URL: https://www.1upfun.com/link/602055/xvid-orx264codecs
Tags: falconsandbox
Submission: On October 15 via api from US — Scanned from DE

Summary

This website contacted 13 IPs in 3 countries across 11 domains to perform 56 HTTP transactions. The main IP is 5.175.5.64, located in Strasbourg, France and belongs to GD-EMEA-DC-SXB1, DE. The main domain is www.1upfun.com.
TLS certificate: Issued by R3 on September 30th 2021. Valid for: 3 months.
This is the only time www.1upfun.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 5.175.5.64 8972 (GD-EMEA-D...)
1 217.20.116.51 28753 (LEASEWEB-...)
1 2a00:1450:400... 15169 (GOOGLE)
13 104.75.88.126 16625 (AKAMAI-AS)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 2.18.235.40 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
3 151.101.64.84 54113 (FASTLY)
19 2a03:2880:f12... 32934 (FACEBOOK)
4 151.101.12.157 54113 (FASTLY)
2 2a04:4e42:54::84 54113 (FASTLY)
2 104.244.42.72 13414 (TWITTER)
56 13
Domain Requested by
19 www.facebook.com connect.facebook.net
www.facebook.com
www.1upfun.com
6 s7.addthis.com www.1upfun.com
s7.addthis.com
4 platform.twitter.com s7.addthis.com
platform.twitter.com
4 api-public.addthis.com s7.addthis.com
3 www.1upfun.com www.1upfun.com
2 syndication.twitter.com platform.twitter.com
2 assets.pinterest.com s7.addthis.com
assets.pinterest.com
2 widgets.pinterest.com s7.addthis.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 m.addthis.com s7.addthis.com
www.1upfun.com
2 connect.facebook.net www.1upfun.com
connect.facebook.net
1 log.pinterest.com
1 v1.addthisedge.com s7.addthis.com
1 z.moatads.com s7.addthis.com
1 www.googletagmanager.com www.1upfun.com
1 notes.io www.1upfun.com
56 16
Subject Issuer Validity Valid
www.1upfun.com
R3
2021-09-30 -
2021-12-29
3 months crt.sh
notes.io
R3
2021-08-23 -
2021-11-21
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh
odc-addthis-prod-01.oracle.com
DigiCert SHA2 Secure Server CA
2021-04-25 -
2022-04-27
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-09-09 -
2021-12-08
3 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA
2021-01-21 -
2022-01-25
a year crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1
2021-07-27 -
2022-08-05
a year crt.sh
platform.twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2021-07-29 -
2022-07-29
a year crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2021-02-05 -
2022-02-04
a year crt.sh

This page contains 19 frames:

Primary Page: https://www.1upfun.com/link/602055/xvid-orx264codecs
Frame ID: 5C1C9269D0F9BF4804A12FC05C5A829C
Requests: 33 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: BF7484BA93B75CFF88EA65B66756208E
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: B13C373888A592B43F64B0CD7059C79D
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f83d4a173fad8%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.1upfun.com%252Ff1d4192c74cc828%26relation%3Dparent.parent&container_width=0&font=arial&height=25&href=https%3A%2F%2Fwww.1upfun.com%2Flink%2F602055%2Fxvid-orx264codecs&layout=button_count&locale=en_US&sdk=joey&send=false&share=false&show_faces=false&width=90
Frame ID: 0A16CDB1E568D6F43EE60FCBA2B33B2B
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f42968436e858%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.1upfun.com%252Ff1d4192c74cc828%26relation%3Dparent.parent&container_width=94&href=https%3A%2F%2Fwww.1upfun.com%2Flink%2F602055%2Fxvid-orx264codecs&layout=button_count&locale=en_US&sdk=joey
Frame ID: 81973A555BD01ACFBB8A17ACBA4BDB13
Requests: 4 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.58065ae230495f5d9e4b6a916472b2c1.html?origin=https%3A%2F%2Fwww.1upfun.com
Frame ID: 07DBEC5831AB73F738CFB17C12FDD132
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2d806d3ae85514%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.1upfun.com%252Ff1d4192c74cc828%26relation%3Dparent.parent&container_width=77&href=https%3A%2F%2Fwww.1upfun.com%2Flink%2F602055%2Fxvid-orx264codecs&layout=button_count&locale=en_US&sdk=joey
Frame ID: F313A14AD443C310A164501D5E3B4591
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df23ede8c7fa0a0c%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.1upfun.com%252Ff1d4192c74cc828%26relation%3Dparent.parent&container_width=1180&height=100&href=https%3A%2F%2Fwww.1upfun.com%2Flink%2F602055%2Fxvid-orx264codecs&locale=en_US&numposts=5&sdk=joey&version=v3.2&width=
Frame ID: 57E9079104C3DF32FEE80796B0B539DD
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df18c388fce753e8%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.1upfun.com%252Ff1d4192c74cc828%26relation%3Dparent.parent&container_width=575&href=https%3A%2F%2Fwww.1upfun.com%2Flink%2F802819%2Ffeel-your-feet-your-foot-health-community-dr-anders&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small
Frame ID: 28785F8B5BCCD996C15BA859E1449AB7
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df33859bd5e66d54%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.1upfun.com%252Ff1d4192c74cc828%26relation%3Dparent.parent&container_width=575&href=https%3A%2F%2Fwww.1upfun.com%2Flink%2F802814%2Fwhy-experts-say-monoclonal-antibodies-aren-t-vaccine-substitute&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small
Frame ID: C4EF4E1109C0AA83F4F7FB30C4F615BE
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df17fc4a5faf50dc%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.1upfun.com%252Ff1d4192c74cc828%26relation%3Dparent.parent&container_width=575&href=https%3A%2F%2Fwww.1upfun.com%2Flink%2F802813%2Fwinder-ga-lawyer-the-law-office-of-mitchell-crunk&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small
Frame ID: 397A10F3A9DEB8B6ABADF8B5F77B1689
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3ee7645a0ad288%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.1upfun.com%252Ff1d4192c74cc828%26relation%3Dparent.parent&container_width=575&href=https%3A%2F%2Fwww.1upfun.com%2Flink%2F802812%2Ffree-download-venom-2-2021-torrent-movie-hd-yts-by-xzxzxza-on-deviantart&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small
Frame ID: 49B5ACEF0C869A05FED03FDC33236AEB
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df19d193b0b11854%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.1upfun.com%252Ff1d4192c74cc828%26relation%3Dparent.parent&container_width=575&href=https%3A%2F%2Fwww.1upfun.com%2Flink%2F802811%2Fwatch-download-hd-my-first-story-minimore&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small
Frame ID: 1DCA5E147EACB662E82DB80BE556E3B7
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2733629960aa98%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.1upfun.com%252Ff1d4192c74cc828%26relation%3Dparent.parent&container_width=575&href=https%3A%2F%2Fwww.1upfun.com%2Flink%2F802810%2Ffree-download-bergman-island-2021-full-movie-torrent-site-wakelet&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small
Frame ID: 610F4D4480A833B82E28A7325D7654A9
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2bc82b89c34c78%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.1upfun.com%252Ff1d4192c74cc828%26relation%3Dparent.parent&container_width=575&href=https%3A%2F%2Fwww.1upfun.com%2Flink%2F802809%2Fdownload-squid-game-2021-torrent-movie-in-hd-%25E2%2580%2593-yts-wakelet&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small
Frame ID: 0CE01D43D6499721FC2D0342F11C070C
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7f471737dbc4%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.1upfun.com%252Ff1d4192c74cc828%26relation%3Dparent.parent&container_width=575&href=https%3A%2F%2Fwww.1upfun.com%2Flink%2F802803%2Fwatch-gremlins-1984-online-full-hd-movie-free&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small
Frame ID: E7F4E287A0C3C91A9741CDF2E90815F7
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df139021c7f8c094%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.1upfun.com%252Ff1d4192c74cc828%26relation%3Dparent.parent&container_width=575&href=https%3A%2F%2Fwww.1upfun.com%2Flink%2F802796%2Fwatch-here-the-last-duel-2021-full-movie-download-full-hd-1080p-telegram-123movies-wakelet&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small
Frame ID: 3F5326EE8E79A126067A132D695785C3
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1276d10f680ac4%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.1upfun.com%252Ff1d4192c74cc828%26relation%3Dparent.parent&container_width=575&href=https%3A%2F%2Fwww.1upfun.com%2Flink%2F802778%2Ftarget-drone-market-research-report-market-size-industry-outlook-market-forecast-demand-analysis-market-share-market-report-2021-2026&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small
Frame ID: D21289140108CCB4CE842D8FB11502CB
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.58065ae230495f5d9e4b6a916472b2c1.en.html
Frame ID: 0ED57855A92CF2BDDCB354A21E3D5AE4
Requests: 2 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • addthis\.com/js/

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • moatads\.com

Overall confidence: 100%
Detected patterns
  • //assets\.pinterest\.com/js/pinit\.js

Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

56
Requests

95 %
HTTPS

42 %
IPv6

11
Domains

16
Subdomains

13
IPs

3
Countries

926 kB
Transfer

3023 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

56 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request xvid-orx264codecs
www.1upfun.com/link/602055/
34 KB
11 KB
Document
General
Full URL
https://www.1upfun.com/link/602055/xvid-orx264codecs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
5.175.5.64 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
vs235095.vs.hosteurope.de
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
ca726d4f497d9e8bf439ca57c6c87868a9acfa87c75aa381136c4aeefdb7d5ea

Request headers

Host
www.1upfun.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Date
Fri, 15 Oct 2021 04:49:09 GMT
Content-Length
10954
logo-small.png
www.1upfun.com/images/themes/1upfun/
2 KB
2 KB
Image
General
Full URL
https://www.1upfun.com/images/themes/1upfun/logo-small.png
Requested by
Host: www.1upfun.com
URL: https://www.1upfun.com/link/602055/xvid-orx264codecs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
5.175.5.64 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
vs235095.vs.hosteurope.de
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
40d809eb6b74a78560b133ef005b1fb29ae5626fc38d14a876f42bcc43269762

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.1upfun.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.1upfun.com/link/602055/xvid-orx264codecs
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://www.1upfun.com/link/602055/xvid-orx264codecs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 15 Oct 2021 04:49:10 GMT
Last-Modified
Tue, 02 Oct 2018 15:57:21 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"2d927c9a685ad41:0"
Content-Type
image/png
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
2004
appLogo.png
notes.io/theme/images/
8 KB
8 KB
Image
General
Full URL
https://notes.io/theme/images/appLogo.png
Requested by
Host: www.1upfun.com
URL: https://www.1upfun.com/link/602055/xvid-orx264codecs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.20.116.51 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
notes.io
Software
nginx /
Resource Hash
a8916bb7fd948bf76070d837fcf0a348a22961de58b974cbe6b7137ee3eb9f10

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.1upfun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 04:48:52 GMT
last-modified
Fri, 21 Feb 2020 23:12:56 GMT
server
nginx
etag
"5e5063f8-1ec0"
content-type
image/png
cache-control
max-age=31536000, public, no-transform
accept-ranges
bytes
content-length
7872
expires
Sat, 15 Oct 2022 04:48:52 GMT
js?id=UA-12703824-43
www.googletagmanager.com/gtag/
95 KB
38 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-12703824-43
Requested by
Host: www.1upfun.com
URL: https://www.1upfun.com/link/602055/xvid-orx264codecs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5314561335ec2c202f828be0a317d76eaa2a6139bef4dbd31c8e1509e25dcbd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.1upfun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 04:48:51 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38560
x-xss-protection
0
last-modified
Fri, 15 Oct 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 15 Oct 2021 04:48:51 GMT
jquery.min.js
www.1upfun.com/js/
94 KB
42 KB
Script
General
Full URL
https://www.1upfun.com/js/jquery.min.js
Requested by
Host: www.1upfun.com
URL: https://www.1upfun.com/link/602055/xvid-orx264codecs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
5.175.5.64 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
vs235095.vs.hosteurope.de
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.1upfun.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.1upfun.com/link/602055/xvid-orx264codecs
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://www.1upfun.com/link/602055/xvid-orx264codecs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 15 Oct 2021 04:49:10 GMT
Content-Encoding
gzip
ETag
"0466be499dd01:0"
Last-Modified
Tue, 02 Jun 2015 15:35:24 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
42821
addthis_widget.js
s7.addthis.com/js/300/
353 KB
114 KB
Script
General
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: www.1upfun.com
URL: https://www.1upfun.com/link/602055/xvid-orx264codecs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.1upfun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
cache-control
public, max-age=600
date
Fri, 15 Oct 2021 04:48:51 GMT
x-host
s7.addthis.com
content-length
116325
sdk.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.1upfun.com
URL: https://www.1upfun.com/link/602055/xvid-orx264codecs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1d4cd83ccb2495c895dab6bf06d5fde5e2c61877af678f88de90421ebeb1ed7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.1upfun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
B4yBpjY0CCDCuz+YCl9uRA==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1686
x-fb-rlafr
0
x-fb-debug
n/uCaHG84cQkQXG1ddjryT5gbRfDytIq606ftk+ZN/7jipWBemwCVF87A0cn8vuRLeuZ7Ls6hStm5UCYvL9Yow==
x-fb-trip-id
917726464
x-fb-content-md5
8d1ce0cbdc78cda097ab7168172bf9de
x-frame-options
DENY
date
Fri, 15 Oct 2021 04:48:51 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"e050d3f526e66af518dc2cb0b9210099"
timing-allow-origin
*
expires
Fri, 15 Oct 2021 04:50:12 GMT
sdk.js?hash=0920d5f3f3231a01dcd5ef5d92c77f42
connect.facebook.net/en_US/
269 KB
76 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=0920d5f3f3231a01dcd5ef5d92c77f42
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7344a86278c33baf5b111bbfff4c5c1e17d40b24067d7a5b1160e1a5e7b2e240
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.1upfun.com/
Origin
https://www.1upfun.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
RibVk4vfb7bW+LkUYs3ARA==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
77609
x-fb-rlafr
0
x-fb-debug
YD1K/K4OuVTbqfY2pjeN5Pgo8NSLKMfdleARjDinDnnTqjglfAN31sSsi3s5A9uiaG+Knu4443oQAr8nuUWURA==
x-fb-trip-id
917726464
x-fb-content-md5
9820212e27a412180536a29c81c74de7
x-frame-options
DENY
date
Fri, 15 Oct 2021 04:48:51 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"1252f468bd60b0577aecec644c31d54a"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 15 Oct 2022 01:05:46 GMT
moatframe.js
z.moatads.com/addthismoatframe568911941483/
2 KB
1 KB
Script
General
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.1upfun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 04:48:51 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
D5503D14AA2F06AA
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=50088
accept-ranges
bytes
content-length
948
x-amz-id-2
JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=
_ate.track.config_resp
v1.addthisedge.com/live/boost/ra-5a6eda4473c48ba0/
4 KB
1 KB
Script
General
Full URL
https://v1.addthisedge.com/live/boost/ra-5a6eda4473c48ba0/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7f9b2a4d5fae7ef7c38f6f1fd3019489a013454c643cd5ca7121a6e64a02563a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.1upfun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 04:48:51 GMT
content-encoding
gzip
etag
179824042--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=51, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
1134
300lo.json?si=616908338570d9e1&bkl=0&bl=1&pdt=188&sid=616908338570d9e1&pub=ra-5a6eda4473c48ba0&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.1upfun.com&fp=link%2F602055%2Fxvid-orx264codecs&fr=&of=0&...
m.addthis.com/live/red_lojson/
89 B
249 B
Script
General
Full URL
https://m.addthis.com/live/red_lojson/300lo.json?si=616908338570d9e1&bkl=0&bl=1&pdt=188&sid=616908338570d9e1&pub=ra-5a6eda4473c48ba0&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.1upfun.com&fp=link%2F602055%2Fxvid-orx264codecs&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=website&colc=1634273331285&jsl=129&uvs=61690833aa3574a7000&skipb=1&callback=addthis.cbs.jsonp__76610914365652390
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9974fb15155f0f5962e81075b730e602a673d00ad7f329da5049bafabdc0e549

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.1upfun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 04:48:51 GMT
cache-control
max-age=0, no-cache, no-store, no-transform
content-disposition
attachment; filename=1.txt
content-length
89
content-type
application/javascript;charset=utf-8
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame BF74
0
0

sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame B13C
71 KB
26 KB
Document
General
Full URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:method
GET
:authority
s7.addthis.com
:scheme
https
:path
/static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.1upfun.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.1upfun.com/

Response headers

server
nginx/1.15.8
content-type
text/html
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
etag
W/"5f971164-11adc"
timing-allow-origin
*
cache-control
public, max-age=86313600
p3p
CP="NON ADM OUR DEV IND COM STA"
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
content-length
26421
date
Fri, 15 Oct 2021 04:48:51 GMT
vary
Accept-Encoding
x-host
s7.addthis.com
analytics.js
www.google-analytics.com/
48 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-12703824-43
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.1upfun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Oct 2021 16:38:54 GMT
server
Golfe2
age
2865
date
Fri, 15 Oct 2021 04:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Fri, 15 Oct 2021 06:01:06 GMT
collect?v=1&_v=j93&a=78776779&t=pageview&_s=1&dl=https%3A%2F%2Fwww.1upfun.com%2Flink%2F602055%2Fxvid-orx264codecs&ul=en-us&de=UTF-8&dt=XviD%20orx264codecs&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_...
www.google-analytics.com/j/
1 B
206 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=78776779&t=pageview&_s=1&dl=https%3A%2F%2Fwww.1upfun.com%2Flink%2F602055%2Fxvid-orx264codecs&ul=en-us&de=UTF-8&dt=XviD%20orx264codecs&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=501842252&gjid=1978370520&cid=1517125814.1634273331&tid=UA-12703824-43&_gid=1001769917.1634273331&_r=1&gtm=2ouad0&z=1766836878
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.1upfun.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 04:48:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.1upfun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
custom-messages.5799ddf75a30812a3d49.js
s7.addthis.com/static/
114 KB
28 KB
Script
General
Full URL
https://s7.addthis.com/static/custom-messages.5799ddf75a30812a3d49.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
6e91e73fa61993cea2208718d670f5ed1161039b2c7c9fe38e21cdbd5d5ab181
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.1upfun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-1c9fc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
date
Fri, 15 Oct 2021 04:48:51 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
28519
layers.fa6cd1947ce26e890d3d.js
s7.addthis.com/static/
263 KB
76 KB
Script
General
Full URL
https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.1upfun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-41cf5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
date
Fri, 15 Oct 2021 04:48:51 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
77617
208.92c9dfa16a7b958c8a95.js
s7.addthis.com/static/
112 B
371 B
Script
General
Full URL
https://s7.addthis.com/static/208.92c9dfa16a7b958c8a95.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
778c8bc91659783db3edcb40463addbbed4a31e0f7e35617c7adac90dca05a25
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.1upfun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
"5f971164-70"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
date
Fri, 15 Oct 2021 04:48:51 GMT
x-host
s7.addthis.com
accept-ranges
bytes
timing-allow-origin
*
content-length
127
300vi.png?cad=shpu%3Df6py&positions=f6py%3Dcenter&goals=f6py%3Dshare&first=1&rv=0&uvs=61690833aa3574a7&pub=ra-5a6eda4473c48ba0&dp=www.1upfun.com&rev=v8.28.8-wp
m.addthis.com/live/red_lojson/
0
110 B
Image
General
Full URL
https://m.addthis.com/live/red_lojson/300vi.png?cad=shpu%3Df6py&positions=f6py%3Dcenter&goals=f6py%3Dshare&first=1&rv=0&uvs=61690833aa3574a7&pub=ra-5a6eda4473c48ba0&dp=www.1upfun.com&rev=v8.28.8-wp
Requested by
Host: www.1upfun.com
URL: https://www.1upfun.com/link/602055/xvid-orx264codecs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.1upfun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 04:48:51 GMT
cache-control
max-age=0, no-cache, no-store
expires
Fri, 15 Oct 2021 04:48:51 GMT
shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.1upfun.com%2Flink%2F602055%2Fxvid-orx264codecs
api-public.addthis.com/url/serviceapi/
2 B
276 B
XHR
General
Full URL
https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.1upfun.com%2Flink%2F602055%2Fxvid-orx264codecs
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.1upfun.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
text/plain

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
surrogate-key
sFbt=https://www.1upfun.com/link/602055/xvid-orx264codecs
last-modified
Fri, 15 Oct 2021 04:00:00 GMT
server
nginx/1.15.8
date
Fri, 15 Oct 2021 04:48:51 GMT
content-type
application/json
access-control-allow-origin
https://www.1upfun.com
cache-control
no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials
true
content-length
2
count.json?url=https%3A%2F%2Fwww.1upfun.com%2Flink%2F602055%2Fxvid-orx264codecs&callback=window._ate.cbs.rcb_l7n50
widgets.pinterest.com/v1/urls/
99 B
326 B
Script
General
Full URL
https://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fwww.1upfun.com%2Flink%2F602055%2Fxvid-orx264codecs&callback=window._ate.cbs.rcb_l7n50
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6cb6f4c37f158f75238dd83d881f9de9a5e8699098724525e5a3fe0e3cacd583
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.1upfun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 04:48:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
0
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
must-revalidate, max-age=887
x-envoy-upstream-service-time
3
accept-ranges
none
x-pinterest-rid
4959089670997283
expires
Fri, 15 Oct 2021 05:03:51 GMT
shares.json?url=https%3A%2F%2Fwww.1upfun.com%2Flink%2F602055%2Fxvid-orx264codecs&callback=_ate.cbs.rcb_63yy0
api-public.addthis.com/url/
33 B
302 B
Script
General
Full URL
https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.1upfun.com%2Flink%2F602055%2Fxvid-orx264codecs&callback=_ate.cbs.rcb_63yy0
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
90ecc323dad03e95d9e7d8c151f76c8a176da8400ed8ae37a692a795025b41af
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.1upfun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
surrogate-key
www.1upfun.com/link/602055/xvid-orx264codecs
last-modified
Fri, 15 Oct 2021 04:48:51 GMT
server
nginx/1.15.8
date
Fri, 15 Oct 2021 04:48:51 GMT
vary
Accept-Encoding
content-type
application/json
cache-control
no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length
53
count.json?url=http%3A%2F%2Fwww.1upfun.com%2Flink%2F602055%2Fxvid-orx264codecs&callback=window._ate.cbs.rcb_drvh0
widgets.pinterest.com/v1/urls/
98 B
172 B
Script
General
Full URL
https://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fwww.1upfun.com%2Flink%2F602055%2Fxvid-orx264codecs&callback=window._ate.cbs.rcb_drvh0
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9d1b52ebef03b82c3f5ac6e39646955f0bb615d30717884e878400b486c066b5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.1upfun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 04:48:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
0
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
must-revalidate, max-age=887
x-envoy-upstream-service-time
18
accept-ranges
none
x-pinterest-rid
3482272926723832
expires
Fri, 15 Oct 2021 05:03:51 GMT
shares.json?url=http%3A%2F%2Fwww.1upfun.com%2Flink%2F602055%2Fxvid-orx264codecs&callback=_ate.cbs.rcb_1hw10
api-public.addthis.com/url/
33 B
302 B
Script
General
Full URL
https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fwww.1upfun.com%2Flink%2F602055%2Fxvid-orx264codecs&callback=_ate.cbs.rcb_1hw10
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
5de89ff6d4450ba50f06c713a9c2ed62e5e7e174a6b2c821e3470299dc297070
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.1upfun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
surrogate-key
www.1upfun.com/link/602055/xvid-orx264codecs
last-modified
Fri, 15 Oct 2021 04:48:51 GMT
server
nginx/1.15.8
date
Fri, 15 Oct 2021 04:48:51 GMT
vary
Accept-Encoding
content-type
application/json
cache-control
no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length
53
data:truncated
data:truncated
443 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f83d4a173fad8%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3...
www.facebook.com/v3.2/plugins/ Frame 0A16
0
2 KB
Document
General
Full URL
https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f83d4a173fad8%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.1upfun.com%252Ff1d4192c74cc828%26relation%3Dparent.parent&container_width=0&font=arial&height=25&href=https%3A%2F%2Fwww.1upfun.com%2Flink%2F602055%2Fxvid-orx264codecs&layout=button_count&locale=en_US&sdk=joey&send=false&share=false&show_faces=false&width=90
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=0920d5f3f3231a01dcd5ef5d92c77f42
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v3.2/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f83d4a173fad8%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.1upfun.com%252Ff1d4192c74cc828%26relation%3Dparent.parent&container_width=0&font=arial&height=25&href=https%3A%2F%2Fwww.1upfun.com%2Flink%2F602055%2Fxvid-orx264codecs&layout=button_count&locale=en_US&sdk=joey&send=false&share=false&show_faces=false&width=90
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.1upfun.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.1upfun.com/

Response headers

content-type
text/html;charset=utf-8
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net;block-all-mixed-content;upgrade-insecure-requests;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-content-type-options
nosniff
x-xss-protection
0
x-fb-debug
DpAfnswG4X/mbz2QYddBYkVtFjkZpXh1AQbOnwUgKt+x1WAgYiii6H6ZufC1YLoXK6rnltto54RxqNNYh1evIw==
content-length
0
date
Fri, 15 Oct 2021 04:48:51 GMT
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f42968436e858%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3Dhtt...
www.facebook.com/v3.2/plugins/ Frame 8197
42 KB
13 KB
Document
General
Full URL
https://www.facebook.com/v3.2/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f42968436e858%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.1upfun.com%252Ff1d4192c74cc828%26relation%3Dparent.parent&container_width=94&href=https%3A%2F%2Fwww.1upfun.com%2Flink%2F602055%2Fxvid-orx264codecs&layout=button_count&locale=en_US&sdk=joey
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=0920d5f3f3231a01dcd5ef5d92c77f42
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fd5748b0d990dca7776ed7820e7acc470bcc1856082138a7126833df8440d94d
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v3.2/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f42968436e858%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.1upfun.com%252Ff1d4192c74cc828%26relation%3Dparent.parent&container_width=94&href=https%3A%2F%2Fwww.1upfun.com%2Flink%2F602055%2Fxvid-orx264codecs&layout=button_count&locale=en_US&sdk=joey
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.1upfun.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.1upfun.com/

Response headers

vary
Accept-Encoding
content-encoding
br
x-fb-rlafr
0
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net;block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version
v4.0
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
I/evibEKS0b0F0I95nhZo5c3BlbtxO9O0rWk6m+QNIqV5xn58epBhZGhmwyHV9JCeevZ+w2uV1bE6g5tAfA5Xw==
date
Fri, 15 Oct 2021 04:48:51 GMT
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
widgets.js
platform.twitter.com/
96 KB
29 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cfd3099998b0c37ace8024cbd802160585ba9be1c0047fefc172035184f074df

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.1upfun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 04:48:51 GMT
content-encoding
gzip
last-modified
Thu, 30 Sep 2021 19:09:26 GMT
etag
"f9ab884058c9d8de47075baa622f0e7e+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=1800
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
28869
tw-cdn
FT
x-served-by
cache-bwi5154-BWI, cache-fra19128-FRA
pinit.js
assets.pinterest.com/js/
361 B
431 B
Script
General
Full URL
https://assets.pinterest.com/js/pinit.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:54::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.1upfun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 04:48:51 GMT
content-encoding
br
x-cdn
fastly
etag
"62d32c28f14783b94192cd8d35bc010d"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=300
content-length
203
access-control-expose-headers
X-CDN
counter.d27508c102582d608697.js
s7.addthis.com/static/
24 KB
8 KB
Script
General
Full URL
https://s7.addthis.com/static/counter.d27508c102582d608697.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
e4f924eac92aa3cc4ea64f2891447e8bd3af49e1a5c0bcd04b7356e2f7f1c04c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.1upfun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-5fd2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
date
Fri, 15 Oct 2021 04:48:51 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
8265
shares.json?url=https%3A%2F%2Fwww.1upfun.com%2Flink%2F602055%2Fxvid-orx264codecs&callback=_ate.cbs.sc_httpswww1upfuncomlink602055xvidorx264codecs0
api-public.addthis.com/url/
71 B
340 B
Script
General
Full URL
https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.1upfun.com%2Flink%2F602055%2Fxvid-orx264codecs&callback=_ate.cbs.sc_httpswww1upfuncomlink602055xvidorx264codecs0
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
cb63c5fc39bba6209771d8b8138f71789d500d76302dafd94fe39f0e8e644de4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.1upfun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
surrogate-key
www.1upfun.com/link/602055/xvid-orx264codecs
last-modified
Fri, 15 Oct 2021 04:48:51 GMT
server
nginx/1.15.8
date
Fri, 15 Oct 2021 04:48:51 GMT
vary
Accept-Encoding
content-type
application/json
cache-control
no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length
91
widget_iframe.58065ae230495f5d9e4b6a916472b2c1.html?origin=https%3A%2F%2Fwww.1upfun.com
platform.twitter.com/widgets/ Frame 07DB
319 KB
103 KB
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.58065ae230495f5d9e4b6a916472b2c1.html?origin=https%3A%2F%2Fwww.1upfun.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

:method
GET
:authority
platform.twitter.com
:scheme
https
:path
/widgets/widget_iframe.58065ae230495f5d9e4b6a916472b2c1.html?origin=https%3A%2F%2Fwww.1upfun.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.1upfun.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.1upfun.com/

Response headers

last-modified
Thu, 30 Sep 2021 18:56:47 GMT
cache-control
public, max-age=315360000
content-type
text/html; charset=utf-8
etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
content-encoding
gzip
access-control-allow-methods
GET
access-control-allow-origin
*
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges
bytes
date
Fri, 15 Oct 2021 04:48:51 GMT
x-served-by
cache-bwi5128-BWI, cache-fra19128-FRA
x-cache
HIT, HIT
vary
Accept-Encoding
tw-cdn
FT
content-length
105433
settings?session_id=e1b8063487ab9085bd7ec6b3aee5f813472bff3e
syndication.twitter.com/ Frame 07DB
232 B
432 B
Fetch
General
Full URL
https://syndication.twitter.com/settings?session_id=e1b8063487ab9085bd7ec6b3aee5f813472bff3e
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.58065ae230495f5d9e4b6a916472b2c1.html?origin=https%3A%2F%2Fwww.1upfun.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 04:48:51 GMT
content-encoding
gzip
last-modified
Fri, 15 Oct 2021 04:48:51 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
9e8656336e2641b89267fc4c23b69d300da834c4a5c10d21529b48af407e4c3d
content-length
166
pinit_main.js?0.8110814318959847
assets.pinterest.com/js/
66 KB
18 KB
Script
General
Full URL
https://assets.pinterest.com/js/pinit_main.js?0.8110814318959847
Requested by
Host: assets.pinterest.com
URL: https://assets.pinterest.com/js/pinit.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:54::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
75ad585dd9aeca2614593614f6fd317e98b267e6595ffc18e9675e1c744b7a03

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.1upfun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 04:48:51 GMT
content-encoding
br
x-cdn
fastly
etag
"0c6c6fa4aaa25b5091d9f0d1fe79700b"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=300
content-length
18683
access-control-expose-headers
X-CDN
data:truncated
data:truncated
171 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0d2fd5a42a1849ad0d820611e243fd81fe81ee767716b639ff7e88c1e9f78bb6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
zSKZHMh8mXU.png
www.facebook.com/rsrc.php/v3/yr/r/ Frame 8197
388 B
1 KB
Image
General
Full URL
https://www.facebook.com/rsrc.php/v3/yr/r/zSKZHMh8mXU.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f42968436e858%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.1upfun.com%252Ff1d4192c74cc828%26relation%3Dparent.parent&container_width=94&href=https%3A%2F%2Fwww.1upfun.com%2Flink%2F602055%2Fxvid-orx264codecs&layout=button_count&locale=en_US&sdk=joey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f9a1a0ac26eaf5b7f6cc7223b5dd4b5f545b5a48fb598c7442e5f76384f1be8c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.facebook.com/v3.2/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f42968436e858%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.1upfun.com%252Ff1d4192c74cc828%26relation%3Dparent.parent&container_width=94&href=https%3A%2F%2Fwww.1upfun.com%2Flink%2F602055%2Fxvid-orx264codecs&layout=button_count&locale=en_US&sdk=joey
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-fb-debug
iKhkz/KzKHqKDZSBojA54ZL/ttnHnV1QhP/vakPtjLYtkAqlAzGeloo5Fa7oWdLZorSOI1FTO45hkUKrMUkl0Q==
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
mLIKfuTnwd0c8uA9BXg4cQ==
date
Tue, 12 Oct 2021 02:11:31 GMT
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com;frame-src *.facebook.com *.fbsbx.com data:;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
priority
u=3,i
timing-allow-origin
*
content-length
388
x-fb-rlafr
0
expires
Wed, 12 Oct 2022 02:11:31 GMT
tg7o9y5C7jU.js?_nc_x=Ij3Wp8lg5Kz
www.facebook.com/rsrc.php/v3iEpO4/yt/l/en_US/ Frame 8197
514 KB
135 KB
Script
General
Full URL
https://www.facebook.com/rsrc.php/v3iEpO4/yt/l/en_US/tg7o9y5C7jU.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f42968436e858%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.1upfun.com%252Ff1d4192c74cc828%26relation%3Dparent.parent&container_width=94&href=https%3A%2F%2Fwww.1upfun.com%2Flink%2F602055%2Fxvid-orx264codecs&layout=button_count&locale=en_US&sdk=joey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9b8dbc010995cbd4cf770e371f7eab2be26c66a3fb0ce9a1971ba6f93d2c6cc6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.facebook.com/v3.2/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f42968436e858%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.1upfun.com%252Ff1d4192c74cc828%26relation%3Dparent.parent&container_width=94&href=https%3A%2F%2Fwww.1upfun.com%2Flink%2F602055%2Fxvid-orx264codecs&layout=button_count&locale=en_US&sdk=joey
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 03:39:43 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
xJ66qaI+ZmEcCM17FOKQKg==
content-security-policy-report-only
default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
content-length
137659
x-fb-rlafr
0
x-fb-debug
sAFoosmWHwSXEdbw9P77P+vhZrm4O8yWMLILOL3Q0D3/6HwRkKBbFZMDtzyBO/GY6ricAS/Al2ExBnk/tu2Eng==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 15 Oct 2022 03:39:43 GMT
data:truncated
data:truncated
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
859adbfc48bb0b06c58fe109db4909585fbca5df398d49185fc0f486bad1ac96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
button.5d16ecc02fbaf599a24dfb57ab239320.js
platform.twitter.com/js/
7 KB
2 KB
Script
General
Full URL
https://platform.twitter.com/js/button.5d16ecc02fbaf599a24dfb57ab239320.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3ee8351e156e2e80d99018a585c18c0dbd9098e3bea84a131d8cbad1ec72c81e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.1upfun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 04:48:51 GMT
content-encoding
gzip
last-modified
Thu, 30 Sep 2021 18:56:33 GMT
etag
"6b95f5a9a2ff4b885e2eafdf446d70d0+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=315360000
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
2296
tw-cdn
FT
x-served-by
cache-bwi5182-BWI, cache-fra19128-FRA
cavalry_endpoint.php?t_cstart=1634273331859&t_start=1634273331859&t_domcontent=1634273331884&t_layout=1634273331937&t_onload=1634273331937&t_paint=1634273331937&t_creport=1634273331937&t_tti=163427...
www.facebook.com/common/ Frame 8197
0
0

share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2d806d3ae85514%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3Dhtt...
www.facebook.com/v3.2/plugins/ Frame F313
42 KB
13 KB
Document
General
Full URL
https://www.facebook.com/v3.2/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2d806d3ae85514%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.1upfun.com%252Ff1d4192c74cc828%26relation%3Dparent.parent&container_width=77&href=https%3A%2F%2Fwww.1upfun.com%2Flink%2F602055%2Fxvid-orx264codecs&layout=button_count&locale=en_US&sdk=joey
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=0920d5f3f3231a01dcd5ef5d92c77f42
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
833eadabc576efaa1f67227897ad3635ed4a6563064c89fcec43ca0e9367623a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v3.2/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2d806d3ae85514%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.1upfun.com%252Ff1d4192c74cc828%26relation%3Dparent.parent&container_width=77&href=https%3A%2F%2Fwww.1upfun.com%2Flink%2F602055%2Fxvid-orx264codecs&layout=button_count&locale=en_US&sdk=joey
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.1upfun.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.1upfun.com/

Response headers

vary
Accept-Encoding
content-encoding
br
x-fb-rlafr
0
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net;block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version
v4.0
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
Gnf07i0oayfUnnzPticwt5hpbb1rE2DvvDeyW9KZnZ10qG0i7pdsMnp+J60QW2fFHPi/XcZ9yJqa0BgHuEnofw==
date
Fri, 15 Oct 2021 04:48:52 GMT
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df23ede8c7fa0a0c%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3Dhttps%2...
www.facebook.com/v3.2/plugins/ Frame 57E9
0
0
Document
General
Full URL
https://www.facebook.com/v3.2/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df23ede8c7fa0a0c%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.1upfun.com%252Ff1d4192c74cc828%26relation%3Dparent.parent&container_width=1180&height=100&href=https%3A%2F%2Fwww.1upfun.com%2Flink%2F602055%2Fxvid-orx264codecs&locale=en_US&numposts=5&sdk=joey&version=v3.2&width=
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=0920d5f3f3231a01dcd5ef5d92c77f42
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v3.2/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df23ede8c7fa0a0c%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.1upfun.com%252Ff1d4192c74cc828%26relation%3Dparent.parent&container_width=1180&height=100&href=https%3A%2F%2Fwww.1upfun.com%2Flink%2F602055%2Fxvid-orx264codecs&locale=en_US&numposts=5&sdk=joey&version=v3.2&width=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.1upfun.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.1upfun.com/

Response headers

content-type
text/html;charset=utf-8
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net;block-all-mixed-content;upgrade-insecure-requests;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
x-content-type-options
nosniff
x-xss-protection
0
x-fb-debug
oo0VxjfBg8c3Qel67/KhLQB6YCNcDU4vhFMWQyYVjVs6JU0uzmcdgmIyDSemL2igrEBtMqYXhpUMnkZ9kBnzCg==
content-length
0
date
Fri, 15 Oct 2021 04:48:52 GMT
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df18c388fce753e8%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3...
www.facebook.com/v3.2/plugins/ Frame 2878
0
119 B
Document
General
Full URL
https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df18c388fce753e8%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.1upfun.com%252Ff1d4192c74cc828%26relation%3Dparent.parent&container_width=575&href=https%3A%2F%2Fwww.1upfun.com%2Flink%2F802819%2Ffeel-your-feet-your-foot-health-community-dr-anders&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=0920d5f3f3231a01dcd5ef5d92c77f42
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v3.2/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df18c388fce753e8%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.1upfun.com%252Ff1d4192c74cc828%26relation%3Dparent.parent&container_width=575&href=https%3A%2F%2Fwww.1upfun.com%2Flink%2F802819%2Ffeel-your-feet-your-foot-health-community-dr-anders&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.1upfun.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.1upfun.com/

Response headers

content-type
text/html;charset=utf-8
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net;block-all-mixed-content;upgrade-insecure-requests;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-content-type-options
nosniff
x-xss-protection
0
x-fb-debug
jIsynVFvbRxKH49tcFkfO4jdLKhNOLEX93EeoWT9Vd9DSZGZSZaa+fdf549X64Khgc/kwJ/aTUkm6TFMOIxwaQ==
content-length
0
date
Fri, 15 Oct 2021 04:48:52 GMT
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df33859bd5e66d54%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3...
www.facebook.com/v3.2/plugins/ Frame C4EF
0
121 B
Document
General
Full URL
https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df33859bd5e66d54%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.1upfun.com%252Ff1d4192c74cc828%26relation%3Dparent.parent&container_width=575&href=https%3A%2F%2Fwww.1upfun.com%2Flink%2F802814%2Fwhy-experts-say-monoclonal-antibodies-aren-t-vaccine-substitute&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=0920d5f3f3231a01dcd5ef5d92c77f42
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v3.2/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df33859bd5e66d54%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.1upfun.com%252Ff1d4192c74cc828%26relation%3Dparent.parent&container_width=575&href=https%3A%2F%2Fwww.1upfun.com%2Flink%2F802814%2Fwhy-experts-say-monoclonal-antibodies-aren-t-vaccine-substitute&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.1upfun.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.1upfun.com/

Response headers

content-type
text/html;charset=utf-8
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net;block-all-mixed-content;upgrade-insecure-requests;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-content-type-options
nosniff
x-xss-protection
0
x-fb-debug
nHv+S3CQGY6OI57/5PKBzVCqPs9H0VEA1Z77o8UGfTFSuB8xXDmRSnpW1L4pXBj9TvqZRuODNbO/hxMnrzzGCA==
content-length
0
date
Fri, 15 Oct 2021 04:48:52 GMT
priority
u=3,i
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df17fc4a5faf50dc%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3...
www.facebook.com/v3.2/plugins/ Frame 397A
0
119 B
Document
General
Full URL
https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df17fc4a5faf50dc%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.1upfun.com%252Ff1d4192c74cc828%26relation%3Dparent.parent&container_width=575&href=https%3A%2F%2Fwww.1upfun.com%2Flink%2F802813%2Fwinder-ga-lawyer-the-law-office-of-mitchell-crunk&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=0920d5f3f3231a01dcd5ef5d92c77f42
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v3.2/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df17fc4a5faf50dc%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.1upfun.com%252Ff1d4192c74cc828%26relation%3Dparent.parent&container_width=575&href=https%3A%2F%2Fwww.1upfun.com%2Flink%2F802813%2Fwinder-ga-lawyer-the-law-office-of-mitchell-crunk&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.1upfun.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.1upfun.com/

Response headers

content-type
text/html;charset=utf-8
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net;block-all-mixed-content;upgrade-insecure-requests;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-content-type-options
nosniff
x-xss-protection
0
x-fb-debug
b3VsTR4iskhDrJyx1dI1BSGaz81FvYQo61O46GWzxdRU67C6BXLmm7XLOTqET4pfZwyet0w8U1oE6MPyCOW11Q==
content-length
0
date
Fri, 15 Oct 2021 04:48:52 GMT
priority
u=3,i
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3ee7645a0ad288%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3...
www.facebook.com/v3.2/plugins/ Frame 49B5
0
117 B
Document
General
Full URL
https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3ee7645a0ad288%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.1upfun.com%252Ff1d4192c74cc828%26relation%3Dparent.parent&container_width=575&href=https%3A%2F%2Fwww.1upfun.com%2Flink%2F802812%2Ffree-download-venom-2-2021-torrent-movie-hd-yts-by-xzxzxza-on-deviantart&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=0920d5f3f3231a01dcd5ef5d92c77f42
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v3.2/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3ee7645a0ad288%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.1upfun.com%252Ff1d4192c74cc828%26relation%3Dparent.parent&container_width=575&href=https%3A%2F%2Fwww.1upfun.com%2Flink%2F802812%2Ffree-download-venom-2-2021-torrent-movie-hd-yts-by-xzxzxza-on-deviantart&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.1upfun.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.1upfun.com/

Response headers

content-type
text/html;charset=utf-8
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net;block-all-mixed-content;upgrade-insecure-requests;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-content-type-options
nosniff
x-xss-protection
0
x-fb-debug
yecZBQ1FCO6LtrqaoZHC/12Ct1woloGZPj2S+Huq+zT02mfgFFy1L1elHkzAl0QbPFR9jd7s2B0RMSkAV1IBcg==
content-length
0
date
Fri, 15 Oct 2021 04:48:52 GMT
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df19d193b0b11854%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3...
www.facebook.com/v3.2/plugins/ Frame 1DCA
0
727 B
Document
General
Full URL
https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df19d193b0b11854%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.1upfun.com%252Ff1d4192c74cc828%26relation%3Dparent.parent&container_width=575&href=https%3A%2F%2Fwww.1upfun.com%2Flink%2F802811%2Fwatch-download-hd-my-first-story-minimore&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=0920d5f3f3231a01dcd5ef5d92c77f42
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v3.2/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df19d193b0b11854%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.1upfun.com%252Ff1d4192c74cc828%26relation%3Dparent.parent&container_width=575&href=https%3A%2F%2Fwww.1upfun.com%2Flink%2F802811%2Fwatch-download-hd-my-first-story-minimore&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.1upfun.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.1upfun.com/

Response headers

content-type
text/html;charset=utf-8
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-content-type-options
nosniff
x-xss-protection
0
x-fb-debug
0LmUPfZz31+z4p1uMeBO09hGqnMnNe9O/C7WGDQ8iw0qUZE4KeoMHwLvXnwNKR+o3ATNBErTfdTY1gkN58WsFA==
content-length
0
date
Fri, 15 Oct 2021 04:48:52 GMT
priority
u=3,i
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2733629960aa98%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3...
www.facebook.com/v3.2/plugins/ Frame 610F
0
118 B
Document
General
Full URL
https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2733629960aa98%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.1upfun.com%252Ff1d4192c74cc828%26relation%3Dparent.parent&container_width=575&href=https%3A%2F%2Fwww.1upfun.com%2Flink%2F802810%2Ffree-download-bergman-island-2021-full-movie-torrent-site-wakelet&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=0920d5f3f3231a01dcd5ef5d92c77f42
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v3.2/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2733629960aa98%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.1upfun.com%252Ff1d4192c74cc828%26relation%3Dparent.parent&container_width=575&href=https%3A%2F%2Fwww.1upfun.com%2Flink%2F802810%2Ffree-download-bergman-island-2021-full-movie-torrent-site-wakelet&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.1upfun.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.1upfun.com/

Response headers

content-type
text/html;charset=utf-8
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net;block-all-mixed-content;upgrade-insecure-requests;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-content-type-options
nosniff
x-xss-protection
0
x-fb-debug
MYmDHLnEbyFp5tIJPqUibjOLtdQZ7rHmKmFzmH2Clq9/veVpC/ElT7uthgx5n4BdAku202C5J7JBgsjOjbshvg==
content-length
0
date
Fri, 15 Oct 2021 04:48:52 GMT
priority
u=3,i
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2bc82b89c34c78%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3...
www.facebook.com/v3.2/plugins/ Frame 0CE0
0
119 B
Document
General
Full URL
https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2bc82b89c34c78%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.1upfun.com%252Ff1d4192c74cc828%26relation%3Dparent.parent&container_width=575&href=https%3A%2F%2Fwww.1upfun.com%2Flink%2F802809%2Fdownload-squid-game-2021-torrent-movie-in-hd-%25E2%2580%2593-yts-wakelet&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=0920d5f3f3231a01dcd5ef5d92c77f42
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v3.2/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2bc82b89c34c78%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.1upfun.com%252Ff1d4192c74cc828%26relation%3Dparent.parent&container_width=575&href=https%3A%2F%2Fwww.1upfun.com%2Flink%2F802809%2Fdownload-squid-game-2021-torrent-movie-in-hd-%25E2%2580%2593-yts-wakelet&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.1upfun.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.1upfun.com/

Response headers

content-type
text/html;charset=utf-8
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net;block-all-mixed-content;upgrade-insecure-requests;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-content-type-options
nosniff
x-xss-protection
0
x-fb-debug
ePf0KqsocKXKoI1y2QSGHUn7CtKeyxVS+xhY0J68KlQ4ad59Y7OlmxLT7TxxnFbkQMlHTIfyC2aVEqApXhSanA==
content-length
0
date
Fri, 15 Oct 2021 04:48:52 GMT
priority
u=3,i
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7f471737dbc4%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3Dh...
www.facebook.com/v3.2/plugins/ Frame E7F4
0
119 B
Document
General
Full URL
https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7f471737dbc4%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.1upfun.com%252Ff1d4192c74cc828%26relation%3Dparent.parent&container_width=575&href=https%3A%2F%2Fwww.1upfun.com%2Flink%2F802803%2Fwatch-gremlins-1984-online-full-hd-movie-free&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=0920d5f3f3231a01dcd5ef5d92c77f42
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v3.2/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7f471737dbc4%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.1upfun.com%252Ff1d4192c74cc828%26relation%3Dparent.parent&container_width=575&href=https%3A%2F%2Fwww.1upfun.com%2Flink%2F802803%2Fwatch-gremlins-1984-online-full-hd-movie-free&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.1upfun.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.1upfun.com/

Response headers

content-type
text/html;charset=utf-8
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net;block-all-mixed-content;upgrade-insecure-requests;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-content-type-options
nosniff
x-xss-protection
0
x-fb-debug
vSmLRITOXnmXny39u9IXwa7To38+61tKhgJ2ZOfqGsXTRVGtVRROCJTtZwkUozt6oa4LDVwY9fygCNUHmPa/Ng==
content-length
0
date
Fri, 15 Oct 2021 04:48:52 GMT
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df139021c7f8c094%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3...
www.facebook.com/v3.2/plugins/ Frame 3F53
0
119 B
Document
General
Full URL
https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df139021c7f8c094%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.1upfun.com%252Ff1d4192c74cc828%26relation%3Dparent.parent&container_width=575&href=https%3A%2F%2Fwww.1upfun.com%2Flink%2F802796%2Fwatch-here-the-last-duel-2021-full-movie-download-full-hd-1080p-telegram-123movies-wakelet&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=0920d5f3f3231a01dcd5ef5d92c77f42
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v3.2/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df139021c7f8c094%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.1upfun.com%252Ff1d4192c74cc828%26relation%3Dparent.parent&container_width=575&href=https%3A%2F%2Fwww.1upfun.com%2Flink%2F802796%2Fwatch-here-the-last-duel-2021-full-movie-download-full-hd-1080p-telegram-123movies-wakelet&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.1upfun.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.1upfun.com/

Response headers

content-type
text/html;charset=utf-8
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-content-type-options
nosniff
x-xss-protection
0
x-fb-debug
4w8Fa3KkWgYrfp8E/oumaqfDmOlysKacYvxHz8ZXkSVjN2FHpfbQxJKh9xtiJRp5RhnkuzpS0FdADWnuFmjzpg==
content-length
0
date
Fri, 15 Oct 2021 04:48:52 GMT
priority
u=3,i
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1276d10f680ac4%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3...
www.facebook.com/v3.2/plugins/ Frame D212
0
120 B
Document
General
Full URL
https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1276d10f680ac4%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.1upfun.com%252Ff1d4192c74cc828%26relation%3Dparent.parent&container_width=575&href=https%3A%2F%2Fwww.1upfun.com%2Flink%2F802778%2Ftarget-drone-market-research-report-market-size-industry-outlook-market-forecast-demand-analysis-market-share-market-report-2021-2026&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=0920d5f3f3231a01dcd5ef5d92c77f42
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v3.2/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1276d10f680ac4%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.1upfun.com%252Ff1d4192c74cc828%26relation%3Dparent.parent&container_width=575&href=https%3A%2F%2Fwww.1upfun.com%2Flink%2F802778%2Ftarget-drone-market-research-report-market-size-industry-outlook-market-forecast-demand-analysis-market-share-market-report-2021-2026&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.1upfun.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.1upfun.com/

Response headers

content-type
text/html;charset=utf-8
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net;block-all-mixed-content;upgrade-insecure-requests;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-content-type-options
nosniff
x-xss-protection
0
x-fb-debug
mqRa/tze+cL/QNdaazQCEq6yhFiPj46F/mNlW/dHCluOf6AXIYvHiVZuxlKwydLTADykPYcrAWMWu3m5UlzOGQ==
content-length
0
date
Fri, 15 Oct 2021 04:48:52 GMT
priority
u=3,i
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
tweet_button.58065ae230495f5d9e4b6a916472b2c1.en.html
platform.twitter.com/widgets/ Frame 0ED5
32 KB
12 KB
Document
General
Full URL
https://platform.twitter.com/widgets/tweet_button.58065ae230495f5d9e4b6a916472b2c1.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fca9fbc2b7bad4d08e4b4cfe80420df03b1bfa4cc2988540b4e816cc905bf33f

Request headers

:method
GET
:authority
platform.twitter.com
:scheme
https
:path
/widgets/tweet_button.58065ae230495f5d9e4b6a916472b2c1.en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.1upfun.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.1upfun.com/

Response headers

last-modified
Thu, 30 Sep 2021 18:56:41 GMT
cache-control
public, max-age=315360000
content-type
text/html; charset=utf-8
etag
"a4ee8ee440f819aba90d7a1be062a8d7+gzip"
content-encoding
gzip
access-control-allow-methods
GET
access-control-allow-origin
*
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges
bytes
date
Fri, 15 Oct 2021 04:48:52 GMT
x-served-by
cache-bwi5137-BWI, cache-fra19128-FRA
x-cache
HIT, HIT
vary
Accept-Encoding
tw-cdn
FT
content-length
12235
zSKZHMh8mXU.png
www.facebook.com/rsrc.php/v3/yr/r/ Frame F313
388 B
532 B
Image
General
Full URL
https://www.facebook.com/rsrc.php/v3/yr/r/zSKZHMh8mXU.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2d806d3ae85514%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.1upfun.com%252Ff1d4192c74cc828%26relation%3Dparent.parent&container_width=77&href=https%3A%2F%2Fwww.1upfun.com%2Flink%2F602055%2Fxvid-orx264codecs&layout=button_count&locale=en_US&sdk=joey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f9a1a0ac26eaf5b7f6cc7223b5dd4b5f545b5a48fb598c7442e5f76384f1be8c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.facebook.com/v3.2/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2d806d3ae85514%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.1upfun.com%252Ff1d4192c74cc828%26relation%3Dparent.parent&container_width=77&href=https%3A%2F%2Fwww.1upfun.com%2Flink%2F602055%2Fxvid-orx264codecs&layout=button_count&locale=en_US&sdk=joey
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-fb-debug
iKhkz/KzKHqKDZSBojA54ZL/ttnHnV1QhP/vakPtjLYtkAqlAzGeloo5Fa7oWdLZorSOI1FTO45hkUKrMUkl0Q==
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
mLIKfuTnwd0c8uA9BXg4cQ==
date
Tue, 12 Oct 2021 02:11:31 GMT
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com;frame-src *.facebook.com *.fbsbx.com data:;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
priority
u=3,i
timing-allow-origin
*
content-length
388
x-fb-rlafr
0
expires
Wed, 12 Oct 2022 02:11:31 GMT
tg7o9y5C7jU.js?_nc_x=Ij3Wp8lg5Kz
www.facebook.com/rsrc.php/v3iEpO4/yt/l/en_US/ Frame F313
514 KB
135 KB
Script
General
Full URL
https://www.facebook.com/rsrc.php/v3iEpO4/yt/l/en_US/tg7o9y5C7jU.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2d806d3ae85514%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.1upfun.com%252Ff1d4192c74cc828%26relation%3Dparent.parent&container_width=77&href=https%3A%2F%2Fwww.1upfun.com%2Flink%2F602055%2Fxvid-orx264codecs&layout=button_count&locale=en_US&sdk=joey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9b8dbc010995cbd4cf770e371f7eab2be26c66a3fb0ce9a1971ba6f93d2c6cc6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.facebook.com/v3.2/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2d806d3ae85514%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.1upfun.com%252Ff1d4192c74cc828%26relation%3Dparent.parent&container_width=77&href=https%3A%2F%2Fwww.1upfun.com%2Flink%2F602055%2Fxvid-orx264codecs&layout=button_count&locale=en_US&sdk=joey
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 03:39:43 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
xJ66qaI+ZmEcCM17FOKQKg==
content-security-policy-report-only
default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
content-length
137659
x-fb-rlafr
0
x-fb-debug
sAFoosmWHwSXEdbw9P77P+vhZrm4O8yWMLILOL3Q0D3/6HwRkKBbFZMDtzyBO/GY6ricAS/Al2ExBnk/tu2Eng==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 15 Oct 2022 03:39:43 GMT
data:truncated
data:truncated Frame 0ED5
822 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
cavalry_endpoint.php?t_cstart=1634273332286&t_start=1634273332286&t_domcontent=1634273332313&t_layout=1634273332357&t_onload=1634273332357&t_paint=1634273332357&t_creport=1634273332357&t_tti=163427...
www.facebook.com/common/ Frame F313
67 B
783 B
Image
General
Full URL
https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1634273332286&t_start=1634273332286&t_domcontent=1634273332313&t_layout=1634273332357&t_onload=1634273332357&t_paint=1634273332357&t_creport=1634273332357&t_tti=1634273332313&lid=7019150513778538830-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.facebook.com/v3.2/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2d806d3ae85514%26domain%3Dwww.1upfun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.1upfun.com%252Ff1d4192c74cc828%26relation%3Dparent.parent&container_width=77&href=https%3A%2F%2Fwww.1upfun.com%2Flink%2F602055%2Fxvid-orx264codecs&layout=button_count&locale=en_US&sdk=joey
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
br
x-content-type-options
nosniff
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com;frame-src *.facebook.com *.fbsbx.com data:;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
no-cache
x-fb-debug
bH4M0sh4xl/6YCKDmJJnx/oas7iEp4HSYgRu5PqD38oMXjLKLqp1EX2rn5sq9Ug5W/VXc3LIm3lZ/1jyLLeYDg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 15 Oct 2021 04:48:52 GMT
strict-transport-security
max-age=15552000; preload
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
image/png
vary
Accept-Encoding
cache-control
private, no-store, no-cache, must-revalidate
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.1upfun.com%2Flink%2F602055%2Fxvid-orx264codecs%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22...
syndication.twitter.com/i/
43 B
375 B
Image
General
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.1upfun.com%2Flink%2F602055%2Fxvid-orx264codecs%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1634273332421%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22fcb1942%3A1632982954711%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.1upfun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 04:48:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
pragma
no-cache
last-modified
Fri, 15 Oct 2021 04:48:52 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
9e8656336e2641b89267fc4c23b69d300da834c4a5c10d21529b48af407e4c3d
x-transaction
129f46f0cb542b20
expires
Tue, 31 Mar 1981 05:00:00 GMT
?type=pidget&guid=iJPaGHcSpNnn&tv=2021082501&event=init&sub=www&button_count=1&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=https%3A%2F%2Fwww.1upfu...
log.pinterest.com/
0
299 B
Image
General
Full URL
https://log.pinterest.com/?type=pidget&guid=iJPaGHcSpNnn&tv=2021082501&event=init&sub=www&button_count=1&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=https%3A%2F%2Fwww.1upfun.com%2Flink%2F602055%2Fxvid-orx264codecs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.1upfun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 04:48:52 GMT
via
1.1 varnish
x-cache
MISS
x-envoy-upstream-service-time
1
x-cache-hits
0
content-length
0
x-served-by
cache-hhn4057-HHN
pragma
no-cache
server
envoy
x-timer
S1634273333.885381,VS0,VE90
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-pinterest-rid
1398424970889668
accept-ranges
bytes
expires
Sat, 01 Jan 2000 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s7.addthis.com
URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Domain
www.facebook.com
URL
https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1634273331859&t_start=1634273331859&t_domcontent=1634273331884&t_layout=1634273331937&t_onload=1634273331937&t_paint=1634273331937&t_creport=1634273331937&t_tti=1634273331884&lid=7019150511120478968-0

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| onbeforexrselect boolean| originAgentCluster function| gtag object| dataLayer function| setCookie function| getCookie function| acceptCookies function| popupPolicy function| toggleMenu object| FB function| $ function| jQuery function| lazyLoad function| isInViewport object| jQuery111004990257183302651 object| google_tag_manager function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto object| addthis_config object| addthis_share object| google_tag_data string| GoogleAnalyticsObject function| ga boolean| __@@##MUH object| gaplugins object| gaGlobal object| gaData object| _atw string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| __callbacks number| len string| passthrough object| __twttrll object| twttr object| __twttr number| PIN_18915 object| oattr object| PIN_1634273331869 string| value string| key object| PinUtils

7 Cookies

Domain/Path Name / Value
www.1upfun.com/ Name: __atuvc
Value: 1%7C41
www.1upfun.com/ Name: __atuvs
Value: 61690833aa3574a7000
.addthis.com/ Name: uvc
Value: 1%7C41
.1upfun.com/ Name: _ga
Value: GA1.2.1517125814.1634273331
.1upfun.com/ Name: _gid
Value: GA1.2.1001769917.1634273331
.1upfun.com/ Name: _gat_gtag_UA_12703824_43
Value: 1
.addthis.com/ Name: loc
Value: MDAwMDBFVURFQkUyMzI1MTkzNDAwNjAwMDBDSA==

1 Console Messages

Source Level URL
Text
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-public.addthis.com
assets.pinterest.com
connect.facebook.net
log.pinterest.com
m.addthis.com
notes.io
platform.twitter.com
s7.addthis.com
syndication.twitter.com
v1.addthisedge.com
widgets.pinterest.com
www.1upfun.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
z.moatads.com
s7.addthis.com
www.facebook.com
104.244.42.72
104.75.88.126
151.101.12.157
151.101.64.84
2.18.235.40
217.20.116.51
2a00:1450:4001:801::2008
2a00:1450:4001:82b::200e
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:54::84
5.175.5.64
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0d2fd5a42a1849ad0d820611e243fd81fe81ee767716b639ff7e88c1e9f78bb6
1d4cd83ccb2495c895dab6bf06d5fde5e2c61877af678f88de90421ebeb1ed7c
3ee8351e156e2e80d99018a585c18c0dbd9098e3bea84a131d8cbad1ec72c81e
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de
40d809eb6b74a78560b133ef005b1fb29ae5626fc38d14a876f42bcc43269762
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
5314561335ec2c202f828be0a317d76eaa2a6139bef4dbd31c8e1509e25dcbd7
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
5de89ff6d4450ba50f06c713a9c2ed62e5e7e174a6b2c821e3470299dc297070
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cb6f4c37f158f75238dd83d881f9de9a5e8699098724525e5a3fe0e3cacd583
6e91e73fa61993cea2208718d670f5ed1161039b2c7c9fe38e21cdbd5d5ab181
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
7344a86278c33baf5b111bbfff4c5c1e17d40b24067d7a5b1160e1a5e7b2e240
75ad585dd9aeca2614593614f6fd317e98b267e6595ffc18e9675e1c744b7a03
778c8bc91659783db3edcb40463addbbed4a31e0f7e35617c7adac90dca05a25
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7f9b2a4d5fae7ef7c38f6f1fd3019489a013454c643cd5ca7121a6e64a02563a
833eadabc576efaa1f67227897ad3635ed4a6563064c89fcec43ca0e9367623a
859adbfc48bb0b06c58fe109db4909585fbca5df398d49185fc0f486bad1ac96
90ecc323dad03e95d9e7d8c151f76c8a176da8400ed8ae37a692a795025b41af
9974fb15155f0f5962e81075b730e602a673d00ad7f329da5049bafabdc0e549
9b8dbc010995cbd4cf770e371f7eab2be26c66a3fb0ce9a1971ba6f93d2c6cc6
9d1b52ebef03b82c3f5ac6e39646955f0bb615d30717884e878400b486c066b5
a8916bb7fd948bf76070d837fcf0a348a22961de58b974cbe6b7137ee3eb9f10
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
ca726d4f497d9e8bf439ca57c6c87868a9acfa87c75aa381136c4aeefdb7d5ea
cb63c5fc39bba6209771d8b8138f71789d500d76302dafd94fe39f0e8e644de4
cfd3099998b0c37ace8024cbd802160585ba9be1c0047fefc172035184f074df
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f924eac92aa3cc4ea64f2891447e8bd3af49e1a5c0bcd04b7356e2f7f1c04c
f9a1a0ac26eaf5b7f6cc7223b5dd4b5f545b5a48fb598c7442e5f76384f1be8c
fca9fbc2b7bad4d08e4b4cfe80420df03b1bfa4cc2988540b4e816cc905bf33f
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd5748b0d990dca7776ed7820e7acc470bcc1856082138a7126833df8440d94d