.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfion.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 126911
date: Wed, 26 Feb 2025 19:27:24 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: G_RjM25PbrUXyEPRYS7s6-fWg2A90nxt_hM5HMVLph-7wqDxLtj2DQ==
X-Firefox-Spdy: h2

orbsdiacle.com/1clkn/34742

23.109.170.113

200 OK

26 B

URL GET HTTP/1.1
orbsdiacle.com/1clkn/34742
IP
23.109.170.113:443
ASN
#7979 SERVERS-COM

Requested by
https://upfion.com/5kHgXxAg
Certificate
IssuerLet's Encrypt
Subjectorbsdiacle.com
FingerprintF1:1D:51:34:DC:1E:8C:3E:9B:61:FC:A2:9A:D8:E5:C1:E9:BF:13:F6
ValidityMon, 13 Jan 2025 01:45:28 GMT - Sun, 13 Apr 2025 01:45:27 GMT

File type
ASCII text, with no line terminators
Size
26 B (26 bytes)
Hash
9082dc37e5e8046929da411544ad071a
41e0e3963ed94e59e8a2f115994c382712411537
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1clkn/34742 HTTP/1.1
Host: orbsdiacle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfion.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Feb 2025 19:27:24 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Set-Cookie: GL_UI4=eJw9zV1OhDAcBHC%2B2dUFnYQDeASKlPDqi1fwkRT6B%2BtCuykV9PYSE32bTH6T8TwvKB7gb8kZ4afgeGKsbdqaV21ZD62o%2Br5tGl72vC1ZxceR46zWzol%2BJhfhtC7Cus5tES4TabJq6AYjKcPjof6aqza7jhD3VmiZIV4OMWdIe2v2lWwRItJiIaSvytJovg4hPoxFyJ7rIyt9ZL9EYNYizO%2BQviktj2V%2BQcDKPE883N9m4UZjl07JxEc8WSEJ%2FgtOg3A0GfuNVNJ6deYGmFl2%2F%2F73ONxZiUTSpgZCbNw72R%2B3Z03l; expires=Thu, 27-Feb-2025 19:27:24 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwViE0KgzAUBvMeJVAqhY96AE%2BQamsXbmuXRReewGopgZBIEvtz%2B%2BpiBmaEEJwmYD0hqQpV5ao8qeJSgl7gpgUPFrJx%2FtP%2FQB6cn8HeYtcG47LazTYuf8BmbZDG%2Fmr0N%2BucmaN2NoAXtnX%2FMM%2FjrbuDJkng6FaHMRWgtzz8AV7hHdE%3D; expires=Thu, 27-Feb-2025 19:27:24 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

gpp.netpub.media/init.js

104.22.53.160

200 OK

49 kB

URL GET HTTP/2
gpp.netpub.media/init.js
IP
104.22.53.160:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfion.com/5kHgXxAg
Certificate
IssuerGoogle Trust Services
Subjectnetpub.media
Fingerprint18:A3:E5:9C:B9:99:9D:6C:19:2B:CB:0C:A6:A6:35:59:EA:52:33:67
ValidityMon, 30 Dec 2024 07:31:49 GMT - Sun, 30 Mar 2025 08:31:31 GMT

File type
gzip compressed data, from Unix
Size
49 kB (48860 bytes)
Hash
d75345b7ed2f0250dc10449ae8396bd5
4547d849184389695563f4fc2d4d7fe5bffe2a8e
93a0115f5277194dbd9a136fc0e8a7e42b530db5dcc2d627444e81ea915960be

HTTP Headers

GET /init.js HTTP/1.1
Host: gpp.netpub.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfion.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 26 Feb 2025 19:27:24 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sun, 08 Dec 2024 00:36:50 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 91825512c94ab509-OSL
X-Firefox-Spdy: h2

fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2

142.250.74.35

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://upfion.com/5kHgXxAg
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintE1:4C:7D:BD:65:DC:FC:CD:59:FD:40:F4:A9:EE:C2:BA:91:98:B2:3D
ValidityMon, 03 Feb 2025 08:37:09 GMT - Mon, 28 Apr 2025 08:37:08 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48496, version 1.0
Size
48 kB (48496 bytes)
Hash
8b7943a41013101d892c4684617ed41d
1853b95f5ae2cc51c89edf6f2c44a676efe31f3b
9d9e7b21769c8048b64fbdc1743c32641c3aa1c70c37197987ffe14d0f0508cd

HTTP Headers

GET /s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfion.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48496
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 20 Feb 2025 10:09:01 GMT
expires: Fri, 20 Feb 2026 10:09:01 GMT
cache-control: public, max-age=31536000
age: 551904
last-modified: Mon, 29 Jul 2024 22:47:09 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

142.250.74.35

200 OK

40 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://upfion.com/5kHgXxAg
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintE1:4C:7D:BD:65:DC:FC:CD:59:FD:40:F4:A9:EE:C2:BA:91:98:B2:3D
ValidityMon, 03 Feb 2025 08:37:09 GMT - Mon, 28 Apr 2025 08:37:08 GMT

File type
Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
Size
40 kB (40128 bytes)
Hash
9a01b69183a9604ab3a439e388b30501
8ed1d59003d0dbe6360481017b44665153665fbe
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

HTTP Headers

GET /s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfion.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 20 Feb 2025 10:03:46 GMT
expires: Fri, 20 Feb 2026 10:03:46 GMT
cache-control: public, max-age=31536000
age: 552219
last-modified: Wed, 08 Jan 2025 18:23:10 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

142.250.74.35

200 OK

40 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://upfion.com/5kHgXxAg
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintE1:4C:7D:BD:65:DC:FC:CD:59:FD:40:F4:A9:EE:C2:BA:91:98:B2:3D
ValidityMon, 03 Feb 2025 08:37:09 GMT - Mon, 28 Apr 2025 08:37:08 GMT

File type
Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
Size
40 kB (40128 bytes)
Hash
9a01b69183a9604ab3a439e388b30501
8ed1d59003d0dbe6360481017b44665153665fbe
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

HTTP Headers

GET /s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfion.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 20 Feb 2025 10:03:46 GMT
expires: Fri, 20 Feb 2026 10:03:46 GMT
cache-control: public, max-age=31536000
age: 552219
last-modified: Wed, 08 Jan 2025 18:23:10 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

remarkedoneoftheo.org/M0FyNmUcfhFFWGoZKAABZHgqZFV9ByoHL3USQnw/ZQQweDR1JlRCDFd8QwdWCnhAAkNDKBYLVBUyBlcRRjJPB0NaLxRZWBU3TwdLAHVcBVMddVRDWAJnBkYEVHxDEBVHNR4LVAR1QgNcC3FGAlwFcg

104.21.74.69

204 No Content

0 B

URL GET HTTP/2
remarkedoneoftheo.org/M0FyNmUcfhFFWGoZKAABZHgqZFV9ByoHL3USQnw/ZQQweDR1JlRCDFd8QwdWCnhAAkNDKBYLVBUyBlcRRjJPB0NaLxRZWBU3TwdLAHVcBVMddVRDWAJnBkYEVHxDEBVHNR4LVAR1QgNcC3FGAlwFcg
IP
104.21.74.69:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfion.com/5kHgXxAg
Certificate
IssuerGoogle Trust Services
Subjectremarkedoneoftheo.org
Fingerprint8F:DC:4D:BA:54:E5:DD:94:77:6D:34:BC:48:22:B6:26:A5:38:90:A1
ValidityMon, 17 Feb 2025 13:43:22 GMT - Sun, 18 May 2025 14:40:55 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /M0FyNmUcfhFFWGoZKAABZHgqZFV9ByoHL3USQnw/ZQQweDR1JlRCDFd8QwdWCnhAAkNDKBYLVBUyBlcRRjJPB0NaLxRZWBU3TwdLAHVcBVMddVRDWAJnBkYEVHxDEBVHNR4LVAR1QgNcC3FGAlwFcg HTTP/1.1
Host: remarkedoneoftheo.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfion.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Wed, 26 Feb 2025 19:27:25 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=REKkW3gi%2F4bG29BdzAqkmuKusiyCZo62iUrmlxOreNBdaz8OgyfQJC5oZp8hiZsvhquMgarnD5%2Faz%2Bb701S7jm9JStgdBbNCifwUbzp6YcuHFGLjL05MdMwX%2BSa7E6hTIbajn8E8eFY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 91825515bab91bfe-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1591&min_rtt=419&rtt_var=2341&sent=9&recv=13&lost=0&retrans=0&sent_bytes=3302&recv_bytes=1708&delivery_rate=7528596&cwnd=254&unsent_bytes=0&cid=7302a49704b54672&ts=181&x=0"
X-Firefox-Spdy: h2

remarkedoneoftheo.org/MVlrOGUeZghLWGAOIgsEeR9abjQIOzlgL2cbB0wnUmgqfj1aCE1MDFVkWglRA21bD0NBMA8FVBcqH1kRRCpWCUNYNw1XWBcvVglLAm1FC1MfbU1NWAB/H0gEVmRaHhVFLQcFVAZtWw1cCWlfDVUBaQ

104.21.74.69

204 No Content

0 B

URL GET HTTP/2
remarkedoneoftheo.org/MVlrOGUeZghLWGAOIgsEeR9abjQIOzlgL2cbB0wnUmgqfj1aCE1MDFVkWglRA21bD0NBMA8FVBcqH1kRRCpWCUNYNw1XWBcvVglLAm1FC1MfbU1NWAB/H0gEVmRaHhVFLQcFVAZtWw1cCWlfDVUBaQ
IP
104.21.74.69:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfion.com/5kHgXxAg
Certificate
IssuerGoogle Trust Services
Subjectremarkedoneoftheo.org
Fingerprint8F:DC:4D:BA:54:E5:DD:94:77:6D:34:BC:48:22:B6:26:A5:38:90:A1
ValidityMon, 17 Feb 2025 13:43:22 GMT - Sun, 18 May 2025 14:40:55 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /MVlrOGUeZghLWGAOIgsEeR9abjQIOzlgL2cbB0wnUmgqfj1aCE1MDFVkWglRA21bD0NBMA8FVBcqH1kRRCpWCUNYNw1XWBcvVglLAm1FC1MfbU1NWAB/H0gEVmRaHhVFLQcFVAZtWw1cCWlfDVUBaQ HTTP/1.1
Host: remarkedoneoftheo.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfion.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Wed, 26 Feb 2025 19:27:25 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F3t2cKi6ZOgw5sYPwwjPNshLsdBqxXyhYKqBKYTLda0iFfw8S7%2Fm3oWeWhuZuU21JBQGpdZc%2F47UkB3vbnjRHIB1%2B9p1xO5Sk58vN1JmStO8ANTp9qIE4jHgFeXEdjP6H2%2FzJ6D98%2Bc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 91825515cad11bfe-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1591&min_rtt=419&rtt_var=2341&sent=10&recv=13&lost=0&retrans=0&sent_bytes=3879&recv_bytes=1708&delivery_rate=7528596&cwnd=254&unsent_bytes=0&cid=7302a49704b54672&ts=198&x=0"
X-Firefox-Spdy: h2

upfion.com/images/arrow-down.png?c98e5283a69cb508d054d30256af43c6

104.21.68.26

200 OK

208 B

URL GET HTTP/3
upfion.com/images/arrow-down.png?c98e5283a69cb508d054d30256af43c6
IP
104.21.68.26:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfion.com/5kHgXxAg
Certificate
IssuerGoogle Trust Services
Subjectupfion.com
FingerprintD0:24:D6:44:F7:F5:FE:7B:1D:B1:DB:60:4A:72:02:48:58:4C:9F:C5
ValiditySat, 22 Feb 2025 04:52:16 GMT - Fri, 23 May 2025 05:51:02 GMT

File type
PNG image data, 6 x 12, 8-bit/color RGBA, non-interlaced
Size
208 B (208 bytes)
Hash
31f073499665afb237f3294219d2d7c6
c1ada0510e31f661dab66203c15a3d6c8f5468d0
59b7ad6d6f457b624e25d22959edc7c83af2ac52edba32fd6648c97af0d1780c

HTTP Headers

GET /images/arrow-down.png?c98e5283a69cb508d054d30256af43c6 HTTP/1.1
Host: upfion.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfion.com/css/frontend.css?id=d2ff22fb187252e60fbb
Cookie: XSRF-TOKEN=eyJpdiI6ImpSckluR21obU1FNTBCaWNHUDl3QkE9PSIsInZhbHVlIjoiS0M0QjBVZGFXSGhLVHlPK1lTVW5ZQm5LOUM3RE1qb0VpS2g5bzFiTW5qQ3lyY0wzdDlpVEZIS1dhOWJzQmE3TnBlRFJyVytxOUZsS1VmazJleGd6aXR3VkVXNDlIMFVqRjJPOTc0QlJWeHBZRVJIWW9Gazl2bGtDaE1YS0pZWnQiLCJtYWMiOiI3Y2Y4OTlhNWYxYmU3OGMzYTAwZjA5ODQxMGIwNDcyMjJhYjE5MjZkNWJjYmM4ZTUxNmQ5ODNiYjczZWY1ZDBiIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6IlBhcTl6VDFWQS9VaHZ2bVN5ZHVjUEE9PSIsInZhbHVlIjoiV3RaTWdjSTVCd1FvZDdMY2xVbmZIK2xsWGhtM1c1OXBJMVhFa1E4d285R3haK2NtR2ordnZFVUlWbUVXUjRad2gxWWNUTjZlNEVsMzFiQ1RpaldwTXN0T2RWRGx0eTJ2dmVHUXhGQ3ZUdjUrZXBobUtjZmpFWWZENXNFc1AxWHIiLCJtYWMiOiI4OTM5YTE4ODJlNTkzODUwNzk4MjBlYzM5MWFlYmRlNThhMzIwZmJhY2E1YWQyZDJjZjZlZjkyNzBhODVjYzM2IiwidGFnIjoiIn0%3D; ab=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 26 Feb 2025 19:27:25 GMT
content-type: image/png
content-length: 208
last-modified: Sat, 28 Sep 2024 07:01:06 GMT
etag: "66f7a9b2-d0"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
accept-ranges: bytes
age: 659
cache-control: max-age=14400
cf-cache-status: HIT
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kBPYiKYTDMJJjUVxaHJic643YnmkOe0UbPXHFDlSlWjh36hXNkvwl1PVIgeLD7tMfrowLzEn1T4tfoNf%2BNsorBfaGliw1qpW6sDjY7XxR8Modgvtb6JiDXmMjOe6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 9182551688310b69-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3757&min_rtt=1311&rtt_var=2843&sent=445&recv=25&lost=0&retrans=0&sent_bytes=491070&recv_bytes=8329&delivery_rate=3535777&cwnd=247200&unsent_bytes=0&cid=07ea7550977fff63&ts=2276&x=1", cfExtPri, cfHdrFlush;dur=0

fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2

142.250.74.35

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://upfion.com/5kHgXxAg
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintE1:4C:7D:BD:65:DC:FC:CD:59:FD:40:F4:A9:EE:C2:BA:91:98:B2:3D
ValidityMon, 03 Feb 2025 08:37:09 GMT - Mon, 28 Apr 2025 08:37:08 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48496, version 1.0
Size
48 kB (48496 bytes)
Hash
8b7943a41013101d892c4684617ed41d
1853b95f5ae2cc51c89edf6f2c44a676efe31f3b
9d9e7b21769c8048b64fbdc1743c32641c3aa1c70c37197987ffe14d0f0508cd

HTTP Headers

GET /s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfion.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48496
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 20 Feb 2025 10:09:01 GMT
expires: Fri, 20 Feb 2026 10:09:01 GMT
cache-control: public, max-age=31536000
age: 551904
last-modified: Mon, 29 Jul 2024 22:47:09 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

142.250.74.35

200 OK

40 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://upfion.com/5kHgXxAg
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintE1:4C:7D:BD:65:DC:FC:CD:59:FD:40:F4:A9:EE:C2:BA:91:98:B2:3D
ValidityMon, 03 Feb 2025 08:37:09 GMT - Mon, 28 Apr 2025 08:37:08 GMT

File type
Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
Size
40 kB (40128 bytes)
Hash
9a01b69183a9604ab3a439e388b30501
8ed1d59003d0dbe6360481017b44665153665fbe
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

HTTP Headers

GET /s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfion.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 20 Feb 2025 10:03:46 GMT
expires: Fri, 20 Feb 2026 10:03:46 GMT
cache-control: public, max-age=31536000
age: 552219
last-modified: Wed, 08 Jan 2025 18:23:10 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

remarkedoneoftheo.org/QWtMbFduVC8fag88HhkOcgwIORE5OB8bDSU8IDYHAy0eCQIEX2oYPiVWfV1jc198WXExAihRZnlNPxg2NR4/UWZnAiIKOHxNOlFmb1tiXnl0TTlRZmcfPA0wfFpqHCM1B3FdYHVbeVVvcV95XGd4

104.21.74.69

204 No Content

0 B

URL GET HTTP/2
remarkedoneoftheo.org/QWtMbFduVC8fag88HhkOcgwIORE5OB8bDSU8IDYHAy0eCQIEX2oYPiVWfV1jc198WXExAihRZnlNPxg2NR4/UWZnAiIKOHxNOlFmb1tiXnl0TTlRZmcfPA0wfFpqHCM1B3FdYHVbeVVvcV95XGd4
IP
104.21.74.69:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfion.com/5kHgXxAg
Certificate
IssuerGoogle Trust Services
Subjectremarkedoneoftheo.org
Fingerprint8F:DC:4D:BA:54:E5:DD:94:77:6D:34:BC:48:22:B6:26:A5:38:90:A1
ValidityMon, 17 Feb 2025 13:43:22 GMT - Sun, 18 May 2025 14:40:55 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /QWtMbFduVC8fag88HhkOcgwIORE5OB8bDSU8IDYHAy0eCQIEX2oYPiVWfV1jc198WXExAihRZnlNPxg2NR4/UWZnAiIKOHxNOlFmb1tiXnl0TTlRZmcfPA0wfFpqHCM1B3FdYHVbeVVvcV95XGd4 HTTP/1.1
Host: remarkedoneoftheo.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfion.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Wed, 26 Feb 2025 19:27:25 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2ByjATrRKxNP2ZgU6B%2BMx7aok0Sqy1NYREBW9IcO6%2BXh3aT%2F8irOe6Sm3b05ox8%2Ftos7JgiTsDlUqG0e88mjm%2BPcLAUwxVR9VSPc%2BmqXTDt14raF2eD8Z6s8HwTJLD7FLIwEF%2Bc%2B8O5I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 91825515eb061bfe-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=3513&min_rtt=419&rtt_var=5599&sent=11&recv=14&lost=0&retrans=0&sent_bytes=4307&recv_bytes=1708&delivery_rate=7528596&cwnd=256&unsent_bytes=0&cid=7302a49704b54672&ts=206&x=0"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMaxKUBGEe.woff2

142.250.74.35

200 OK

20 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMaxKUBGEe.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://upfion.com/5kHgXxAg
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintE1:4C:7D:BD:65:DC:FC:CD:59:FD:40:F4:A9:EE:C2:BA:91:98:B2:3D
ValidityMon, 03 Feb 2025 08:37:09 GMT - Mon, 28 Apr 2025 08:37:08 GMT

File type
Web Open Font Format (Version 2), TrueType, length 20408, version 1.0
Size
20 kB (20408 bytes)
Hash
e8730678d4610fa908d3cba1ef0b4ddf
1efcbee909ce74bf04878d74867f12a1e41ae7a4
e921785496ed2d98c2257c88a6f838afa6acbee05cb8467048501bfe2a301461

HTTP Headers

GET /s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMaxKUBGEe.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfion.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20408
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 20 Feb 2025 13:40:34 GMT
expires: Fri, 20 Feb 2026 13:40:34 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 08 Jan 2025 18:23:12 GMT
content-type: font/woff2
age: 539211
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

hecathedralinth.org/MTZNRnFQVC4rTlALL2AEQ1pwY0N3E38AFQJTJjUXSVorcRNHDyVoEl1ZOCIXQ1kjMl9fUzljQ3d1LnZEdWcnJSB4ZX0tMnBVIwxCCXEcKAFJUioiNFByADEkWWA3CBt7ZAovNEVUCxcSeAQYKSNzQSoLQghlHyEwRH18fiJXTAMtIEZdPCAfeGQFP0lFfBw2J3pPfS4yWnwiDxhrYBkoAV14JiUSe255MSlGfyAINVl1Cz80SWwIDyJST3kyJWNZJAoIfGUcFxkDVAwiJld+Azcgc1kqDAgAdwwBBUlVIS05UAULPzNaeColQ1JzABEFSVUmBxB4fmAQQ3RdDAsrX3cFBUJZBRcxIElXfgAIY2cbNBJwewoXOUFCLi5EZlAFCx1kXgwqPXZVCwgpSUwuMRV1UH4IC3RdC2NDc3weMjd3Xyo1Pll8DwU5e04Md0AUBA8cJVJ9HCFXW0UiKAEMU3gIHFheLHcB

3.164.230.5

200 OK

1.2 kB

URL GET HTTP/2
hecathedralinth.org/MTZNRnFQVC4rTlALL2AEQ1pwY0N3E38AFQJTJjUXSVorcRNHDyVoEl1ZOCIXQ1kjMl9fUzljQ3d1LnZEdWcnJSB4ZX0tMnBVIwxCCXEcKAFJUioiNFByADEkWWA3CBt7ZAovNEVUCxcSeAQYKSNzQSoLQghlHyEwRH18fiJXTAMtIEZdPCAfeGQFP0lFfBw2J3pPfS4yWnwiDxhrYBkoAV14JiUSe255MSlGfyAINVl1Cz80SWwIDyJST3kyJWNZJAoIfGUcFxkDVAwiJld+Azcgc1kqDAgAdwwBBUlVIS05UAULPzNaeColQ1JzABEFSVUmBxB4fmAQQ3RdDAsrX3cFBUJZBRcxIElXfgAIY2cbNBJwewoXOUFCLi5EZlAFCx1kXgwqPXZVCwgpSUwuMRV1UH4IC3RdC2NDc3weMjd3Xyo1Pll8DwU5e04Md0AUBA8cJVJ9HCFXW0UiKAEMU3gIHFheLHcB
IP
3.164.230.5:443
ASN
#16509 AMAZON-02

Requested by
https://upfion.com/5kHgXxAg
Certificate
IssuerAmazon
Subjecthecathedralinth.org
FingerprintE1:DD:64:B3:B5:33:B0:31:35:46:56:B9:06:53:B3:4B:7D:B5:86:22
ValidityTue, 18 Feb 2025 00:00:00 GMT - Thu, 19 Mar 2026 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (3058), with no line terminators
Size
1.2 kB (1205 bytes)
Hash
68dd112a94fe6bbbc5496688534b49bf
571c87c71ec4bdb7703ddbffc02d7b2e9202eaf1
6da369fcb00a5ef490004c0ea9b8e774929b939449bd5d083bf29e5225b42ab7

HTTP Headers

GET /MTZNRnFQVC4rTlALL2AEQ1pwY0N3E38AFQJTJjUXSVorcRNHDyVoEl1ZOCIXQ1kjMl9fUzljQ3d1LnZEdWcnJSB4ZX0tMnBVIwxCCXEcKAFJUioiNFByADEkWWA3CBt7ZAovNEVUCxcSeAQYKSNzQSoLQghlHyEwRH18fiJXTAMtIEZdPCAfeGQFP0lFfBw2J3pPfS4yWnwiDxhrYBkoAV14JiUSe255MSlGfyAINVl1Cz80SWwIDyJST3kyJWNZJAoIfGUcFxkDVAwiJld+Azcgc1kqDAgAdwwBBUlVIS05UAULPzNaeColQ1JzABEFSVUmBxB4fmAQQ3RdDAsrX3cFBUJZBRcxIElXfgAIY2cbNBJwewoXOUFCLi5EZlAFCx1kXgwqPXZVCwgpSUwuMRV1UH4IC3RdC2NDc3weMjd3Xyo1Pll8DwU5e04Md0AUBA8cJVJ9HCFXW0UiKAEMU3gIHFheLHcB HTTP/1.1
Host: hecathedralinth.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfion.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html
content-length: 1205
date: Wed, 26 Feb 2025 19:27:25 GMT
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
set-cookie: AWSALB=YdLT0eBgRnf1BVrGYqGKX0GBruvgPEKBIEtKdDWGLlE+S8uVkXYjJg45zlS2BPEyzsJ/0kC+C8kcMY+uJKmrMvRCT5s2Ux8P1p+jYqUs5+29s8Cj2tpl+gPio/m4; Expires=Wed, 05 Mar 2025 19:27:25 GMT; Path=/
AWSALBCORS=YdLT0eBgRnf1BVrGYqGKX0GBruvgPEKBIEtKdDWGLlE+S8uVkXYjJg45zlS2BPEyzsJ/0kC+C8kcMY+uJKmrMvRCT5s2Ux8P1p+jYqUs5+29s8Cj2tpl+gPio/m4; Expires=Wed, 05 Mar 2025 19:27:25 GMT; Path=/; SameSite=None
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 61fafbbf54e5560686b2d414df132838.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P1
x-amz-cf-id: sUev6LnV2AtHGfL5N0uFoqHuXGzO5BYMk3ld8VSH-s83CZqz4HlrvA==
X-Firefox-Spdy: h2

hecathedralinth.org/UG10NWMxDxdYXDFQFhMWIgFJEFEWSEZzB2MIH0YFKAESAgEmVBwbADwCAVEFIgIaQU0+CAAQURZfLm0pEyMxXiQYPgxmBzgoFn8EPFkicCVnKSxBMQYpPnIvESMke1MBGzB3UyMqHVooGF8mUCw3Ahd4BDs/LGFTGzkTZzUbJTl3KSkkMnorJBsxZAQ9LixZJxgEOlQvPAUhf1I/HCNwLTs7JwUrBF4tZjMCOBB+MjtaMGQuITwOeDIWBEVyASgsIFNSOwA8TRAlOjddIgEsJXc5YTssViICBTFdECM4N2wwEToXcgYBHjNvFApYInApIy8zTTQdKllWJDU/PVcvESdNZCYVLDFtFwYuGmQiMistQjknN0FzFAIDNkILBTwsbAI1OAxtABE8AXQhFR0jBxsIIzx0JjUrInYAJz9AZCYSFCFcIggrDWcBHTg2dCERO0JgNSgUMV8bCTwDEwkjAhpFXghVO30ZHV0uBFY+KgNPLA

3.164.230.5

200 OK

1.2 kB

URL GET HTTP/2
hecathedralinth.org/UG10NWMxDxdYXDFQFhMWIgFJEFEWSEZzB2MIH0YFKAESAgEmVBwbADwCAVEFIgIaQU0+CAAQURZfLm0pEyMxXiQYPgxmBzgoFn8EPFkicCVnKSxBMQYpPnIvESMke1MBGzB3UyMqHVooGF8mUCw3Ahd4BDs/LGFTGzkTZzUbJTl3KSkkMnorJBsxZAQ9LixZJxgEOlQvPAUhf1I/HCNwLTs7JwUrBF4tZjMCOBB+MjtaMGQuITwOeDIWBEVyASgsIFNSOwA8TRAlOjddIgEsJXc5YTssViICBTFdECM4N2wwEToXcgYBHjNvFApYInApIy8zTTQdKllWJDU/PVcvESdNZCYVLDFtFwYuGmQiMistQjknN0FzFAIDNkILBTwsbAI1OAxtABE8AXQhFR0jBxsIIzx0JjUrInYAJz9AZCYSFCFcIggrDWcBHTg2dCERO0JgNSgUMV8bCTwDEwkjAhpFXghVO30ZHV0uBFY+KgNPLA
IP
3.164.230.5:443
ASN
#16509 AMAZON-02

Requested by
https://upfion.com/5kHgXxAg
Certificate
IssuerAmazon
Subjecthecathedralinth.org
FingerprintE1:DD:64:B3:B5:33:B0:31:35:46:56:B9:06:53:B3:4B:7D:B5:86:22
ValidityTue, 18 Feb 2025 00:00:00 GMT - Thu, 19 Mar 2026 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (3072), with no line terminators
Size
1.2 kB (1219 bytes)
Hash
62ac090af068104732c1d2ba55c15bb0
75d8cda33f54426e494a14d10d5d7d795c4539ae
0d38e1cc8cd3ef4845f73324a827d148a0dc7bdb318733ca62c6b77e2b859c5f

HTTP Headers

GET /UG10NWMxDxdYXDFQFhMWIgFJEFEWSEZzB2MIH0YFKAESAgEmVBwbADwCAVEFIgIaQU0+CAAQURZfLm0pEyMxXiQYPgxmBzgoFn8EPFkicCVnKSxBMQYpPnIvESMke1MBGzB3UyMqHVooGF8mUCw3Ahd4BDs/LGFTGzkTZzUbJTl3KSkkMnorJBsxZAQ9LixZJxgEOlQvPAUhf1I/HCNwLTs7JwUrBF4tZjMCOBB+MjtaMGQuITwOeDIWBEVyASgsIFNSOwA8TRAlOjddIgEsJXc5YTssViICBTFdECM4N2wwEToXcgYBHjNvFApYInApIy8zTTQdKllWJDU/PVcvESdNZCYVLDFtFwYuGmQiMistQjknN0FzFAIDNkILBTwsbAI1OAxtABE8AXQhFR0jBxsIIzx0JjUrInYAJz9AZCYSFCFcIggrDWcBHTg2dCERO0JgNSgUMV8bCTwDEwkjAhpFXghVO30ZHV0uBFY+KgNPLA HTTP/1.1
Host: hecathedralinth.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfion.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html
content-length: 1219
date: Wed, 26 Feb 2025 19:27:25 GMT
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
set-cookie: AWSALB=6osvLvb3pKAtXRCdbSZTp2y7NTTAesPnwyb+fV8vSWfcyS4mX27++ftpGHq3uzlBo8pnSzl7HSe4vik1Sq5T7PEkipejvXxXrOaq0lktPMNwbZ6Z3X7M5Yo7uNbF; Expires=Wed, 05 Mar 2025 19:27:25 GMT; Path=/
AWSALBCORS=6osvLvb3pKAtXRCdbSZTp2y7NTTAesPnwyb+fV8vSWfcyS4mX27++ftpGHq3uzlBo8pnSzl7HSe4vik1Sq5T7PEkipejvXxXrOaq0lktPMNwbZ6Z3X7M5Yo7uNbF; Expires=Wed, 05 Mar 2025 19:27:25 GMT; Path=/; SameSite=None
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 61fafbbf54e5560686b2d414df132838.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P1
x-amz-cf-id: dGAbISD_gaZDTqXqOi8RBIm8w7oIPvBb1N8o0ApgiB_SP1iLwiNZgw==
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-75C4L64NEB&l=dataLayer&cx=c&gtm=457e52o0za200&tag_exp=101732282~101732284~102067808~102482433~102539968~102558064~102587591~102605417~102640600~102658453

142.250.74.168

200 OK

108 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-75C4L64NEB&l=dataLayer&cx=c&gtm=457e52o0za200&tag_exp=101732282~101732284~102067808~102482433~102539968~102558064~102587591~102605417~102640600~102658453
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://upfion.com/5kHgXxAg
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintFD:F1:10:28:52:E9:04:06:B0:B4:B4:46:D2:2D:83:CA:9D:67:5E:8D
ValidityMon, 03 Feb 2025 08:36:05 GMT - Mon, 28 Apr 2025 08:36:04 GMT

File type
JavaScript source, ASCII text, with very long lines (5960)
Size
108 kB (107754 bytes)
Hash
e52401b27a1997069a6fe13029e8f1dc
715f101dea8010a05de6fed12090e8643047b11c
6d1d74e29e22201ea7f799104150002fa4b8ed4c66167a524357c46096af62c0

HTTP Headers

GET /gtag/js?id=G-75C4L64NEB&l=dataLayer&cx=c&gtm=457e52o0za200&tag_exp=101732282~101732284~102067808~102482433~102539968~102558064~102587591~102605417~102640600~102658453 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfion.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 26 Feb 2025 19:27:25 GMT
expires: Wed, 26 Feb 2025 19:27:25 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1003:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1003:0
report-to: {"group":"ascgcycc:1003:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1003:0"}],}
server: Google Tag Manager
content-length: 107754
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

d3eksfxlf7bv9h.cloudfront.net/?fsked=1139924

54.230.241.119

200 OK

127 kB

URL GET HTTP/2
d3eksfxlf7bv9h.cloudfront.net/?fsked=1139924
IP
54.230.241.119:443
ASN
#16509 AMAZON-02

Requested by
https://upfion.com/5kHgXxAg
Certificate
IssuerAmazon
Subject*.cloudfront.net
Fingerprint28:D3:87:79:3C:E8:8B:3C:D9:10:45:E5:F7:64:7A:6D:44:4E:5A:62
ValidityTue, 30 Jul 2024 00:00:00 GMT - Thu, 03 Jul 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (38488)
Size
127 kB (126915 bytes)
Hash
4218b0c04468f3859c568f3af7566668
9bfd854e616329b3de239d7046d8d06a2e998aa2
c047b5648ad2e0ce2e2643c1649e0c653214b403624482005b549f3bd7fd22c9

HTTP Headers

GET /?fsked=1139924 HTTP/1.1
Host: d3eksfxlf7bv9h.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfion.com/
Origin: https://upfion.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 126915
date: Wed, 26 Feb 2025 19:27:25 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://upfion.com
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MqtHHcROAoQp6Rs7pFQObY32nbpjMQ0JHUNZBG6MDZUJnJQP0eKXhA==
X-Firefox-Spdy: h2

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube

74.125.205.84

302 Found

0 B

URL GET HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
74.125.205.84:443
ASN
#15169 GOOGLE

Requested by
https://upfion.com/5kHgXxAg
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint58:3A:4F:E2:44:DC:15:5D:5D:9B:63:32:FE:71:B8:3A:70:EE:5A:EA
ValidityMon, 03 Feb 2025 08:38:04 GMT - Mon, 28 Apr 2025 08:38:03 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfion.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:xjmd1_DLJfrGZ9m6wTv3Nr9SIexacw:roVlpR8Oa7C5Kzpj; Expires=Fri, 26-Feb-2027 19:27:25 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 26 Feb 2025 19:27:25 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASSHykpWigs5ofZJA-wGcnKUZ4DDaTWjAkpk4zLT7-xy7WQ3ZOFO_Qe8SxESj4e0he3tShGgeX7hmw
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-ofhdHIpCefHrLFzDCd32Aw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

d3eksfxlf7bv9h.cloudfront.net/Cc05DQjcQIS0kCAcnJ38GQnpxdgdEaDMwUhVzNjJRGiEtbFQcI2UoRBwgM39SRgAuK18SfzNkQwkqfnIRHy8tJQpVKy0hCkJoIiZVTnplNkccJX4wXwImNDhCFyExZEIScy4tTRoiLyMSQQh2bAdWfHNqQBogJy1AAGtxclkHa3FyBkNgc2cEMWtxckAaIH-V2EkAMZnAHC3h3ZwQxa3FyRQVrcAMGQHptch5WfHMlUhAlLGcFNXxzcwdDf3NzEkF+JStFFigsOhJBCHJxA11+ZTcKQg

54.230.241.119

200 OK

590 B

URL
d3eksfxlf7bv9h.cloudfront.net/Cc05DQjcQIS0kCAcnJ38GQnpxdgdEaDMwUhVzNjJRGiEtbFQcI2UoRBwgM39SRgAuK18SfzNkQwkqfnIRHy8tJQpVKy0hCkJoIiZVTnplNkccJX4wXwImNDhCFyExZEIScy4tTRoiLyMSQQh2bAdWfHNqQBogJy1AAGtxclkHa3FyBkNgc2cEMWtxckAaIH-V2EkAMZnAHC3h3ZwQxa3FyRQVrcAMGQHptch5WfHMlUhAlLGcFNXxzcwdDf3NzEkF+JStFFigsOhJBCHJxA11+ZTcKQg
IP
54.230.241.119:0
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subject*.cloudfront.net
Fingerprint28:D3:87:79:3C:E8:8B:3C:D9:10:45:E5:F7:64:7A:6D:44:4E:5A:62
ValidityTue, 30 Jul 2024 00:00:00 GMT - Thu, 03 Jul 2025 23:59:59 GMT

File type
ASCII text, with very long lines (833), with no line terminators
Size
590 B (590 bytes)
Hash
ddb0272b0d0f42786c0d9407ece4d2b6
276a8f723584d0d79cf31a9725171b7d05830660
d5940a498746a15dac3440cc6e81efc0ed38d605051724eaccf9f331ce752238

HTTP Headers

GET /Cc05DQjcQIS0kCAcnJ38GQnpxdgdEaDMwUhVzNjJRGiEtbFQcI2UoRBwgM39SRgAuK18SfzNkQwkqfnIRHy8tJQpVKy0hCkJoIiZVTnplNkccJX4wXwImNDhCFyExZEIScy4tTRoiLyMSQQh2bAdWfHNqQBogJy1AAGtxclkHa3FyBkNgc2cEMWtxckAaIH-V2EkAMZnAHC3h3ZwQxa3FyRQVrcAMGQHptch5WfHMlUhAlLGcFNXxzcwdDf3NzEkF+JStFFigsOhJBCHJxA11+ZTcKQg HTTP/1.1
Host: d3eksfxlf7bv9h.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hecathedralinth.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 590
date: Wed, 26 Feb 2025 19:27:25 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LQgIvzwERk_PTfatANRoNBnBCGlHYHl2-RPcB5L2MoIn_efLXPDaCg==
X-Firefox-Spdy: h2

pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

216.58.211.2

200 OK

0 B

URL HEAD HTTP/2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP
216.58.211.2:443
ASN
#15169 GOOGLE

Requested by
https://upfion.com/5kHgXxAg
Certificate
IssuerGoogle Trust Services
Subject*.g.doubleclick.net
Fingerprint2D:C5:62:9D:B1:57:F7:B9:55:AA:27:48:D6:6A:A0:DE:C6:F1:54:CB
ValidityMon, 03 Feb 2025 08:36:05 GMT - Mon, 28 Apr 2025 08:36:04 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfion.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
vary: Accept-Encoding
date: Wed, 26 Feb 2025 19:27:25 GMT
expires: Wed, 26 Feb 2025 19:27:25 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 9918188176262094829
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 53097
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

d3eksfxlf7bv9h.cloudfront.net/2ZXJCNEkGHSxSdhEbJgl4VEF7DXtRVDJGLANPN0QvDB0sGioKH2ReOgocMgkRXT0KTgRVKHMBJyIFOHtvEQgmCXlDHiNaLlhUJ1oqWENkVS0HT3YSPRUdKQk7DQMqQzMQFi1GbxATf1kmHxsuWChAQAQBZ1VXcARhEhssUCYSAWcGeQsGZwZ5VEJsBGxWMG-cGeRIbLAJ9QEEAEXtVCnQAbFYwZwZ5FwRnBwhUQXYaeUxXcAQuABEpW2xXNHAEeFVCcwR4QEByUiAXFyRbMUBABAV6UVxyEjxYQw

54.230.241.119

200 OK

545 B

URL
d3eksfxlf7bv9h.cloudfront.net/2ZXJCNEkGHSxSdhEbJgl4VEF7DXtRVDJGLANPN0QvDB0sGioKH2ReOgocMgkRXT0KTgRVKHMBJyIFOHtvEQgmCXlDHiNaLlhUJ1oqWENkVS0HT3YSPRUdKQk7DQMqQzMQFi1GbxATf1kmHxsuWChAQAQBZ1VXcARhEhssUCYSAWcGeQsGZwZ5VEJsBGxWMG-cGeRIbLAJ9QEEAEXtVCnQAbFYwZwZ5FwRnBwhUQXYaeUxXcAQuABEpW2xXNHAEeFVCcwR4QEByUiAXFyRbMUBABAV6UVxyEjxYQw
IP
54.230.241.119:0
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subject*.cloudfront.net
Fingerprint28:D3:87:79:3C:E8:8B:3C:D9:10:45:E5:F7:64:7A:6D:44:4E:5A:62
ValidityTue, 30 Jul 2024 00:00:00 GMT - Thu, 03 Jul 2025 23:59:59 GMT

File type
ASCII text, with very long lines (751), with no line terminators
Size
545 B (545 bytes)
Hash
e6afac44e5ae41247ef51223c77169e5
1210d366dd1541093380d954fe480f763fed4101
d17596180c0aedaf82041937d0bae31de8104a5dc0474bf88fa62627b8d54687

HTTP Headers

GET /2ZXJCNEkGHSxSdhEbJgl4VEF7DXtRVDJGLANPN0QvDB0sGioKH2ReOgocMgkRXT0KTgRVKHMBJyIFOHtvEQgmCXlDHiNaLlhUJ1oqWENkVS0HT3YSPRUdKQk7DQMqQzMQFi1GbxATf1kmHxsuWChAQAQBZ1VXcARhEhssUCYSAWcGeQsGZwZ5VEJsBGxWMG-cGeRIbLAJ9QEEAEXtVCnQAbFYwZwZ5FwRnBwhUQXYaeUxXcAQuABEpW2xXNHAEeFVCcwR4QEByUiAXFyRbMUBABAV6UVxyEjxYQw HTTP/1.1
Host: d3eksfxlf7bv9h.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hecathedralinth.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 545
date: Wed, 26 Feb 2025 19:27:25 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5aKaFQdC6ZEiNQryrp9HdowgdNeijh0BIgiOv4dhEBnBuE3aqzkXVQ==
X-Firefox-Spdy: h2

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail

74.125.205.84

302 Found

0 B

URL GET HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
74.125.205.84:443
ASN
#15169 GOOGLE

Requested by
https://upfion.com/5kHgXxAg
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint58:3A:4F:E2:44:DC:15:5D:5D:9B:63:32:FE:71:B8:3A:70:EE:5A:EA
ValidityMon, 03 Feb 2025 08:38:04 GMT - Mon, 28 Apr 2025 08:38:03 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfion.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:Ph3wSYH7LhusMfnwoWjkvrwnRJNRfA:79hS-o89srkcR1_K; Expires=Fri, 26-Feb-2027 19:27:25 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 26 Feb 2025 19:27:25 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASSHykqTI2KpnYqYKdSkInd4Stylqn_YtJQsrmV9F92sZwrlvvmHHbZvcHKKxUw4KPhOhAVqDpuGKQ
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'nonce-5DeggjQ-QZwIB_m7ddxj2Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ukankingwithea.com/

104.21.80.1

200 OK

500 B

URL GET HTTP/2
ukankingwithea.com/
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfion.com/5kHgXxAg
Certificate
IssuerGoogle Trust Services
Subjectukankingwithea.com
FingerprintE8:14:F0:35:7D:16:C6:75:8B:49:F3:D0:CD:D7:52:BF:0E:4A:BA:B8
ValidityWed, 01 Jan 2025 13:14:55 GMT - Tue, 01 Apr 2025 14:13:37 GMT

File type
ASCII text, with no line terminators
Size
500 B (500 bytes)
Hash
d09890963e2f418d7be744091b5c390e
5de6abf7ee7cf02015f492c8283bf553a919dd20
3a0cbcb502abb1a802ab3d77c4a735cab9532d852c7611b83e2b8f1a3996ae7b

HTTP Headers

GET / HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfion.com/
Origin: https://upfion.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 26 Feb 2025 19:27:25 GMT
content-type: text/plain
set-cookie: csu=1158287740229853@1@1740598045; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://upfion.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0p401PKRhIlTJ9I38spi98ER3sWc90WKuweXEmY4ldOHGcXBpR4yguYo3NqXWjrYl3rU%2Bl0%2BbYEGLqsgGYCbevx6N0SNP2lsjywS29YBTHz%2FhpP89hdm6P0ZjKKnC20SX26Wjm8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 91825519daac56c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1040&min_rtt=407&rtt_var=712&sent=167&recv=45&lost=0&retrans=1&sent_bytes=212827&recv_bytes=1294&delivery_rate=35533742&cwnd=253&unsent_bytes=0&cid=0d16256ab3313f16&ts=323&x=0"
X-Firefox-Spdy: h2

remarkedoneoftheo.org/popunder.gif

104.21.74.69

200 OK

58 B

URL GET
remarkedoneoftheo.org/popunder.gif
IP
104.21.74.69:0
ASN
#13335 CLOUDFLARENET

Requested by
https://upfion.com/5kHgXxAg
Certificate
IssuerGoogle Trust Services
Subjectremarkedoneoftheo.org
Fingerprint8F:DC:4D:BA:54:E5:DD:94:77:6D:34:BC:48:22:B6:26:A5:38:90:A1
ValidityMon, 17 Feb 2025 13:43:22 GMT - Sun, 18 May 2025 14:40:55 GMT

File type
GIF image data, version 89a, 1 x 1
Size
58 B (58 bytes)
Hash
28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

HTTP Headers

GET /popunder.gif HTTP/1.1
Host: remarkedoneoftheo.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfion.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 26 Feb 2025 19:27:26 GMT
content-type: image/gif
content-length: 58
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
content-encoding: gzip
cf-cache-status: HIT
age: 10046
last-modified: Wed, 26 Feb 2025 16:40:00 GMT
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fRNHjtpWO1Hrbk64dWjZqsgo5zRb%2B1l3rm%2FbnTi4wC9pczlHDCqeF5gaLMkHn%2BUIAq3uL82xpKgt3nub2mHqZJBQgWkeRG3IAWe5lPpFlU8ngK6vQFOtO9%2Fhp3DG8EqHmmA2Vr3VmFA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 9182551c6a2cb4eb-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4307&min_rtt=3370&rtt_var=1933&sent=11&recv=8&lost=0&retrans=0&sent_bytes=4079&recv_bytes=1206&delivery_rate=176254&cwnd=12000&unsent_bytes=0&cid=bcd5127411abe1fc&ts=949&x=1", cfExtPri, cfHdrFlush;dur=0

ukankingwithea.com/asd100.bin

104.21.80.1

200 OK

103 kB

URL GET HTTP/2
ukankingwithea.com/asd100.bin
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfion.com/5kHgXxAg
Certificate
IssuerGoogle Trust Services
Subjectukankingwithea.com
FingerprintE8:14:F0:35:7D:16:C6:75:8B:49:F3:D0:CD:D7:52:BF:0E:4A:BA:B8
ValidityWed, 01 Jan 2025 13:14:55 GMT - Tue, 01 Apr 2025 14:13:37 GMT

File type
data
Size
103 kB (102680 bytes)
Hash
57fc5156dff7811005ddd559111cda37
d4a2cb3f14a4b3c6145e300dad3813ce150d637a
a43830f74af920e695f79e481b5cc7db306017b69461a1eee90b45566f1aa62c

HTTP Headers

GET /asd100.bin HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfion.com/
Origin: https://upfion.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 26 Feb 2025 19:27:25 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://upfion.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 1185
last-modified: Wed, 26 Feb 2025 19:07:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qJ9EfYjDQvFVXJaDf8zW0HVYI5TBYEBZdHbIhhMb59xMD%2FZF8JfKYBC6G4zB0odYGcupA7aL2%2BtZeRBg%2F03SNEyrrkyWsg0ontNfLxb8iFhusjxeFWvMgZzF9UnPqPHCY3%2F5eGc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 918255198a2856c6-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=476&min_rtt=430&rtt_var=126&sent=55&recv=13&lost=0&retrans=1&sent_bytes=68387&recv_bytes=1226&delivery_rate=7715808&cwnd=253&unsent_bytes=31856&cid=0d16256ab3313f16&ts=160&x=0"
X-Firefox-Spdy: h2

upfion.com/wp-content/uploads/2025/02/cropped-Add-a-heading-28-32x32.png

104.21.68.26

200 OK

1.8 kB

URL GET HTTP/3
upfion.com/wp-content/uploads/2025/02/cropped-Add-a-heading-28-32x32.png
IP
104.21.68.26:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfion.com/5kHgXxAg
Certificate
IssuerGoogle Trust Services
Subjectupfion.com
FingerprintD0:24:D6:44:F7:F5:FE:7B:1D:B1:DB:60:4A:72:02:48:58:4C:9F:C5
ValiditySat, 22 Feb 2025 04:52:16 GMT - Fri, 23 May 2025 05:51:02 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Size
1.8 kB (1793 bytes)
Hash
15bb3649bd37d8bc93f009e8d9bb7cb5
08c30dcea1a2d845e36ae2a413d4d4db00d506e3
f813406101c46d6450d337ee018b2d780a978ca041fd3e782952bcb817a750b7

HTTP Headers

GET /wp-content/uploads/2025/02/cropped-Add-a-heading-28-32x32.png HTTP/1.1
Host: upfion.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfion.com/5kHgXxAg
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImpSckluR21obU1FNTBCaWNHUDl3QkE9PSIsInZhbHVlIjoiS0M0QjBVZGFXSGhLVHlPK1lTVW5ZQm5LOUM3RE1qb0VpS2g5bzFiTW5qQ3lyY0wzdDlpVEZIS1dhOWJzQmE3TnBlRFJyVytxOUZsS1VmazJleGd6aXR3VkVXNDlIMFVqRjJPOTc0QlJWeHBZRVJIWW9Gazl2bGtDaE1YS0pZWnQiLCJtYWMiOiI3Y2Y4OTlhNWYxYmU3OGMzYTAwZjA5ODQxMGIwNDcyMjJhYjE5MjZkNWJjYmM4ZTUxNmQ5ODNiYjczZWY1ZDBiIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6IlBhcTl6VDFWQS9VaHZ2bVN5ZHVjUEE9PSIsInZhbHVlIjoiV3RaTWdjSTVCd1FvZDdMY2xVbmZIK2xsWGhtM1c1OXBJMVhFa1E4d285R3haK2NtR2ordnZFVUlWbUVXUjRad2gxWWNUTjZlNEVsMzFiQ1RpaldwTXN0T2RWRGx0eTJ2dmVHUXhGQ3ZUdjUrZXBobUtjZmpFWWZENXNFc1AxWHIiLCJtYWMiOiI4OTM5YTE4ODJlNTkzODUwNzk4MjBlYzM5MWFlYmRlNThhMzIwZmJhY2E1YWQyZDJjZjZlZjkyNzBhODVjYzM2IiwidGFnIjoiIn0%3D; ab=2; _ga_X2GS5JDQMX=GS1.1.1740598045.1.0.1740598045.0.0.0; _ga=GA1.1.846810785.1740598045; _ga_75C4L64NEB=GS1.1.1740598045.1.0.1740598045.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 26 Feb 2025 19:27:26 GMT
content-type: image/png
content-length: 1793
last-modified: Sun, 23 Feb 2025 18:56:19 GMT
etag: "701-62ed3c775e9cc"
cache-control: max-age=14400
cf-cache-status: HIT
age: 659
accept-ranges: bytes
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FcyzNW60hqwafWfO4D%2B%2BOejIn0YpIQhtTuQpRB5dkJIOjQAtHhgdMQI%2FBEDvDw0t%2F%2BbNP33D3B2XBsSD9KPicaQhJgMs%2F8pKkDqNXxP%2BXhcvJ2d2hM5dsCxAQMHD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 9182551c9f910b69-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4095&min_rtt=1311&rtt_var=2879&sent=449&recv=29&lost=0&retrans=0&sent_bytes=492839&recv_bytes=10364&delivery_rate=3568&cwnd=247200&unsent_bytes=0&cid=07ea7550977fff63&ts=3239&x=1", cfExtPri, cfHdrFlush;dur=0

accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASSHykpWigs5ofZJA-wGcnKUZ4DDaTWjAkpk4zLT7-xy7WQ3ZOFO_Qe8SxESj4e0he3tShGgeX7hmw

74.125.205.84

302 Found

420 B

URL GET HTTP/2
accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASSHykpWigs5ofZJA-wGcnKUZ4DDaTWjAkpk4zLT7-xy7WQ3ZOFO_Qe8SxESj4e0he3tShGgeX7hmw
IP
74.125.205.84:443
ASN
#15169 GOOGLE

Requested by
https://upfion.com/5kHgXxAg
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint58:3A:4F:E2:44:DC:15:5D:5D:9B:63:32:FE:71:B8:3A:70:EE:5A:EA
ValidityMon, 03 Feb 2025 08:38:04 GMT - Mon, 28 Apr 2025 08:38:03 GMT

File type
HTML document, ASCII text, with very long lines (392)
Size
420 B (420 bytes)
Hash
f4e1def413266d000bffa9b9e9cac287
f4e2278879ec7bf0735575f57569cdf302aef213
7c74132795a73ccf7473cc4fc8d26dc03475ae7cee1a7e6076392e7426a78922

HTTP Headers

GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASSHykpWigs5ofZJA-wGcnKUZ4DDaTWjAkpk4zLT7-xy7WQ3ZOFO_Qe8SxESj4e0he3tShGgeX7hmw HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfion.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:NPGgcZhlYAauDdVUOqP3BdJSIM51JA:to-RtojuTBmqELxw;Path=/;Expires=Fri, 26-Feb-2027 19:27:26 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 26 Feb 2025 19:27:26 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASSHykphab3mWk0MA_njn0b8Ncr8AkqV4BjOl9tu1h70hSHUC2a_WkHoBIde-Ast0TFT6nowMYx7&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1695008046%3A1740598046187209&ddm=1
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-7KbgFOCzZZOn-5f6Itk8aA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 420
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASSHykqTI2KpnYqYKdSkInd4Stylqn_YtJQsrmV9F92sZwrlvvmHHbZvcHKKxUw4KPhOhAVqDpuGKQ

74.125.205.84

302 Found

419 B

URL GET HTTP/2
accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASSHykqTI2KpnYqYKdSkInd4Stylqn_YtJQsrmV9F92sZwrlvvmHHbZvcHKKxUw4KPhOhAVqDpuGKQ
IP
74.125.205.84:443
ASN
#15169 GOOGLE

Requested by
https://upfion.com/5kHgXxAg
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint58:3A:4F:E2:44:DC:15:5D:5D:9B:63:32:FE:71:B8:3A:70:EE:5A:EA
ValidityMon, 03 Feb 2025 08:38:04 GMT - Mon, 28 Apr 2025 08:38:03 GMT

File type
HTML document, ASCII text, with very long lines (388)
Size
419 B (419 bytes)
Hash
2ba0a661d2f5f019abfa80d264c81f50
d94a45140ef7dc15ad98e0afddd8a066d338bbee
503bda6a5aca17eab532875cf3d5ee2c63165304502f7a242e464aefc030bcbe

HTTP Headers

GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASSHykqTI2KpnYqYKdSkInd4Stylqn_YtJQsrmV9F92sZwrlvvmHHbZvcHKKxUw4KPhOhAVqDpuGKQ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfion.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:daKzlFoyeTBRT37Y8_gnGMODehwGoA:FBq0aXGKoLdEs3nw;Path=/;Expires=Fri, 26-Feb-2027 19:27:26 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 26 Feb 2025 19:27:26 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASSHykqg9le32usEIQUJuA7Z8xccGdQ3S-QS-BxrkUg6hj0i8sMpgt4Z_KNezBgczb31HhhUdyKn&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1948290841%3A1740598046190669&ddm=1
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: script-src 'nonce-AXjG1L0GqVTwbi69jUTKvg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 419
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/rW64dpMGAGrjU7JJQr9xxPl8/recaptcha__en.js

142.250.74.3

200 OK

220 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/rW64dpMGAGrjU7JJQr9xxPl8/recaptcha__en.js
IP
142.250.74.3:443
ASN
#15169 GOOGLE

Requested by
https://upfion.com/5kHgXxAg
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintE1:4C:7D:BD:65:DC:FC:CD:59:FD:40:F4:A9:EE:C2:BA:91:98:B2:3D
ValidityMon, 03 Feb 2025 08:37:09 GMT - Mon, 28 Apr 2025 08:37:08 GMT

File type
JavaScript source, ASCII text, with very long lines (663)
Size
220 kB (219782 bytes)
Hash
37cdee965051dd07fe782f0ca8bd2b95
21aa7b4463ddee54fabda733e7779a1792b36501
261da78085b862b1e5611b30aeeffc0922553ee403c98aeff2a78b727e3a84ce

HTTP Headers

GET /recaptcha/releases/rW64dpMGAGrjU7JJQr9xxPl8/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfion.com
DNT: 1
Connection: keep-alive
Referer: https://upfion.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
timing-allow-origin: *
content-length: 219782
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 26 Feb 2025 11:14:24 GMT
expires: Thu, 26 Feb 2026 11:14:24 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 18 Feb 2025 01:00:53 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 29582
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

216.58.211.2

200 OK

0 B

URL HEAD HTTP/2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP
216.58.211.2:443
ASN
#15169 GOOGLE

Requested by
https://upfion.com/5kHgXxAg
Certificate
IssuerGoogle Trust Services
Subject*.g.doubleclick.net
Fingerprint2D:C5:62:9D:B1:57:F7:B9:55:AA:27:48:D6:6A:A0:DE:C6:F1:54:CB
ValidityMon, 03 Feb 2025 08:36:05 GMT - Mon, 28 Apr 2025 08:36:04 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfion.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
vary: Accept-Encoding
date: Wed, 26 Feb 2025 19:27:26 GMT
expires: Wed, 26 Feb 2025 19:27:26 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 8181044093537752881
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 53099
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

remarkedoneoftheo.org/QTl4NXVuBhtGSBZTLloWFAgNdBkDeh1iHgJuLX9MIHgcVCdyXl5BHCUESQRBcw1IAlMxUBwIRGdKDFQBNEpFBkVxCF5cGydWRQVFcQheQ0hwF0sBW3IPVgFTNARJBEB5C0ACQnUJSgdMeQxLEwExWB8IRGdJDEEZfAhPAUV0AEAFQXcMQAw

104.21.74.69

204 No Content

0 B

URL POST HTTP/3
remarkedoneoftheo.org/QTl4NXVuBhtGSBZTLloWFAgNdBkDeh1iHgJuLX9MIHgcVCdyXl5BHCUESQRBcw1IAlMxUBwIRGdKDFQBNEpFBkVxCF5cGydWRQVFcQheQ0hwF0sBW3IPVgFTNARJBEB5C0ACQnUJSgdMeQxLEwExWB8IRGdJDEEZfAhPAUV0AEAFQXcMQAw
IP
104.21.74.69:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfion.com/5kHgXxAg
Certificate
IssuerGoogle Trust Services
Subjectremarkedoneoftheo.org
Fingerprint8F:DC:4D:BA:54:E5:DD:94:77:6D:34:BC:48:22:B6:26:A5:38:90:A1
ValidityMon, 17 Feb 2025 13:43:22 GMT - Sun, 18 May 2025 14:40:55 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /QTl4NXVuBhtGSBZTLloWFAgNdBkDeh1iHgJuLX9MIHgcVCdyXl5BHCUESQRBcw1IAlMxUBwIRGdKDFQBNEpFBkVxCF5cGydWRQVFcQheQ0hwF0sBW3IPVgFTNARJBEB5C0ACQnUJSgdMeQxLEwExWB8IRGdJDEEZfAhPAUV0AEAFQXcMQAw HTTP/1.1
Host: remarkedoneoftheo.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfion.com
DNT: 1
Connection: keep-alive
Referer: https://upfion.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/3 204 No Content
date: Wed, 26 Feb 2025 19:27:26 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=54t8HjezmGTUQKPOjSZUiAy5c2Yi7p%2BWbd48SFFW5mrZkKqYGqqL7BZ1Ey3MIuHicil8Naph0MUhs2KIS8ZUkmV92XAT5vFozIyOgEw10FdfgR3JxPtfqENAfLr4P02OjvxDESIW9Nw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9182551f4f00b4eb-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6578&min_rtt=3370&rtt_var=5991&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4920&recv_bytes=1652&delivery_rate=865&cwnd=12000&unsent_bytes=0&cid=bcd5127411abe1fc&ts=1516&x=1", cfExtPri, cfHdrFlush;dur=0

undefined/a0ZqeXIKJAkUTQp7CF8HGSpXXEAtY1g/FlgjAQoUEyoMThAdfwJXEQcpHx0UGSkEDVwFIx5cQC0oC0s7XhQtLDsvEAkQJQN+JiEqBxM9FSsnJSwvFzkDAUszKncMLTY6AiseQzMnDSA3Lz5SDDQMFycqKgAgKy0CGQ88IDchdTsoNy0PASwbAxA+KygvDywREDkAPxUxHD4MMQsuCik/SiIfDSgiKgc4DiMTci47MQANLygGPQ0rKz0+DlMBIVoyIjpBOQgiOAYzDysWES4UEkskOhM9MToxED0VOzMiLzsrIgQSSyQ5MSYvQSEUPhU0XB88HRAsIUdABToADR46Ixw8PiA6JQ4AIAoTO0gDPRMgMTFYFyk9FS0VIUkwMQwrDUI9AB4qMSMUPy0eKgwjHgUxBFtBACMTXygUWBA9IUIcDDMRMDwTHV8YGCkECU8RLDIrF1gpLzQmHn8sEh5b

0.0.0.0

0 B

URL GET
undefined/a0ZqeXIKJAkUTQp7CF8HGSpXXEAtY1g/FlgjAQoUEyoMThAdfwJXEQcpHx0UGSkEDVwFIx5cQC0oC0s7XhQtLDsvEAkQJQN+JiEqBxM9FSsnJSwvFzkDAUszKncMLTY6AiseQzMnDSA3Lz5SDDQMFycqKgAgKy0CGQ88IDchdTsoNy0PASwbAxA+KygvDywREDkAPxUxHD4MMQsuCik/SiIfDSgiKgc4DiMTci47MQANLygGPQ0rKz0+DlMBIVoyIjpBOQgiOAYzDysWES4UEkskOhM9MToxED0VOzMiLzsrIgQSSyQ5MSYvQSEUPhU0XB88HRAsIUdABToADR46Ixw8PiA6JQ4AIAoTO0gDPRMgMTFYFyk9FS0VIUkwMQwrDUI9AB4qMSMUPy0eKgwjHgUxBFtBACMTXygUWBA9IUIcDDMRMDwTHV8YGCkECU8RLDIrF1gpLzQmHn8sEh5b
IP
0.0.0.0:0
ASN
#0

Requested by
https://upfion.com/5kHgXxAg

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /a0ZqeXIKJAkUTQp7CF8HGSpXXEAtY1g/FlgjAQoUEyoMThAdfwJXEQcpHx0UGSkEDVwFIx5cQC0oC0s7XhQtLDsvEAkQJQN+JiEqBxM9FSsnJSwvFzkDAUszKncMLTY6AiseQzMnDSA3Lz5SDDQMFycqKgAgKy0CGQ88IDchdTsoNy0PASwbAxA+KygvDywREDkAPxUxHD4MMQsuCik/SiIfDSgiKgc4DiMTci47MQANLygGPQ0rKz0+DlMBIVoyIjpBOQgiOAYzDysWES4UEkskOhM9MToxED0VOzMiLzsrIgQSSyQ5MSYvQSEUPhU0XB88HRAsIUdABToADR46Ixw8PiA6JQ4AIAoTO0gDPRMgMTFYFyk9FS0VIUkwMQwrDUI9AB4qMSMUPy0eKgwjHgUxBFtBACMTXygUWBA9IUIcDDMRMDwTHV8YGCkECU8RLDIrF1gpLzQmHn8sEh5b HTTP/1.1
Host: undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfion.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

upfion.com/js/frontend.js?id=a9ead52fa97a2708e6e9

104.21.68.26

200 OK

1.4 MB

URL GET HTTP/3
upfion.com/js/frontend.js?id=a9ead52fa97a2708e6e9
IP
104.21.68.26:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfion.com/5kHgXxAg
Certificate
IssuerGoogle Trust Services
Subjectupfion.com
FingerprintD0:24:D6:44:F7:F5:FE:7B:1D:B1:DB:60:4A:72:02:48:58:4C:9F:C5
ValiditySat, 22 Feb 2025 04:52:16 GMT - Fri, 23 May 2025 05:51:02 GMT

File type

Size
1.4 MB (1427021 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/frontend.js?id=a9ead52fa97a2708e6e9 HTTP/1.1
Host: upfion.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfion.com/5kHgXxAg
Cookie: XSRF-TOKEN=eyJpdiI6ImpSckluR21obU1FNTBCaWNHUDl3QkE9PSIsInZhbHVlIjoiS0M0QjBVZGFXSGhLVHlPK1lTVW5ZQm5LOUM3RE1qb0VpS2g5bzFiTW5qQ3lyY0wzdDlpVEZIS1dhOWJzQmE3TnBlRFJyVytxOUZsS1VmazJleGd6aXR3VkVXNDlIMFVqRjJPOTc0QlJWeHBZRVJIWW9Gazl2bGtDaE1YS0pZWnQiLCJtYWMiOiI3Y2Y4OTlhNWYxYmU3OGMzYTAwZjA5ODQxMGIwNDcyMjJhYjE5MjZkNWJjYmM4ZTUxNmQ5ODNiYjczZWY1ZDBiIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6IlBhcTl6VDFWQS9VaHZ2bVN5ZHVjUEE9PSIsInZhbHVlIjoiV3RaTWdjSTVCd1FvZDdMY2xVbmZIK2xsWGhtM1c1OXBJMVhFa1E4d285R3haK2NtR2ordnZFVUlWbUVXUjRad2gxWWNUTjZlNEVsMzFiQ1RpaldwTXN0T2RWRGx0eTJ2dmVHUXhGQ3ZUdjUrZXBobUtjZmpFWWZENXNFc1AxWHIiLCJtYWMiOiI4OTM5YTE4ODJlNTkzODUwNzk4MjBlYzM5MWFlYmRlNThhMzIwZmJhY2E1YWQyZDJjZjZlZjkyNzBhODVjYzM2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 26 Feb 2025 19:27:24 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 28 Nov 2024 12:18:07 GMT
vary: Accept-Encoding
etag: W/"67485f7f-15c64d"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
age: 660
cache-control: max-age=14400
cf-cache-status: HIT
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=buqoPnNvI19wdCuWp2CUy5IpYCnsflrWW0Tk1I%2BlhbOz7%2FokPnfZEP%2BIiS2K%2B29Zycg8NTAO4te5EFQ7Se2CSS6vqXQ5H0f1cI1S%2FJujvWyfzjTofDv8fACTmLeU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 91825511aabc0b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2582&min_rtt=1850&rtt_var=1035&sent=47&recv=16&lost=0&retrans=0&sent_bytes=36325&recv_bytes=7044&delivery_rate=6483444&cwnd=24000&unsent_bytes=0&cid=07ea7550977fff63&ts=1493&x=1", cfExtPri, cfHdrFlush;dur=1

gpp.netpub.media/17405980451460.7837991321891906/run.js?v=17405980451460.7837991321891906

104.22.53.160

200 OK

251 B

URL GET HTTP/2
gpp.netpub.media/17405980451460.7837991321891906/run.js?v=17405980451460.7837991321891906
IP
104.22.53.160:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfion.com/5kHgXxAg
Certificate
IssuerGoogle Trust Services
Subjectnetpub.media
Fingerprint18:A3:E5:9C:B9:99:9D:6C:19:2B:CB:0C:A6:A6:35:59:EA:52:33:67
ValidityMon, 30 Dec 2024 07:31:49 GMT - Sun, 30 Mar 2025 08:31:31 GMT

File type
JavaScript source, ASCII text, with no line terminators
Size
251 B (251 bytes)
Hash
945277581d767415edcae0911173c943
9a7e509c4b0cb318b6e32a93f88af95f21b5760b
874b90f5b2bf0b3dac07481e766603bed23e9e05d685873b50dce5eb8432e08d

HTTP Headers

GET /17405980451460.7837991321891906/run.js?v=17405980451460.7837991321891906 HTTP/1.1
Host: gpp.netpub.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfion.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 26 Feb 2025 19:27:25 GMT
content-type: application/javascript
last-modified: Wed, 21 Feb 2024 16:05:00 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 91825516f8d1b509-OSL
content-encoding: br
X-Firefox-Spdy: h2

upfion.com/img/faqs-image.svg

104.21.68.26

200 OK

38 kB

URL GET HTTP/3
upfion.com/img/faqs-image.svg
IP
104.21.68.26:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfion.com/5kHgXxAg
Certificate
IssuerGoogle Trust Services
Subjectupfion.com
FingerprintD0:24:D6:44:F7:F5:FE:7B:1D:B1:DB:60:4A:72:02:48:58:4C:9F:C5
ValiditySat, 22 Feb 2025 04:52:16 GMT - Fri, 23 May 2025 05:51:02 GMT

File type
SVG Scalable Vector Graphics image
Size
38 kB (38395 bytes)
Hash
a60b7216905928c625ae9592044476cd
e70c5be728c7bd1198100337487aafe126834ca3
9a717285429d468fadc4d25179fc6feb49e6335f3af1675fb6be1cb50e7e8322

HTTP Headers

GET /img/faqs-image.svg HTTP/1.1
Host: upfion.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfion.com/5kHgXxAg
Cookie: XSRF-TOKEN=eyJpdiI6ImpSckluR21obU1FNTBCaWNHUDl3QkE9PSIsInZhbHVlIjoiS0M0QjBVZGFXSGhLVHlPK1lTVW5ZQm5LOUM3RE1qb0VpS2g5bzFiTW5qQ3lyY0wzdDlpVEZIS1dhOWJzQmE3TnBlRFJyVytxOUZsS1VmazJleGd6aXR3VkVXNDlIMFVqRjJPOTc0QlJWeHBZRVJIWW9Gazl2bGtDaE1YS0pZWnQiLCJtYWMiOiI3Y2Y4OTlhNWYxYmU3OGMzYTAwZjA5ODQxMGIwNDcyMjJhYjE5MjZkNWJjYmM4ZTUxNmQ5ODNiYjczZWY1ZDBiIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6IlBhcTl6VDFWQS9VaHZ2bVN5ZHVjUEE9PSIsInZhbHVlIjoiV3RaTWdjSTVCd1FvZDdMY2xVbmZIK2xsWGhtM1c1OXBJMVhFa1E4d285R3haK2NtR2ordnZFVUlWbUVXUjRad2gxWWNUTjZlNEVsMzFiQ1RpaldwTXN0T2RWRGx0eTJ2dmVHUXhGQ3ZUdjUrZXBobUtjZmpFWWZENXNFc1AxWHIiLCJtYWMiOiI4OTM5YTE4ODJlNTkzODUwNzk4MjBlYzM5MWFlYmRlNThhMzIwZmJhY2E1YWQyZDJjZjZlZjkyNzBhODVjYzM2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 26 Feb 2025 19:27:24 GMT
content-type: image/svg+xml
last-modified: Sat, 28 Sep 2024 07:01:06 GMT
etag: W/"66f7a9b2-95fb"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
age: 660
cache-control: max-age=14400
cf-cache-status: HIT
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HfcbM6N1TqW5VC5AgrLHRs4cnOD%2BNvberuj08lJUVEAB4Ef2ZvASCyLz4Uv1eC3FD8aZmQkRb%2BcOtcV3HI8KemO1qQvHSmoLjoNGSHwT5igIr396vPYCEb0FKOUa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 91825511aab40b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2582&min_rtt=1850&rtt_var=1035&sent=58&recv=16&lost=0&retrans=0&sent_bytes=48325&recv_bytes=7044&delivery_rate=6483444&cwnd=24000&unsent_bytes=0&cid=07ea7550977fff63&ts=1494&x=1", cfExtPri, cfHdrFlush;dur=0

www.googletagmanager.com/gtag/js?id=UA-197252557-1

142.250.74.168

200 OK

253 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-197252557-1
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://upfion.com/5kHgXxAg
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintFD:F1:10:28:52:E9:04:06:B0:B4:B4:46:D2:2D:83:CA:9D:67:5E:8D
ValidityMon, 03 Feb 2025 08:36:05 GMT - Mon, 28 Apr 2025 08:36:04 GMT

File type
JavaScript source, ASCII text, with very long lines (5268)
Size
253 kB (253089 bytes)
Hash
a6fd3505ee64a2914b3eec6c2b42e633
514d9e48d3840f8ef01b2fa2eb62545042aa3ffc
e1d0f84c94eb43e05a543e27438565c799b1aa76eb7d0454014af328596b8807

HTTP Headers

GET /gtag/js?id=UA-197252557-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfion.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 26 Feb 2025 19:27:24 GMT
expires: Wed, 26 Feb 2025 19:27:24 GMT
cache-control: private, max-age=900
last-modified: Wed, 26 Feb 2025 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1003:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1003:0
report-to: {"group":"ascgcycc:1003:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1003:0"}],}
server: Google Tag Manager
content-length: 89624
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

216.58.207.195

200 OK

982 B

URL GET HTTP/2
www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
IP
216.58.207.195:443
ASN
#15169 GOOGLE

Requested by
https://upfion.com/5kHgXxAg
Certificate
IssuerGoogle Trust Services
Subjectmisc.google.com
Fingerprint87:5B:62:6C:C1:4F:A7:BC:A3:1E:88:BD:94:99:84:DE:07:FA:A0:65
ValidityMon, 03 Feb 2025 08:36:21 GMT - Mon, 28 Apr 2025 08:36:20 GMT

File type
JavaScript source, ASCII text, with very long lines (982), with no line terminators
Size
982 B (982 bytes)
Hash
85d8127bca8424bfabd708ff8fc4f7fe
5213878fd3a00672f9a5fa7e4c2de4ba30ad50dd
84050af6c8174225abce7f396d5531405b87016a5745ac887e3cc6dd70445d54

HTTP Headers

GET /recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit HTTP/1.1
Host: www.recaptcha.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfion.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Wed, 26 Feb 2025 19:27:25 GMT
date: Wed, 26 Feb 2025 19:27:25 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASSHykphab3mWk0MA_njn0b8Ncr8AkqV4BjOl9tu1h70hSHUC2a_WkHoBIde-Ast0TFT6nowMYx7&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1695008046%3A1740598046187209&ddm=1

74.125.205.84

403 Forbidden

0 B

URL GET HTTP/3
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASSHykphab3mWk0MA_njn0b8Ncr8AkqV4BjOl9tu1h70hSHUC2a_WkHoBIde-Ast0TFT6nowMYx7&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1695008046%3A1740598046187209&ddm=1
IP
74.125.205.84:443
ASN
#15169 GOOGLE

Requested by
https://upfion.com/5kHgXxAg
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint20:91:CF:D1:C7:6B:B1:E0:1C:C4:4E:67:21:99:A1:EC:79:51:44:04
ValidityMon, 03 Feb 2025 08:36:16 GMT - Mon, 28 Apr 2025 08:36:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASSHykphab3mWk0MA_njn0b8Ncr8AkqV4BjOl9tu1h70hSHUC2a_WkHoBIde-Ast0TFT6nowMYx7&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1695008046%3A1740598046187209&ddm=1 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfion.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 26 Feb 2025 19:27:26 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-JOyco5vqji3q39sR2E8M2g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://www.google.com/recaptcha/api.js https://translate.google.com/translate_a/element.js https://ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.google.com/tools/feedback/open_to_help_guide_lazy.js https://www.google.com/tools/feedback/help_api.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.google.com/tools/feedback/chat_load.js https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/feedback/js/ghelp/ https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.4HZuFT5d2vk.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/ https://translate.googleapis.com/_/translate_http/_/js/ https://www.gstatic.com/recaptcha/releases/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

upfion.com/img/plane.svg

104.21.68.26

200 OK

684 B

URL GET HTTP/3
upfion.com/img/plane.svg
IP
104.21.68.26:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfion.com/5kHgXxAg
Certificate
IssuerGoogle Trust Services
Subjectupfion.com
FingerprintD0:24:D6:44:F7:F5:FE:7B:1D:B1:DB:60:4A:72:02:48:58:4C:9F:C5
ValiditySat, 22 Feb 2025 04:52:16 GMT - Fri, 23 May 2025 05:51:02 GMT

File type
SVG Scalable Vector Graphics image
Size
684 B (684 bytes)
Hash
8e7c41bde9bc90def2171d239eb22f04
853c0fbf7ca55b313af83201d95d6f6f3d3225ba
9bc4e093793a06ba14d0505710aad5254212125573342fa92c228f873d05bfea

HTTP Headers

GET /img/plane.svg HTTP/1.1
Host: upfion.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfion.com/5kHgXxAg
Cookie: XSRF-TOKEN=eyJpdiI6ImpSckluR21obU1FNTBCaWNHUDl3QkE9PSIsInZhbHVlIjoiS0M0QjBVZGFXSGhLVHlPK1lTVW5ZQm5LOUM3RE1qb0VpS2g5bzFiTW5qQ3lyY0wzdDlpVEZIS1dhOWJzQmE3TnBlRFJyVytxOUZsS1VmazJleGd6aXR3VkVXNDlIMFVqRjJPOTc0QlJWeHBZRVJIWW9Gazl2bGtDaE1YS0pZWnQiLCJtYWMiOiI3Y2Y4OTlhNWYxYmU3OGMzYTAwZjA5ODQxMGIwNDcyMjJhYjE5MjZkNWJjYmM4ZTUxNmQ5ODNiYjczZWY1ZDBiIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6IlBhcTl6VDFWQS9VaHZ2bVN5ZHVjUEE9PSIsInZhbHVlIjoiV3RaTWdjSTVCd1FvZDdMY2xVbmZIK2xsWGhtM1c1OXBJMVhFa1E4d285R3haK2NtR2ordnZFVUlWbUVXUjRad2gxWWNUTjZlNEVsMzFiQ1RpaldwTXN0T2RWRGx0eTJ2dmVHUXhGQ3ZUdjUrZXBobUtjZmpFWWZENXNFc1AxWHIiLCJtYWMiOiI4OTM5YTE4ODJlNTkzODUwNzk4MjBlYzM5MWFlYmRlNThhMzIwZmJhY2E1YWQyZDJjZjZlZjkyNzBhODVjYzM2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 26 Feb 2025 19:27:24 GMT
content-type: image/svg+xml
last-modified: Sat, 28 Sep 2024 07:01:06 GMT
etag: W/"66f7a9b2-2ac"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
age: 660
cache-control: max-age=14400
cf-cache-status: HIT
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TQLrbYbRP4NUuugiJpOgPEMTgDwN32nk7F%2BAeIOkcKCiGjQRA8dIrBw0%2Ftj2ceZj7DnMIGnXTYpU07omFWcNPWlbADWNRuAKxniK7w5T1t22mfI875u9VNTAwb3f"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 91825511aab70b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2687&min_rtt=2257&rtt_var=1101&sent=26&recv=15&lost=0&retrans=0&sent_bytes=12325&recv_bytes=7000&delivery_rate=5489&cwnd=12000&unsent_bytes=0&cid=07ea7550977fff63&ts=1490&x=1", cfExtPri, cfHdrFlush;dur=0

upfion.com/img/logo.svg

104.21.68.26

200 OK

22 kB

URL GET HTTP/3
upfion.com/img/logo.svg
IP
104.21.68.26:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfion.com/5kHgXxAg
Certificate
IssuerGoogle Trust Services
Subjectupfion.com
FingerprintD0:24:D6:44:F7:F5:FE:7B:1D:B1:DB:60:4A:72:02:48:58:4C:9F:C5
ValiditySat, 22 Feb 2025 04:52:16 GMT - Fri, 23 May 2025 05:51:02 GMT

File type
SVG Scalable Vector Graphics image
Size
22 kB (22248 bytes)
Hash
1e28749acbd90e7e99a883c1890327cd
638b4525d3f0ed776db136ca1025a8961f46c9e0
d526da1f4d4af45cefd2a0d140abec2beddc3150d13c47d3de893eaa278a369d

HTTP Headers

GET /img/logo.svg HTTP/1.1
Host: upfion.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfion.com/5kHgXxAg
Cookie: XSRF-TOKEN=eyJpdiI6ImpSckluR21obU1FNTBCaWNHUDl3QkE9PSIsInZhbHVlIjoiS0M0QjBVZGFXSGhLVHlPK1lTVW5ZQm5LOUM3RE1qb0VpS2g5bzFiTW5qQ3lyY0wzdDlpVEZIS1dhOWJzQmE3TnBlRFJyVytxOUZsS1VmazJleGd6aXR3VkVXNDlIMFVqRjJPOTc0QlJWeHBZRVJIWW9Gazl2bGtDaE1YS0pZWnQiLCJtYWMiOiI3Y2Y4OTlhNWYxYmU3OGMzYTAwZjA5ODQxMGIwNDcyMjJhYjE5MjZkNWJjYmM4ZTUxNmQ5ODNiYjczZWY1ZDBiIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6IlBhcTl6VDFWQS9VaHZ2bVN5ZHVjUEE9PSIsInZhbHVlIjoiV3RaTWdjSTVCd1FvZDdMY2xVbmZIK2xsWGhtM1c1OXBJMVhFa1E4d285R3haK2NtR2ordnZFVUlWbUVXUjRad2gxWWNUTjZlNEVsMzFiQ1RpaldwTXN0T2RWRGx0eTJ2dmVHUXhGQ3ZUdjUrZXBobUtjZmpFWWZENXNFc1AxWHIiLCJtYWMiOiI4OTM5YTE4ODJlNTkzODUwNzk4MjBlYzM5MWFlYmRlNThhMzIwZmJhY2E1YWQyZDJjZjZlZjkyNzBhODVjYzM2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 26 Feb 2025 19:27:24 GMT
content-type: image/svg+xml
last-modified: Sat, 28 Sep 2024 07:01:06 GMT
etag: W/"66f7a9b2-56e8"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
age: 660
cache-control: max-age=14400
cf-cache-status: HIT
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wKNm3o99xCBsi31tYlPELO586PEO1JrhO7c4wiXG3YoRuPZkemENScr2wyDGKoIiGH2qJqUZHMomh%2FT8qiJWhSbpaZ5QDIFFkdRivZZIZk9EHtCqBMbQUYMWYp%2FI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 918255119aa70b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2748&min_rtt=2579&rtt_var=1305&sent=18&recv=14&lost=0&retrans=0&sent_bytes=4246&recv_bytes=6956&delivery_rate=150428&cwnd=12000&unsent_bytes=0&cid=07ea7550977fff63&ts=1486&x=1", cfExtPri, cfHdrFlush;dur=0

accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASSHykqg9le32usEIQUJuA7Z8xccGdQ3S-QS-BxrkUg6hj0i8sMpgt4Z_KNezBgczb31HhhUdyKn&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1948290841%3A1740598046190669&ddm=1

74.125.205.84

403 Forbidden

0 B

URL GET HTTP/3
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASSHykqg9le32usEIQUJuA7Z8xccGdQ3S-QS-BxrkUg6hj0i8sMpgt4Z_KNezBgczb31HhhUdyKn&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1948290841%3A1740598046190669&ddm=1
IP
74.125.205.84:443
ASN
#15169 GOOGLE

Requested by
https://upfion.com/5kHgXxAg
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint20:91:CF:D1:C7:6B:B1:E0:1C:C4:4E:67:21:99:A1:EC:79:51:44:04
ValidityMon, 03 Feb 2025 08:36:16 GMT - Mon, 28 Apr 2025 08:36:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASSHykqg9le32usEIQUJuA7Z8xccGdQ3S-QS-BxrkUg6hj0i8sMpgt4Z_KNezBgczb31HhhUdyKn&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1948290841%3A1740598046190669&ddm=1 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfion.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 26 Feb 2025 19:27:26 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-OuJHN4RMXSMc7OD7uuDRzA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://www.google.com/recaptcha/api.js https://translate.google.com/translate_a/element.js https://ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.google.com/tools/feedback/open_to_help_guide_lazy.js https://www.google.com/tools/feedback/help_api.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.google.com/tools/feedback/chat_load.js https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/feedback/js/ghelp/ https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.4HZuFT5d2vk.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/ https://translate.googleapis.com/_/translate_http/_/js/ https://www.gstatic.com/recaptcha/releases/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

upfion.com/js/ads.js

104.21.68.26

200 OK

1.5 kB

URL GET HTTP/3
upfion.com/js/ads.js
IP
104.21.68.26:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfion.com/5kHgXxAg
Certificate
IssuerGoogle Trust Services
Subjectupfion.com
FingerprintD0:24:D6:44:F7:F5:FE:7B:1D:B1:DB:60:4A:72:02:48:58:4C:9F:C5
ValiditySat, 22 Feb 2025 04:52:16 GMT - Fri, 23 May 2025 05:51:02 GMT

File type
JavaScript source, ASCII text, with very long lines (1506), with no line terminators
Size
1.5 kB (1499 bytes)
Hash
bbb9453c5ac5fce760d2775746979898
6b81fb00d814d1c0402288adb94221830b367559
80f0b2888253a6a80ea2d690735f8e35e7968d83105abe282896447c76815ff8

HTTP Headers

GET /js/ads.js HTTP/1.1
Host: upfion.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfion.com/5kHgXxAg
Cookie: XSRF-TOKEN=eyJpdiI6ImpSckluR21obU1FNTBCaWNHUDl3QkE9PSIsInZhbHVlIjoiS0M0QjBVZGFXSGhLVHlPK1lTVW5ZQm5LOUM3RE1qb0VpS2g5bzFiTW5qQ3lyY0wzdDlpVEZIS1dhOWJzQmE3TnBlRFJyVytxOUZsS1VmazJleGd6aXR3VkVXNDlIMFVqRjJPOTc0QlJWeHBZRVJIWW9Gazl2bGtDaE1YS0pZWnQiLCJtYWMiOiI3Y2Y4OTlhNWYxYmU3OGMzYTAwZjA5ODQxMGIwNDcyMjJhYjE5MjZkNWJjYmM4ZTUxNmQ5ODNiYjczZWY1ZDBiIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6IlBhcTl6VDFWQS9VaHZ2bVN5ZHVjUEE9PSIsInZhbHVlIjoiV3RaTWdjSTVCd1FvZDdMY2xVbmZIK2xsWGhtM1c1OXBJMVhFa1E4d285R3haK2NtR2ordnZFVUlWbUVXUjRad2gxWWNUTjZlNEVsMzFiQ1RpaldwTXN0T2RWRGx0eTJ2dmVHUXhGQ3ZUdjUrZXBobUtjZmpFWWZENXNFc1AxWHIiLCJtYWMiOiI4OTM5YTE4ODJlNTkzODUwNzk4MjBlYzM5MWFlYmRlNThhMzIwZmJhY2E1YWQyZDJjZjZlZjkyNzBhODVjYzM2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 26 Feb 2025 19:27:24 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 28 Nov 2024 12:18:07 GMT
vary: Accept-Encoding
etag: W/"67485f7f-5db"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 661
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1qxCfHz9y0hQ7%2FQsvpb%2FoS0oGWedmLu%2FR9WDAGHSBVlDfzgdY9vmJ7TdTmASC%2FOLjjB92ysIGoQTMriZIGQwXzqQvz1RT51nz3QyYYg1rlEDMXWk83Yo5jp6KIkk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 91825511aaba0b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2687&min_rtt=2257&rtt_var=1101&sent=37&recv=15&lost=0&retrans=0&sent_bytes=24325&recv_bytes=7000&delivery_rate=5489&cwnd=12000&unsent_bytes=0&cid=07ea7550977fff63&ts=1492&x=1", cfExtPri, cfHdrFlush;dur=1

fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap

142.250.74.10

200 OK

32 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap
IP
142.250.74.10:443
ASN
#15169 GOOGLE

Requested by
https://upfion.com/5kHgXxAg
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintD9:DA:31:61:C2:D7:49:CF:50:B6:1B:FE:BA:EC:9D:12:91:8D:10:AC
ValidityMon, 03 Feb 2025 08:37:09 GMT - Mon, 28 Apr 2025 08:37:08 GMT

File type
ASCII text, with very long lines (1572)
Size
32 kB (32448 bytes)
Hash
23ed335cc60de02e9ce66a0dde88ab85
e6523c63c4e63478b51b51a0e7dcdef6d2d974e6
cbc07c5ca04e6b266bd03b5ece5bdb19c2faf70e01b081261165d380cdd02271

HTTP Headers

GET /css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfion.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 26 Feb 2025 19:27:24 GMT
date: Wed, 26 Feb 2025 19:27:24 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

upfion.com/css/frontend.css?id=d2ff22fb187252e60fbb

104.21.68.26

200 OK

260 kB

URL GET HTTP/3
upfion.com/css/frontend.css?id=d2ff22fb187252e60fbb
IP
104.21.68.26:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfion.com/5kHgXxAg
Certificate
IssuerGoogle Trust Services
Subjectupfion.com
FingerprintD0:24:D6:44:F7:F5:FE:7B:1D:B1:DB:60:4A:72:02:48:58:4C:9F:C5
ValiditySat, 22 Feb 2025 04:52:16 GMT - Fri, 23 May 2025 05:51:02 GMT

File type

Size
260 kB (260394 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /css/frontend.css?id=d2ff22fb187252e60fbb HTTP/1.1
Host: upfion.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfion.com/5kHgXxAg
Cookie: XSRF-TOKEN=eyJpdiI6ImpSckluR21obU1FNTBCaWNHUDl3QkE9PSIsInZhbHVlIjoiS0M0QjBVZGFXSGhLVHlPK1lTVW5ZQm5LOUM3RE1qb0VpS2g5bzFiTW5qQ3lyY0wzdDlpVEZIS1dhOWJzQmE3TnBlRFJyVytxOUZsS1VmazJleGd6aXR3VkVXNDlIMFVqRjJPOTc0QlJWeHBZRVJIWW9Gazl2bGtDaE1YS0pZWnQiLCJtYWMiOiI3Y2Y4OTlhNWYxYmU3OGMzYTAwZjA5ODQxMGIwNDcyMjJhYjE5MjZkNWJjYmM4ZTUxNmQ5ODNiYjczZWY1ZDBiIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6IlBhcTl6VDFWQS9VaHZ2bVN5ZHVjUEE9PSIsInZhbHVlIjoiV3RaTWdjSTVCd1FvZDdMY2xVbmZIK2xsWGhtM1c1OXBJMVhFa1E4d285R3haK2NtR2ordnZFVUlWbUVXUjRad2gxWWNUTjZlNEVsMzFiQ1RpaldwTXN0T2RWRGx0eTJ2dmVHUXhGQ3ZUdjUrZXBobUtjZmpFWWZENXNFc1AxWHIiLCJtYWMiOiI4OTM5YTE4ODJlNTkzODUwNzk4MjBlYzM5MWFlYmRlNThhMzIwZmJhY2E1YWQyZDJjZjZlZjkyNzBhODVjYzM2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 26 Feb 2025 19:27:24 GMT
content-type: text/css
last-modified: Sun, 29 Sep 2024 07:44:34 GMT
vary: Accept-Encoding
etag: W/"66f90562-3f92a"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 661
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yY%2FNn6TVgl%2FiOpAY4N%2FBGbX2XKw1Hi22EJGQ%2B%2FN1bMNqwc9KG22c0HUsp%2FAw%2FaE9G8br7FIr6DC4E6QdFpKx%2BPql%2FrYovicm6Y%2FF3xwMYgXFi1KKb21jTIKenlSZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 918255119aa40b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2687&min_rtt=2257&rtt_var=1101&sent=26&recv=15&lost=0&retrans=0&sent_bytes=12325&recv_bytes=7000&delivery_rate=5489&cwnd=12000&unsent_bytes=0&cid=07ea7550977fff63&ts=1490&x=1", cfExtPri, cfHdrFlush;dur=0

upfion.com/favicon.ico

104.21.68.26

302 Found

1.8 kB

URL GET HTTP/3
upfion.com/favicon.ico
IP
104.21.68.26:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfion.com/5kHgXxAg
Certificate
IssuerGoogle Trust Services
Subjectupfion.com
FingerprintD0:24:D6:44:F7:F5:FE:7B:1D:B1:DB:60:4A:72:02:48:58:4C:9F:C5
ValiditySat, 22 Feb 2025 04:52:16 GMT - Fri, 23 May 2025 05:51:02 GMT

File type

Size
1.8 kB (1793 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: upfion.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfion.com/5kHgXxAg
Cookie: XSRF-TOKEN=eyJpdiI6ImpSckluR21obU1FNTBCaWNHUDl3QkE9PSIsInZhbHVlIjoiS0M0QjBVZGFXSGhLVHlPK1lTVW5ZQm5LOUM3RE1qb0VpS2g5bzFiTW5qQ3lyY0wzdDlpVEZIS1dhOWJzQmE3TnBlRFJyVytxOUZsS1VmazJleGd6aXR3VkVXNDlIMFVqRjJPOTc0QlJWeHBZRVJIWW9Gazl2bGtDaE1YS0pZWnQiLCJtYWMiOiI3Y2Y4OTlhNWYxYmU3OGMzYTAwZjA5ODQxMGIwNDcyMjJhYjE5MjZkNWJjYmM4ZTUxNmQ5ODNiYjczZWY1ZDBiIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6IlBhcTl6VDFWQS9VaHZ2bVN5ZHVjUEE9PSIsInZhbHVlIjoiV3RaTWdjSTVCd1FvZDdMY2xVbmZIK2xsWGhtM1c1OXBJMVhFa1E4d285R3haK2NtR2ordnZFVUlWbUVXUjRad2gxWWNUTjZlNEVsMzFiQ1RpaldwTXN0T2RWRGx0eTJ2dmVHUXhGQ3ZUdjUrZXBobUtjZmpFWWZENXNFc1AxWHIiLCJtYWMiOiI4OTM5YTE4ODJlNTkzODUwNzk4MjBlYzM5MWFlYmRlNThhMzIwZmJhY2E1YWQyZDJjZjZlZjkyNzBhODVjYzM2IiwidGFnIjoiIn0%3D; ab=1; _ga_X2GS5JDQMX=GS1.1.1740598045.1.0.1740598045.0.0.0; _ga=GA1.1.846810785.1740598045
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 302 Found
date: Wed, 26 Feb 2025 19:27:25 GMT
content-type: text/html; charset=UTF-8
location: https://upfion.com/wp-content/uploads/2025/02/cropped-Add-a-heading-28-32x32.png
x-powered-by: PHP/8.2.15
link: <https://upfion.com/wp-json/>; rel="https://api.w.org/"
x-redirect-by: WordPress
cf-cache-status: BYPASS
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0L6fL0s4YTYVabQF2Z377tVw8g36yOn4HKB9g5j5niqwW7DDWgLEPSpEQGXQHCO%2BDVk5I%2Bavyu2yDYgRWOEImkdk94rv6%2FTK3sU%2FWtUymXNj%2BrH90TfswaB7R1AJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 918255188ac00b69-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3584&min_rtt=1311&rtt_var=2478&sent=447&recv=27&lost=0&retrans=0&sent_bytes=492010&recv_bytes=9309&delivery_rate=28629&cwnd=247200&unsent_bytes=0&cid=07ea7550977fff63&ts=2782&x=1", cfExtPri, cfHdrFlush;dur=0

upfion.com/5kHgXxAg

104.21.68.26

200 OK

90 kB

URL User Request GET HTTP/2
upfion.com/5kHgXxAg
IP
104.21.68.26:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectupfion.com
FingerprintD0:24:D6:44:F7:F5:FE:7B:1D:B1:DB:60:4A:72:02:48:58:4C:9F:C5
ValiditySat, 22 Feb 2025 04:52:16 GMT - Fri, 23 May 2025 05:51:02 GMT

File type

Size
90 kB (89927 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /5kHgXxAg HTTP/1.1
Host: upfion.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Im1YdFducVVibnhJREM1eHlpTmdVckE9PSIsInZhbHVlIjoiWVZXWWJLWlR4aGlPbFBlbFgvQTVIV2xwdDdDZDRYNHE0SDlxTHVrak1aVExvaGVIK1ljMlBrSTVOaVV3ZmhtQ2lld2JoZ2c0TVIwbU96VlFZbkhrUGNiT2RQR3JqdnhNalhRWkZVbk1KUjdaWHAzUjlJQkQ2SVc2Z3hLTlhCTVIiLCJtYWMiOiJmMzM4ZTdlODU5ZGFhMWQzNGU1MDJjNDhlYWZjMWIyODYxYmRiOTNlM2RiYWJiNTE3NzUwMTliMjNhYTFmMTM2IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6IkFUWENEZUgvK0UvTTA3a1BqczhIZkE9PSIsInZhbHVlIjoibzRtYk1vMmE4OFJEaXMySEpxMHZjOXpqTWdSRFYwMjA4Ri91dm1KQnZtbTZyU2ROVm9KWnMwcm1lV0trOVhMU3pRalpKTE1jYyswS2NtVlVTZk1mS2hYcGJRUDRrbTF3dXQ0OHVmd2h4aWRlT25TTjhXbStuUkoxOFVGRmlMYXkiLCJtYWMiOiI3Y2M2ZGZkNTNmNTg3NDNmODk5YjczMDAyMjZlODVmOTg0YzdiYmU0NTE0ZDY0MDdkZjAzZDM4Y2VhMTZhMTBiIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 26 Feb 2025 19:27:24 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: XSRF-TOKEN=eyJpdiI6ImpSckluR21obU1FNTBCaWNHUDl3QkE9PSIsInZhbHVlIjoiS0M0QjBVZGFXSGhLVHlPK1lTVW5ZQm5LOUM3RE1qb0VpS2g5bzFiTW5qQ3lyY0wzdDlpVEZIS1dhOWJzQmE3TnBlRFJyVytxOUZsS1VmazJleGd6aXR3VkVXNDlIMFVqRjJPOTc0QlJWeHBZRVJIWW9Gazl2bGtDaE1YS0pZWnQiLCJtYWMiOiI3Y2Y4OTlhNWYxYmU3OGMzYTAwZjA5ODQxMGIwNDcyMjJhYjE5MjZkNWJjYmM4ZTUxNmQ5ODNiYjczZWY1ZDBiIiwidGFnIjoiIn0%3D; expires=Wed, 05-Mar-2025 19:27:23 GMT; Max-Age=604800; path=/; samesite=lax
upfiles_session=eyJpdiI6IlBhcTl6VDFWQS9VaHZ2bVN5ZHVjUEE9PSIsInZhbHVlIjoiV3RaTWdjSTVCd1FvZDdMY2xVbmZIK2xsWGhtM1c1OXBJMVhFa1E4d285R3haK2NtR2ordnZFVUlWbUVXUjRad2gxWWNUTjZlNEVsMzFiQ1RpaldwTXN0T2RWRGx0eTJ2dmVHUXhGQ3ZUdjUrZXBobUtjZmpFWWZENXNFc1AxWHIiLCJtYWMiOiI4OTM5YTE4ODJlNTkzODUwNzk4MjBlYzM5MWFlYmRlNThhMzIwZmJhY2E1YWQyZDJjZjZlZjkyNzBhODVjYzM2IiwidGFnIjoiIn0%3D; expires=Wed, 05-Mar-2025 19:27:23 GMT; Max-Age=604800; path=/; httponly; samesite=lax
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P7P%2B2koy1TO28kGEim7ZWOedt1S8J9UgUy%2BXg7hbHJRoFglGnkzTCuheb3sxMNBYOVHtmjDvCtPT8DziuNp2IdMoILIavuIUG6fnpczpccR6f4%2FynhCbOV%2BePDJl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 918255086eb456c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=645&min_rtt=455&rtt_var=323&sent=10&recv=12&lost=0&retrans=0&sent_bytes=5104&recv_bytes=2081&delivery_rate=6819466&cwnd=252&unsent_bytes=0&cid=b1e178d78264d786&ts=2997&x=0"
X-Firefox-Spdy: h2

upfion.com/img/menu.svg

104.21.68.26

200 OK

1.8 kB

URL GET HTTP/3
upfion.com/img/menu.svg
IP
104.21.68.26:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfion.com/5kHgXxAg
Certificate
IssuerGoogle Trust Services
Subjectupfion.com
FingerprintD0:24:D6:44:F7:F5:FE:7B:1D:B1:DB:60:4A:72:02:48:58:4C:9F:C5
ValiditySat, 22 Feb 2025 04:52:16 GMT - Fri, 23 May 2025 05:51:02 GMT

File type
SVG Scalable Vector Graphics image
Size
1.8 kB (1838 bytes)
Hash
384fec65fc108518c176b62a88b40a1f
d6c42c0b2dbdfef2d8468fc91f6c5611596075ef
00e2d83eb75a29fcfbf8e8373352d2e566d143764ddc05d982f46c85bb58517f

HTTP Headers

GET /img/menu.svg HTTP/1.1
Host: upfion.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfion.com/5kHgXxAg
Cookie: XSRF-TOKEN=eyJpdiI6ImpSckluR21obU1FNTBCaWNHUDl3QkE9PSIsInZhbHVlIjoiS0M0QjBVZGFXSGhLVHlPK1lTVW5ZQm5LOUM3RE1qb0VpS2g5bzFiTW5qQ3lyY0wzdDlpVEZIS1dhOWJzQmE3TnBlRFJyVytxOUZsS1VmazJleGd6aXR3VkVXNDlIMFVqRjJPOTc0QlJWeHBZRVJIWW9Gazl2bGtDaE1YS0pZWnQiLCJtYWMiOiI3Y2Y4OTlhNWYxYmU3OGMzYTAwZjA5ODQxMGIwNDcyMjJhYjE5MjZkNWJjYmM4ZTUxNmQ5ODNiYjczZWY1ZDBiIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6IlBhcTl6VDFWQS9VaHZ2bVN5ZHVjUEE9PSIsInZhbHVlIjoiV3RaTWdjSTVCd1FvZDdMY2xVbmZIK2xsWGhtM1c1OXBJMVhFa1E4d285R3haK2NtR2ordnZFVUlWbUVXUjRad2gxWWNUTjZlNEVsMzFiQ1RpaldwTXN0T2RWRGx0eTJ2dmVHUXhGQ3ZUdjUrZXBobUtjZmpFWWZENXNFc1AxWHIiLCJtYWMiOiI4OTM5YTE4ODJlNTkzODUwNzk4MjBlYzM5MWFlYmRlNThhMzIwZmJhY2E1YWQyZDJjZjZlZjkyNzBhODVjYzM2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 26 Feb 2025 19:27:24 GMT
content-type: image/svg+xml
last-modified: Sat, 28 Sep 2024 07:01:06 GMT
etag: W/"66f7a9b2-72e"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 661
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7s2190e32F7WW7Mp7yUkkW37QDTvoEexPJooXIXvYlpW%2F9rcJOX%2BtpKsPVuOEK7oZIcAHyrdaHXL65AsnCgWsnCdw3PQnxGHf%2BQOufNEr1D5UdBAMJNf%2BSQlczxf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 91825511aaab0b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2748&min_rtt=2579&rtt_var=1305&sent=23&recv=14&lost=0&retrans=0&sent_bytes=9960&recv_bytes=6956&delivery_rate=150428&cwnd=12000&unsent_bytes=0&cid=07ea7550977fff63&ts=1486&x=1", cfExtPri, cfHdrFlush;dur=0

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (18)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML