urlscan.io logo urlscan.io
SecurityTrails logo

upfilesurls.com Open in urlscan Pro
2606:4700:20::681a:98a  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://upfilesurls.com/9bKt1#google_vignette
Effective URL: https://upfilesurls.com/9bKt1
Submission: On June 12 via manual from AR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 40 IPs in 6 countries across 36 domains to perform 146 HTTP transactions. The main IP is 2606:4700:20::681a:98a, located in United States and belongs to CLOUDFLARENET, US. The main domain is upfilesurls.com. The Cisco Umbrella rank of the primary domain is 967455.
TLS certificate: Issued by GTS CA 1P5 on May 27th 2023. Valid for: 3 months.
This is the only time upfilesurls.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 14 2606:4700:20:... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 142.91.159.193 7979 (SERVERS-COM)
5 2600:9000:249... 16509 (AMAZON-02)
14 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
15 2606:4700::68... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
1 37.48.68.71 60781 (LEASEWEB-...)
4 172.64.132.29 13335 (CLOUDFLAR...)
5 52.222.214.78 16509 (AMAZON-02)
4 188.114.96.3 13335 (CLOUDFLAR...)
1 2a03:2880:f17... 32934 (FACEBOOK)
4 6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:225... ()
1 2a02:2638:d::2 44788 (ASN-CRITE...)
1 65.9.66.97 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a04:4e42::485 54113 (FASTLY)
1 34.96.70.87 396982 (GOOGLE-CL...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 2a02:2638:3::c 44788 (ASN-CRITE...)
1 46.137.8.33 16509 (AMAZON-02)
16 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 35.190.39.111 15169 (GOOGLE)
1 141.95.33.111 16276 (OVH)
1 178.250.7.13 44788 (ASN-CRITE...)
2 5 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
5 5 18.156.189.239 16509 (AMAZON-02)
2 2 52.31.121.178 16509 (AMAZON-02)
7 142.250.186.34 15169 (GOOGLE)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
2 2 37.157.5.133 198622 (ADFORM)
1 35.227.252.103 15169 (GOOGLE)
2 2 70.42.32.191 13789 (INTERNAP-...)
1 1 69.173.144.139 26667 (RUBICONPR...)
5 2a00:1450:400... 15169 (GOOGLE)
146 40
14    2606:4700:20::681a:98a (United States)

ASN13335 (CLOUDFLARENET, US)
upfilesurls.com
1    2606:4700:3031::6815:480c (United States)

ASN13335 (CLOUDFLARENET, US)
upfiles.com
1    142.91.159.193 (Netherlands)

ASN7979 (SERVERS-COM, US)
cschyogh.com
5    2600:9000:2491:3e00:0:2146:f680:21 (United States)

ASN16509 (AMAZON-02, US)
d18kg2zy9x3t96.cloudfront.net
14    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
cdntechone.com
15    2606:4700::6810:8516 (United States)

ASN13335 (CLOUDFLARENET, US)
live.demand.supply
5    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    37.48.68.71 (Amsterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
datatechone.com
4    172.64.132.29 (United States)

ASN13335 (CLOUDFLARENET, US)
pogothere.xyz
5    52.222.214.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-78.fra56.r.cloudfront.net
apptquitesouse.com
4    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
appyrinceas.com
1    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
6    2a00:1450:4001:801::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
1    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.recaptcha.net
10    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2600:9000:2250:c400:a:e047:753:be1 (United States)

ASN- ()
cdn.prod.uidapi.com
1    2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-97.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
2    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
62c2d0d2b6738ce73d21cf63dc9564ef.safeframe.googlesyndication.com
2    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    46.137.8.33 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-46-137-8-33.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
16    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com
esp.rtbhouse.com
1    141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu
id5-sync.com
1    178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
5    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
5    18.156.189.239 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-189-239.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    52.31.121.178 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-121-178.eu-west-1.compute.amazonaws.com
ads.avct.cloud
7    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
cm.g.doubleclick.net
1    2a05:d018:d29:3601:6b04:f2d6:9b64:eb08 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    37.157.5.133 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
2    70.42.32.191 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
5    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
Apex Domain
Subdomains		 Transfer
28 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 127
62c2d0d2b6738ce73d21cf63dc9564ef.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 154
155 KB
24 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
googleads.g.doubleclick.net — Cisco Umbrella Rank: 54
cm.g.doubleclick.net — Cisco Umbrella Rank: 248
264 KB
15 demand.supply
live.demand.supply — Cisco Umbrella Rank: 41537
35 KB
14 upfilesurls.com
upfilesurls.com — Cisco Umbrella Rank: 967455
377 KB
13 google.com
accounts.google.com — Cisco Umbrella Rank: 56
adservice.google.com — Cisco Umbrella Rank: 106
www.google.com — Cisco Umbrella Rank: 3
5 KB
9 gstatic.com
fonts.gstatic.com
www.gstatic.com
297 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 388
110 KB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 356
3 KB
5 apptquitesouse.com
apptquitesouse.com
6 KB
5 cloudfront.net
d18kg2zy9x3t96.cloudfront.net
229 KB
4 appyrinceas.com
appyrinceas.com
1 KB
4 pogothere.xyz
pogothere.xyz — Cisco Umbrella Rank: 26048
202 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
5 KB
3 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 413
mug.criteo.com — Cisco Umbrella Rank: 2161
7 KB
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 569
1 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 626
1 KB
2 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 4430
1 KB
2 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 1513
335 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
110 KB
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 785
id5-sync.com — Cisco Umbrella Rank: 427
18 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1009
bcp.crwdcntrl.net — Cisco Umbrella Rank: 948
12 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 57
21 KB
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 375
456 B
1 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1149
245 B
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 454
713 B
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 1396
2 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 377
877 B
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 562
13 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 1424
2 KB
1 recaptcha.net
www.recaptcha.net — Cisco Umbrella Rank: 1939
901 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 102
1 datatechone.com
datatechone.com — Cisco Umbrella Rank: 28511
468 B
1 cdntechone.com
cdntechone.com — Cisco Umbrella Rank: 48405
8 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 75
48 KB
1 cschyogh.com
cschyogh.com
1 KB
1 upfiles.com
upfiles.com — Cisco Umbrella Rank: 996021
1 KB
146 36
Domain Requested by
16 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
upfilesurls.com
62c2d0d2b6738ce73d21cf63dc9564ef.safeframe.googlesyndication.com
cdn.ampproject.org
15 live.demand.supply upfilesurls.com
live.demand.supply
client
14 securepubads.g.doubleclick.net upfilesurls.com
securepubads.g.doubleclick.net
www.googletagservices.com
14 upfilesurls.com 3 redirects upfilesurls.com
10 pagead2.googlesyndication.com upfilesurls.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
7 cm.g.doubleclick.net 62c2d0d2b6738ce73d21cf63dc9564ef.safeframe.googlesyndication.com
6 accounts.google.com 4 redirects upfilesurls.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 x.bidswitch.net 5 redirects
5 www.google.com 2 redirects tpc.googlesyndication.com
upfilesurls.com
5 apptquitesouse.com d18kg2zy9x3t96.cloudfront.net
5 fonts.gstatic.com fonts.googleapis.com
5 d18kg2zy9x3t96.cloudfront.net upfilesurls.com
apptquitesouse.com
4 www.gstatic.com www.recaptcha.net
upfilesurls.com
62c2d0d2b6738ce73d21cf63dc9564ef.safeframe.googlesyndication.com
4 appyrinceas.com upfilesurls.com
4 pogothere.xyz d18kg2zy9x3t96.cloudfront.net
4 fonts.googleapis.com upfilesurls.com
62c2d0d2b6738ce73d21cf63dc9564ef.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
3 googleads.g.doubleclick.net upfilesurls.com
62c2d0d2b6738ce73d21cf63dc9564ef.safeframe.googlesyndication.com
2 b1sync.zemanta.com 2 redirects
2 c1.adform.net 2 redirects
2 ads.avct.cloud 2 redirects
2 esp.rtbhouse.com invstatic101.creativecdn.com
2 www.googletagservices.com securepubads.g.doubleclick.net
upfilesurls.com
2 gum.criteo.com 1 redirects static.criteo.net
2 62c2d0d2b6738ce73d21cf63dc9564ef.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 adservice.google.com securepubads.g.doubleclick.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 pixel.rubiconproject.com 1 redirects
1 rtb.openx.net 62c2d0d2b6738ce73d21cf63dc9564ef.safeframe.googlesyndication.com
1 pr-bh.ybp.yahoo.com 1 redirects
1 mug.criteo.com upfilesurls.com
1 id5-sync.com cdn.id5-sync.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 www.recaptcha.net upfilesurls.com
1 www.facebook.com upfilesurls.com
1 datatechone.com cdntechone.com
1 cdntechone.com upfilesurls.com
1 www.googletagmanager.com upfilesurls.com
1 cschyogh.com upfilesurls.com
1 upfiles.com 1 redirects
146 46

This site contains links to these domains. Also see Links.

Domain
upfiles.com
sulvo.com
Subject Issuer Validity Valid
upfilesurls.com
GTS CA 1P5		 2023-05-27 -
2023-08-25		 3 months crt.sh
cschyogh.com
R3		 2023-05-19 -
2023-08-17		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-01-26 -
2024-01-25		 a year crt.sh
demand.supply
Cloudflare Inc ECC CA-3		 2023-02-19 -
2024-02-19		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
datatechone.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-18 -
2023-12-24		 a year crt.sh
apptquitesouse.com
Amazon RSA 2048 M02		 2023-06-01 -
2024-06-29		 a year crt.sh
appyrinceas.com
GTS CA 1P5		 2023-06-01 -
2023-08-30		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-03-22 -
2023-06-20		 3 months crt.sh
misc.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
cdn.prod.uidapi.com
R3		 2023-05-18 -
2023-08-16		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-27 -
2023-08-27		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-04-28 -
2023-07-28		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-12 -
2023-08-10		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
esp.rtbhouse.com
GTS CA 1D4		 2023-05-17 -
2023-08-15		 3 months crt.sh
*.id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh

This page contains 17 frames:

Primary Page: https://upfilesurls.com/9bKt1
Frame ID: 7B3E93FFA9D3114CB0C5A1214F8802C7
Requests: 81 HTTP requests in this frame

Frame: https://apptquitesouse.com/eWNYUlEYATs/bhheOnQkCw9ld2M/RmoUNUhbMzVjAxphKmINWm58MhUMLTY3Cww2Jn8XBix3Yz9aDgYbSy41JWMhMTAHBAAlOhc2QDUBNSExIWlrKy4iDjYQEDYIFhQaIToKFAAiPxMzKDUaFRcTJggAOSgiFhQmKydoPSYhIQ0CCSEtDBc9OzEBAAA6Mj8fdEshHCpgHSUbHAA7DxUeHUgPCQAmSAwAKj0wIQw+ND8bPDcUDgcBEzoVDRk+ZD8hDCYGPjYNNDI4IR8KExEUGRcIPTsQIRIsFB0nMjghHwAALFQaFxghOyAxCSsiEQcIDjk+FGBMDw0lfCMgGRYTPyZpExkpJgIGEDoTPxMEPAAAYBwhMRkYFCkPNxEJDiEvExUsOwA/BxwraTkbGiIaFQcoCGoFAxIBCwUyOiUOPTQ2D2AGF0hXDBNhGiQJPwQaMi8ENyAhIBoQFRMvExQjIRwGHy0hHiYbI1AKFhAvF28TBDg2HwU2PUUyIT4XE2UoJBRbGxZhFS0r
Frame ID: 894D28A92572DEC32BD9DD32198582E6
Requests: 2 HTTP requests in this frame

Frame: https://apptquitesouse.com/cUFkQ1AQIwcubxB8BmUlAy1ZZmI3ZFYFNEB5DyRiCzhdO2MFeFJtMx0uESc2Ay4KN34fJBBmYjcwMy8SRA8JIGUhOQASBzJ1UQsBBSQGFAIhAyINaD4mFBkTIjEQBCcwcSopYFRzJhcRASgAJGE8AFYnNylwCwQeNSUhBhE4cSlzATkQMDBgNjYQFzYyEC4UAQkvKzsKPgQwJDc2ByEnHSkYKRVhHnI0NB4XAh4aKCkANSsyQnQuBmEnMAECZRcCMHd1QwcgKAYyICMCCCAqLiwJNCYjEAcBcDctAjIgIwIfKTYIMAo3NiIJCEgoNxZlIyMKLzMzBwd0GTBsCCIRGHFVBGFBDigtBj0iIgkgK3AHBQUpeA0QAkUMKSoBJBYPCT80cBMGBgsYUQY8PwIFBBEUFBMSKCFwJRcGJi4eBgUgCCo5BhIDJwUiKBRUGgZCEwgXNycSAAQWOwAhCT8oABQbESUyDQYSPxcsBAY6ADEvICstXQcHHDJCKSMeLxR+MkcSCC4XCyxc
Frame ID: 4DA4ED573B3DE8488271C39DDE7DDF76
Requests: 2 HTTP requests in this frame

Frame: https://apptquitesouse.com/U2U3Z1MyB1QKbDJYVUEmIQkKQmEVQAUhN2JdXABhKRwOH2AnXAFJMD8KQgM1IQpZE309AENCYRUnZjIJHTRNIjoYNnoLFzkwQSwLZyxSPxlqBmY9PR8hAxQLKSMALisFJHUeazQjbzYWFhJAJgE+Bk4pKjAoVDASOyxbXz42V0QKCyovAAEUBTR9NAEkAU8EYxlWdhILORZBLgBqNG0vAh8BX14rClYOHRQHPEEuKjcAeQ0FPAZmIiUeCF8fEgsnBT5gHjBUAAE8BmYiYR8ceVYRBDcGI2EKIVQzZmQBTw84Ny0HDgIHIEYsFwEwfh5jOCtPNSkSLRoPJBEIDlY2YTxzBARnCHxXBiAuWg8rMAhlVzUAXG4sOh0KVDYWPixOUzwLCF8NNWArZCwHAgx7CwE4AXYTKhItYQg1BFVyAz0FUVU2ESsGcA8rEjF+CRgqL3MsFB1ABSERAjdOBAQdEnVVMCkGfy51ORZYCSNuC2EWFToIYSIWBiR0EA
Frame ID: FABCBA98D223DEF2DCC764A183C7E1BD
Requests: 2 HTTP requests in this frame

Frame: https://upfilesurls.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6cdb09c9/invisible.js
Frame ID: 7B87700E2A69A2D7B12EA33C9A670C89
Requests: 2 HTTP requests in this frame

Frame: https://62c2d0d2b6738ce73d21cf63dc9564ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 198D9A7280EBC862AE01113C6F88A08C
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=upfilesurls.com
Frame ID: A89BC6C7E83BFB931023606C3949EB07
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst5QJSnexW3UJ00XLv_RC-JI54mxh7XSsybfvTh96Hh8MtB0fB-Z-TV2KZqiz6d07kayDHi_8D3DSJaSqMTu7ZUYZo0MhMnT24u7HW7H0uY0WKH3eBfgTncQBdcFMeNaE63KowmUnd042FYdf03ZEzJdSdqdWhskCl-zOxdD1_pINZ_iVOlzC8h9jG0PRfoV90ySorsOTT6-jSFg_C0Pgcs6E0ceEU0z0TqY_xpA4ymvCJNoEkqtqkp4SNjn3UbWe4IePlVnZ3CV3u1VRECjx7zaAugCUjSk0JqXSGH8D593G911NP_WOJbVKsjqztC-BUSIHrP-g7m9PUV0zK-90VEUerBhJAj9A&sai=AMfl-YRZ_56uYINEFA_7TuET_bUpf5zdofjLB6KxjUDYjcFE8iUPS98TdzkN22kIuFOfshMvyH7EStGjiox0IMj3OL30Oqj2bdDyeLTauYECS-lvAsEINme0ZO8KEFUMiZtZ8Y5PT0qof0-plgiovq4&sig=Cg0ArKJSzN2-wawf8tq4EAE&uach_m=[UACH]&adurl=
Frame ID: B76D44D2C78C864B804E644A02F7C643
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BF5AABCEE93E4A7C62CF376472C82F40
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BDA195992103E4B42F1C1E20E0E46B26
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv23xyZrIOKxPJLoQ1OR8VQA5tUKpAsJw7lFmhKefZcN0aSjiVeDAto3KSSVP36CmlC-c010ZDMBU9qHHI1pOKCFZxu3OK4IL2JVqHKzWxXCnZ52KJ9NsNJcNvSn5OuM_F_Hr8sZk8icfDNKSzzCUxRgdyilMg2WoytBNynKM4-1XLLhkt-rDFgCPOi0i67QeeeGmDrIw6BH6k83GYrMphf42tMsFi8bPC7SQxmOrnEgEpimnMmtuxqq-9YAjcaa4I_AltePR7Z-uAJo2kDdRIGci8eN7n4iogjDZEIDDS0VfzKbuCxivsUXLwktmHO3MTYlfUjiwI4hdOiwP8MQgnhbvTDY8ajAZwJntEmgOM5a0hh_et26UZioLsO67wH9Z7wx8eX--FjT2E5Iw&sai=AMfl-YSibi7NA7-NW9jlEzju5Yn7YiAdlN046rvZ3_3EfuRhr6b2cdSOmhqCZs77U_JrQBcik0E9XxR-Ha7yS9z2i9w1COI9_GLBsyqzvjkmTUFx6sfU5WqijySDm2soPw&sig=Cg0ArKJSzAg0X5afKv0BEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 7C3745FDDD5F086EB5D9580F09CE0A6E
Requests: 2 HTTP requests in this frame

Frame: https://62c2d0d2b6738ce73d21cf63dc9564ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E7F99C44357FAC1DFFBC87B3EA7E6602
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 8748716BA166283364319BC04C975775
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5BEADBB5A1AF327FD9F43D16126CC06E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 637B20214A12ECA7DF4C217329DDEAA8
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/_gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js
Frame ID: 5E9BA4433C9B9B109FA274DD8B96FC61
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012305221508000/amp4ads-v0.mjs
Frame ID: 228E01920937DC86225A6CF523AFB4C8
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

VID_102011224_172158_693.mp4

Page URL History Show full URLs

  1. https://upfilesurls.com/9bKt1 HTTP 302
    https://upfiles.com/authenticate/9bKt1 HTTP 302
    https://upfilesurls.com/9bKt1?auth=eyJpdiI6IjJlNmZUdjVMVzJYWkNBZVJoSEpVUHc9PSIsInZhbHVlIjoiT3M4WUlLa... HTTP 302
    https://upfilesurls.com/9bKt1 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

146
Requests

91 %
HTTPS

61 %
IPv6

36
Domains

46
Subdomains

40
IPs

6
Countries

1923 kB
Transfer

5189 kB
Size

29
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://upfilesurls.com/9bKt1 HTTP 302
    https://upfiles.com/authenticate/9bKt1 HTTP 302
    https://upfilesurls.com/9bKt1?auth=eyJpdiI6IjJlNmZUdjVMVzJYWkNBZVJoSEpVUHc9PSIsInZhbHVlIjoiT3M4WUlLam1BdHZSYTVkZU5uV294Zz09IiwibWFjIjoiZmVmNGY5ZTZlZDBjZDA0MjIyOWQ2YjBlYjEyYzgwNjdhZTE1ZmY2ZmNlOTYzYzkwM2M0Y2YxNDQ3ODhkMTE2MyIsInRhZyI6IiJ9 HTTP 302
    https://upfilesurls.com/9bKt1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&ffgf=1&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneHYmfDE_yzT2bO0_K6yqC2j_vJiav6xA2fi9TD9g7tiVbMJVTvMjuEhBDJyPg1QdWs8juEYzQ HTTP 302
  • https://accounts.google.com/v3/signin/identifier?dsh=S654389273%3A1686613268496488&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&ffgf=1&hl=en&ifkv=Af_xneHUAw6WaLZNB2QBbkJc8I3Ya1TNLVV8Fv_nmeWm1UNtvz1XRZdhBiwJ3C4JTaCkZ_zSPuiv3g&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Request Chain 30
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&ffgf=1&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneFcgV7JKrmZTFXKljDpzY_Ibjdu8G6xrCd7jEHtpaqAAFFFaDWmmbWP10sWrJ2EG55WTCKK0Q HTTP 302
  • https://accounts.google.com/v3/signin/identifier?dsh=S34184187%3A1686613268537837&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&ffgf=1&hl=en&ifkv=Af_xneE-pWQYyBtUQNmxcDaMuW20znOa9q5v2-3LQl655rHlZJE8JAqTILe3XBUC4XCWwVGmTsaIEw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Request Chain 47
  • https://upfilesurls.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
  • https://upfilesurls.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6cdb09c9/invisible.js
Request Chain 84
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=upfilesurls.com&sn=ChromeSyncframe&so=0&topUrl=upfilesurls.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=2YDBcnxiNUVmd0Q0b25rUGFRbnZMcnFPZ09hNHUwcnlRclNtRGYxV0xzTGlIejBWNjRnMHdXaGNSVXJ5VVNUYnFnZzFKNWpIOVZvem5HVm54TWRwcFZLSjV4d0IwUUNQQ2Rtd3NPMHdRQVFlSjVudFF6b2t1WVRRK0dYbm9UTVc1ZEU5SkVJZUQxaWV0OTFaeFdBUUNCUnJOWDBQZU9WY2s1R1lZdWJRdXRqbStnUy9XMFJMY01ITCtBVFBDSk91Yjd5RFEvbWp4ZDNJZ3BvZ1hXWUZpb256UnVMSXREZS9iVUNYQnRyOUVWQ3ZxZ0U3bVlERWpybVJicHgwTTRqRmtwUXJRUXlEQmtNZndxZkpCOXB4TGt6QWk0Yk16aUlwaDF4QVpSMXczOG9pQ256ND18&cppv=2
Request Chain 115
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEP3WVeC3c_8OMSGfsueLSDQ&google_cver=1&google_push=ATf1kGN3SYDRD0CMM-_Qypsro-ZP7-EGJpgoLD8W43_VjGW_5sRwLaADBVLWOhAex9SG9DMSeiKds-3qIwT2nAPybtC9Dg3A873b HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEP3WVeC3c_8OMSGfsueLSDQ&google_cver=1&google_push=ATf1kGN3SYDRD0CMM-_Qypsro-ZP7-EGJpgoLD8W43_VjGW_5sRwLaADBVLWOhAex9SG9DMSeiKds-3qIwT2nAPybtC9Dg3A873b HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=8deb0eea-9d78-46a9-8133-a8e388aae723&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGN3SYDRD0CMM-_Qypsro-ZP7-EGJpgoLD8W43_VjGW_5sRwLaADBVLWOhAex9SG9DMSeiKds-3qIwT2nAPybtC9Dg3A873b&google_hm=ICspPG-gTu680tpaXvsrpw==
Request Chain 116
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELa_vQ9-HBlACf3KLCU0ZbQ&google_cver=1&google_push=ATf1kGM19EyvXuCBdqMjdAi0ZPbFHhQybEMxlyOecLiXT_1D5FhM3t8gI2fesp3nBpyyJ9oI1t3HsnuLZWbrdLHgHpNeDmB743iZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGM19EyvXuCBdqMjdAi0ZPbFHhQybEMxlyOecLiXT_1D5FhM3t8gI2fesp3nBpyyJ9oI1t3HsnuLZWbrdLHgHpNeDmB743iZ&google_hm=eS00MjRVM25ORTJwSFNnLnBNTXdjLm84UXRQV09JYWFfTX5B
Request Chain 117
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJ8v0wiZ65oJUl02bjp5NLU&google_cver=1&google_push=ATf1kGPiiL7beWSZBUUyd6kKlpj4WMciq9fYDAV65y_BuQL3AEkYX38TKU7VL0cvYDpHqL951GD5ZxLbDh_n6NC92CLpTEHbVu4 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJ8v0wiZ65oJUl02bjp5NLU&google_cver=1&google_push=ATf1kGPiiL7beWSZBUUyd6kKlpj4WMciq9fYDAV65y_BuQL3AEkYX38TKU7VL0cvYDpHqL951GD5ZxLbDh_n6NC92CLpTEHbVu4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjAwMTQzMzg5OTAyODg5NjQ5Nw&google_push=ATf1kGPiiL7beWSZBUUyd6kKlpj4WMciq9fYDAV65y_BuQL3AEkYX38TKU7VL0cvYDpHqL951GD5ZxLbDh_n6NC92CLpTEHbVu4
Request Chain 119
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEN_WD-x60v7Ib7069fr-8PI&google_cver=1&google_push=ATf1kGOxirRtew7dFYyvGtOXfKBO6mpAS4b5m6BCgAh8uP5Wk1iePGE01-FNCROh6E44Pod_J3vxYQRJEM2eODuTOgnRi4TAgqcz HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEN_WD-x60v7Ib7069fr-8PI&google_push=ATf1kGOxirRtew7dFYyvGtOXfKBO6mpAS4b5m6BCgAh8uP5Wk1iePGE01-FNCROh6E44Pod_J3vxYQRJEM2eODuTOgnRi4TAgqcz&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ATf1kGOxirRtew7dFYyvGtOXfKBO6mpAS4b5m6BCgAh8uP5Wk1iePGE01-FNCROh6E44Pod_J3vxYQRJEM2eODuTOgnRi4TAgqcz&google_hm=d1p3bWRNeXQ0M1hFVzloV0hpcXc=
Request Chain 120
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENh00PxO5TS7qOUBD188QOY&google_cver=1&google_push=ATf1kGO6cvOglLASOTrePmiZO_p-hoZY8Ifss4IkNSOCKVEK_Y3YV99_bl5jWhHkQj18YYTFQpfFfgeutsH_tYY3yowxaalIt_Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElUSFpSVjMtTy1HWEVO&google_push=ATf1kGO6cvOglLASOTrePmiZO_p-hoZY8Ifss4IkNSOCKVEK_Y3YV99_bl5jWhHkQj18YYTFQpfFfgeutsH_tYY3yowxaalIt_Q
Request Chain 121
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESELyjB5_ZLcZtqyhbFIcmm9M&google_cver=1&google_push=ATf1kGNN16aHwM2L4cAaa2oAqOTVmCgrSVVawl1ApvUAxjeQiGA6LYmBUcq4CAegrAlzEaHnUu0-v6rnzWnYTja3mPWXs39FtvMI HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESELyjB5_ZLcZtqyhbFIcmm9M&google_cver=1&google_push=ATf1kGNN16aHwM2L4cAaa2oAqOTVmCgrSVVawl1ApvUAxjeQiGA6LYmBUcq4CAegrAlzEaHnUu0-v6rnzWnYTja3mPWXs39FtvMI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=202b293c-6fa0-4eee-bcd2-da5a5efb2ba7&%%GOOGLE_PUSH_PAIR%%
Request Chain 123
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 144
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

146 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 9bKt1
upfilesurls.com/
Redirect Chain
  • https://upfilesurls.com/9bKt1
  • https://upfiles.com/authenticate/9bKt1
  • https://upfilesurls.com/9bKt1?auth=eyJpdiI6IjJlNmZUdjVMVzJYWkNBZVJoSEpVUHc9PSIsInZhbHVlIjoiT3M4WUlLam1BdHZSYTVkZU5uV294Zz09IiwibWFjIjoiZmVmNGY5ZTZlZDBjZDA0MjIyOWQ2YjBlYjEyYzgwNjdhZTE1ZmY2ZmNlOTYzYz...
  • https://upfilesurls.com/9bKt1
91 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://upfilesurls.com/9bKt1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:98a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eda0b54603aae268407b3b35ddda6fc094d8de73f3772f4cf9cf2583522be3ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7d65f15b7f7403e4-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 12 Jun 2023 23:41:07 GMT
expires
-1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yhfkx%2FgmGIBpkjzG%2FnvTYXTGaRPUM4unAUjlk92xSgXZLOFeeY6mCOdImwFr8muIakMBHtcDvHM1JFa69DZuh4i2VtYyB6ODWTml2eYUNBT7ea4uLMrcqCRPISjxYfOiM3YUnxImq0%2Fk49ZFlA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

cache-control
private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7d65f15b2f4303e4-FRA
content-type
text/html; charset=UTF-8
date
Mon, 12 Jun 2023 23:41:07 GMT
expires
-1
location
https://upfilesurls.com/9bKt1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4yyC5dIvs%2BPlHQxb%2F2dUvWBwPhPIoj2u7ktGzqcItjvjqwUGY5c8O97EryoBuGxlke%2FCKb3R6qdjm9%2FBITUTWEd0c6pfSyl8XGSNTrygaN%2FjD0JWSFItKGtmp2I3uMikqPDEfpW%2FKnKic4k%2BiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
frontend.css
upfilesurls.com/css/ 		255 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://upfilesurls.com/css/frontend.css?id=2396ffb76e738e465b53
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/9bKt1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:98a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e51161fcc5b2c4b90c3381e517152eb275d52a6c288954e502479d7421386240
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/9bKt1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 23:41:08 GMT
strict-transport-security
max-age=31536000, max-age=31536000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14630936
content-encoding
br
cf-bgj
minify
last-modified
Wed, 21 Dec 2022 18:47:00 GMT
server
cloudflare
etag
W/"63a354a4-3f918"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cGpTC3iea0rpqQFiovPuEaZcvwwpsJeMAD67aECt%2FhW1kipcH43J8haRhOmUlTKbujkKd1rqTcvtEQeHGCTsAXJL9Sre20P7hvsu7ZndX%2BvbHyVgq0W1kjGzvD1wQGbmudFSGXCdzO0nT%2BP%2B9w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
7d65f15cf84a03e4-FRA
logo.svg
upfilesurls.com/img/ 		22 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upfilesurls.com/img/logo.svg
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/9bKt1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:98a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d526da1f4d4af45cefd2a0d140abec2beddc3150d13c47d3de893eaa278a369d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/9bKt1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 23:41:07 GMT
strict-transport-security
max-age=31536000, max-age=31536000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1670489
content-encoding
br
last-modified
Fri, 08 Apr 2022 10:55:45 GMT
server
cloudflare
etag
W/"625014b1-56e8"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mUeTsc%2Bpb0nlom1xPBUIi28zj1lyEi0cjblOHeC6qalfMtnWvRIFIdzs4vHLshgcKUhxKREJ6DpnBjPBo85q1FlrvPP1P%2FK%2B3uzw8KRvfO0RkIQi71L2pKQyRIW7fYWZ2ga5tBOTrMpFoeEhtw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
vary
Accept-Encoding
cache-control
max-age=14400
cf-ray
7d65f15cf84b03e4-FRA
menu.svg
upfilesurls.com/img/ 		2 KB
761 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upfilesurls.com/img/menu.svg
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/9bKt1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:98a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d3e6705b468cecdd78fb9a1ee6688d60e1d2c1caa0db7baa88db460315dccea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/9bKt1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 23:41:08 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2023 16:39:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1670489
etag
W/"63d009ce-72e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oJZXdstrHQDuQlxONiOKQmmPGjAv21tiREvM262KWM6nwOFB6A6fBvAUZvAQtKupaksr6h69OmkUI%2FC9WmemQE3TGZLqC%2FlXupcF%2BLBFkcS3t%2BVeYg0bwNuUarC1Z9RLXBJajQ2uRiLMPGjClA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=2592000
cf-ray
7d65f15d789203e4-FRA
34742
cschyogh.com/1clkn/ 		0
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cschyogh.com/1clkn/34742
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/9bKt1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
142.91.159.193 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Mon, 12 Jun 2023 23:41:08 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=1
Server
nginx
Accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Keep-Alive
timeout=20
/
d18kg2zy9x3t96.cloudfront.net/ 		349 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d18kg2zy9x3t96.cloudfront.net/?yzgkd=978153
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/9bKt1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:3e00:0:2146:f680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e1ad708a5b6bbf41a0b6a91fdd7a4f80fba69d1779497f5fd642154d1e819bad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 23:41:08 GMT
content-encoding
gzip
via
1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length
115439
x-amz-cf-id
zCKNpUlyHEGShfsQgrWGyR5CmEIl0Khfc7XWNBDEQ5kcUPSBDWrRkw==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		76 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/9bKt1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6739a8422451bb01cddb0269107622fa0d2514a39b224090b7bf7b53693c6ec9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 23:41:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25304
x-xss-protection
0
server
cafe
etag
3 / 19520 / m202306060101 / config-hash: 10374218712375929169
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 12 Jun 2023 23:41:08 GMT
faqs-image.svg
upfilesurls.com/img/ 		37 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upfilesurls.com/img/faqs-image.svg
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/9bKt1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:98a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a717285429d468fadc4d25179fc6feb49e6335f3af1675fb6be1cb50e7e8322
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/9bKt1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 23:41:08 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 13 Jan 2023 13:29:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2117779
etag
W/"63c15cbf-95fb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ROYC6lOGxa7IA9Qs8ivcZO8a9EAudKM9jwuKFCU8cW1%2FvsVgzpUP5sFN9uRc5GE7Se8tYYo92VgLHHp13V4q9aCPwIytVNbACH%2BuZllo7yC2EmMMUb3YjJfU6BpDqXmG7mPWaWZRVi1k705gg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=2592000
cf-ray
7d65f15d789303e4-FRA
plane.svg
upfilesurls.com/img/ 		684 B
718 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upfilesurls.com/img/plane.svg
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/9bKt1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:98a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d454583aa343d4c8aa4e42c0876b20e60c20c0b89284e4ef0c662d0426c18254

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/9bKt1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 23:41:08 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 13 Jan 2023 13:29:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1670489
etag
W/"63c15cbf-2ac"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IW4q5ObGTcs5N9ZZcQieDznz8lkxZ123z6anRDye7BpstHTaQdu2%2FNDJJojsfRaZ9ZKF0aFidBuDExjTY4aD%2BDnvy4SX9hQbguuWosnhEC3H8yWLRLhDNM55PHfgTr7yWc0nGzh34EuewieGvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=2592000
cf-ray
7d65f15d789503e4-FRA
ads.js
upfilesurls.com/js/ 		2 KB
1021 B 		Script
General
Check archive.org
Download Go to
Full URL
https://upfilesurls.com/js/ads.js
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/9bKt1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:98a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a6496c9ba51de9268160abd403069b72cbf8a70bec8c61f3df9f0fd119aa953
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/9bKt1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 23:41:08 GMT
strict-transport-security
max-age=31536000, max-age=31536000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14630807
content-encoding
br
cf-bgj
minify
last-modified
Thu, 22 Dec 2022 14:10:31 GMT
server
cloudflare
etag
W/"63a46557-605"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3sq1kkZyE5D4xypUT4Up8waNaMa6ey1SlRnHn49GMNFDHcpMpne9POL3Ah1c2hbq41vaBhIgSC7mbYU3%2FiSmEqz64MKdEXDQsSkHRaxATJ1sB0b%2BqQ0%2Bz7riaVE0L0ZHbvLz%2FqU4xiv6OR6zHw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
7d65f15d185a03e4-FRA
frontend.js
upfilesurls.com/js/ 		958 KB
262 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://upfilesurls.com/js/frontend.js?id=88f283c744d8a6e43cfb
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/9bKt1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:98a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e87e0991dcfaa2c7b015d284d8b5d872363eb52af458b63c8449351b4b24612f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/9bKt1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 23:41:08 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
13435384
cf-polished
origSize=980842
cf-bgj
minify
last-modified
Sun, 08 Jan 2023 11:38:01 GMT
server
cloudflare
etag
W/"63baab19-ef76a"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x4gmNzOFrdbZTuSO6oFM8zmq62fB5cyOgljY4WJ5Z05l%2BMlT2Mt5kADeNzr2c53LMjLC%2BtNbNeHqkIvA8lcsuG14e9HC%2FKVXi00gwC4XG2Y1L7ZLSxE2SRcSewdEkv7UZwfmf7IrEqyRaU711w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
7d65f15d588603e4-FRA
js
www.googletagmanager.com/gtag/ 		124 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-197252557-1
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/9bKt1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bce03d0908d778d3f9f719737780321e23acda2efe4f0eb880c86b2b26e61265
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 23:41:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49224
x-xss-protection
0
last-modified
Mon, 12 Jun 2023 22:36:57 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 12 Jun 2023 23:41:08 GMT
css2
fonts.googleapis.com/ 		18 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/css/frontend.css?id=2396ffb76e738e465b53
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
33613d442dd3f6abef01c9bee884b9aa828f42820ee62da8b86ad5a9ea7f58f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 12 Jun 2023 23:41:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 12 Jun 2023 23:41:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Jun 2023 23:41:08 GMT
stattag.js
cdntechone.com/ 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdntechone.com/stattag.js
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/9bKt1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
456e420aecd5ac679cc2bcb33daf7c063f54894fd076e99e05c06629234d3378

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 23:41:08 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 19 May 2023 08:43:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6500
etag
W/"646736c9-4859"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WVo%2BheaoVELc1pX3jRy1EDbCakkkPLYD%2FL7epapaRsuDiAXxKGUpR4sZMxFrb%2BXVw4VcmSdoKkFyT7UwRT1hnjsN7Cl4Ou4CpAZdjai4hYsyGTZQzlIYsSB4xT8k7Dt2R9QDgvcnt9d7pERHYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7d65f15da8c9bbc1-FRA
link
<https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
alt-svc
h3=":443"; ma=86400
up.js
live.demand.supply/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/up.js
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/9bKt1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cea79cbcc09eac1a61250d33ad406ef05353595f265fce43dabc4d7b1bf08b15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-nf-request-id
01H2GKCJMFJBYR7XD65W3EM9M8
date
Mon, 12 Jun 2023 23:41:08 GMT
content-encoding
br
cf-cache-status
HIT
age
997
cf-polished
origSize=4393
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"90fc71bb5b872f8729d25ed2c282f69d-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray
7d65f15dbfed195e-FRA
link
<https://live.demand.supply/impl.v16.15.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v16-10-0/dXBmaWxlc3VybHMuY29tLw==>; rel=preload; as=script
timing-allow-origin
*
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://upfilesurls.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Fri, 09 Jun 2023 15:40:37 GMT
x-content-type-options
nosniff
age
288031
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37924
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:54:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 08 Jun 2024 15:40:37 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://upfilesurls.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 17:04:15 GMT
x-content-type-options
nosniff
age
196613
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 09 Jun 2024 17:04:15 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://upfilesurls.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 03:30:27 GMT
x-content-type-options
nosniff
age
245441
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 09 Jun 2024 03:30:27 GMT
add
datatechone.com/log/ 		2 B
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://datatechone.com/log/add?cid=099bff94-57af-4b2b-a42c-300c65c51697
Requested by
Host: cdntechone.com
URL: https://cdntechone.com/stattag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://upfilesurls.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 12 Jun 2023 23:41:08 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://upfilesurls.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
2
asd100.bin
pogothere.xyz/ 		100 KB
101 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/asd100.bin
Requested by
Host: d18kg2zy9x3t96.cloudfront.net
URL: https://d18kg2zy9x3t96.cloudfront.net/?yzgkd=978153
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.132.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 23:41:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5347
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 12 Jun 2023 22:12:01 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://upfilesurls.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rzzeZ%2Bxu508GIcdLrGvwSlZPclEz9Wcj2SQsyuvP6rKLHBEkUYWmaX9iy0V15UZ%2FIl85DyDwFdFR6MvSFLnMzdVPDZqmTco8K3owLDXMN23IXhT%2FpQ6MlkRPzZc7LDTM"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
7d65f15ebdbd3a78-FRA
access-control-allow-headers
X-Requested-With, content-type
/
pogothere.xyz/ 		26 B
371 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/
Requested by
Host: d18kg2zy9x3t96.cloudfront.net
URL: https://d18kg2zy9x3t96.cloudfront.net/?yzgkd=978153
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.132.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ab38cf2e016d9820ffdb2b9d2f600b268d7b60d60aa0061e83aedc825ea6670

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 23:41:08 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6hv8Yb7xL4JTgbCaMgyInVrOx0OJGEB0ujtWcEVkTyVyBgqK45xuo8%2F1HDIleYYH7wbwJyO0jWHzSUFtr81rvURadTXlkLIYKZQ66dkH%2FkD3wLpFq%2FX3MPCrq6YLrX0N"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
https://upfilesurls.com
content-type
text/plain
access-control-allow-credentials
true
cf-ray
7d65f15ebdbe3a78-FRA
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400
utx
apptquitesouse.com/ 		0
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apptquitesouse.com/utx?cb=7LzPGDdDGPjo&top=upfilesurls.com&tid=978153
Requested by
Host: d18kg2zy9x3t96.cloudfront.net
URL: https://d18kg2zy9x3t96.cloudfront.net/?yzgkd=978153
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-78.fra56.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 23:41:08 GMT
via
1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop
FRA56-P3
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://upfilesurls.com
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
g-m9QGmTW5PTKYgYGjVNQYqoX7XXIBsmOwGeyCaXi90CZgBPIus9jA==
BxwraTkbGiIaFQcoCGoFAxIBCwUyOiUOPTQ2D2AGF0hXDBNhGiQJPwQaMi8ENyAhIBoQFRMvExQjIRwGHy0hHiYbI1AKFhAvF28TBDg2HwU2PUUyIT4XE2UoJBRbGxZhFS0r
apptquitesouse.com/eWNYUlEYATs/bhheOnQkCw9ld2M/RmoUNUhbMzVjAxphKmINWm58MhUMLTY3Cww2Jn8XBix3Yz9aDgYbSy41JWMhMTAHBAAlOhc2QDUBNSExIWlrKy4iDjYQEDYIFhQaIToKFAAiPxMzKDUaFRcTJggAOSgiFhQmKydoPSYhIQ0CCSEtDB... Frame 894D 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://apptquitesouse.com/eWNYUlEYATs/bhheOnQkCw9ld2M/RmoUNUhbMzVjAxphKmINWm58MhUMLTY3Cww2Jn8XBix3Yz9aDgYbSy41JWMhMTAHBAAlOhc2QDUBNSExIWlrKy4iDjYQEDYIFhQaIToKFAAiPxMzKDUaFRcTJggAOSgiFhQmKydoPSYhIQ0CCSEtDBc9OzEBAAA6Mj8fdEshHCpgHSUbHAA7DxUeHUgPCQAmSAwAKj0wIQw+ND8bPDcUDgcBEzoVDRk+ZD8hDCYGPjYNNDI4IR8KExEUGRcIPTsQIRIsFB0nMjghHwAALFQaFxghOyAxCSsiEQcIDjk+FGBMDw0lfCMgGRYTPyZpExkpJgIGEDoTPxMEPAAAYBwhMRkYFCkPNxEJDiEvExUsOwA/BxwraTkbGiIaFQcoCGoFAxIBCwUyOiUOPTQ2D2AGF0hXDBNhGiQJPwQaMi8ENyAhIBoQFRMvExQjIRwGHy0hHiYbI1AKFhAvF28TBDg2HwU2PUUyIT4XE2UoJBRbGxZhFS0r
Requested by
Host: d18kg2zy9x3t96.cloudfront.net
URL: https://d18kg2zy9x3t96.cloudfront.net/?yzgkd=978153
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-78.fra56.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
5e237aaf5551dad3a82d52c2b60ce5e1e32fb492ea077d0a2d91435794ad519f

Request headers

Referer
https://upfilesurls.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1231
content-type
text/html
date
Mon, 12 Jun 2023 23:41:08 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
x-amz-cf-id
2_YbyRnyfx6zGA4qmXo8kTkQa7mL93x3XpNUQRXu6OVk1wgCcpWZpw==
x-amz-cf-pop
FRA56-P3
x-cache
Miss from cloudfront
asd100.bin
pogothere.xyz/ 		100 KB
100 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/asd100.bin
Requested by
Host: d18kg2zy9x3t96.cloudfront.net
URL: https://d18kg2zy9x3t96.cloudfront.net/?yzgkd=978153
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.132.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 23:41:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5347
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 12 Jun 2023 22:12:01 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://upfilesurls.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QBTJQMNE%2B%2B7TFdgDHvGRQr32qG7z6YkBdlJgBMIYE2JOWHn1Om3rBQiOmSiMm6YYMAhuePO%2B3BslQEBY2kEsEwnQ6PaMZfLU8Lux5cokWiqtyUH5%2F8If8Cs0T8rUEDF3"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
7d65f15ecdcc3a78-FRA
access-control-allow-headers
X-Requested-With, content-type
/
pogothere.xyz/ 		26 B
350 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/
Requested by
Host: d18kg2zy9x3t96.cloudfront.net
URL: https://d18kg2zy9x3t96.cloudfront.net/?yzgkd=978153
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.132.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b41fad974758598e9237819bf1f0da1a0110de7a4b0144b38ca7b159eef04348

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 23:41:08 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ca5Ohe1aUn6ghhluyVzvv28BA17o3ag3hnFbNWBlW4VQstj%2B5UBTYZNLgdyEamvXiwiJNR1eoWFuVOTveZhCJJnsQwZgtoJUs%2FO8U%2B8YNZvln3c6Npe%2F40iZpaZAbj7p"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
https://upfilesurls.com
content-type
text/plain
access-control-allow-credentials
true
cf-ray
7d65f15ecdcd3a78-FRA
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400
utx
apptquitesouse.com/ 		0
537 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apptquitesouse.com/utx?cb=4xDAA1r5gajp&top=upfilesurls.com&tid=974624
Requested by
Host: d18kg2zy9x3t96.cloudfront.net
URL: https://d18kg2zy9x3t96.cloudfront.net/?yzgkd=978153
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-78.fra56.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 23:41:08 GMT
via
1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop
FRA56-P3
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://upfilesurls.com
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
6OC0qnBtaSZB0c2f0uz3ioPUwMDM6km5vo4qF5qGYh-WzLpvcf23ng==
cUFkQ1AQIwcubxB8BmUlAy1ZZmI3ZFYFNEB5DyRiCzhdO2MFeFJtMx0uESc2Ay4KN34fJBBmYjcwMy8SRA8JIGUhOQASBzJ1UQsBBSQGFAIhAyINaD4mFBkTIjEQBCcwcSopYFRzJhcRASgAJGE8AFYnNylwCwQeNSUhBhE4cSlzATkQMDBgNjYQFzYyEC4UAQkvK...
apptquitesouse.com/ Frame 4DA4 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://apptquitesouse.com/cUFkQ1AQIwcubxB8BmUlAy1ZZmI3ZFYFNEB5DyRiCzhdO2MFeFJtMx0uESc2Ay4KN34fJBBmYjcwMy8SRA8JIGUhOQASBzJ1UQsBBSQGFAIhAyINaD4mFBkTIjEQBCcwcSopYFRzJhcRASgAJGE8AFYnNylwCwQeNSUhBhE4cSlzATkQMDBgNjYQFzYyEC4UAQkvKzsKPgQwJDc2ByEnHSkYKRVhHnI0NB4XAh4aKCkANSsyQnQuBmEnMAECZRcCMHd1QwcgKAYyICMCCCAqLiwJNCYjEAcBcDctAjIgIwIfKTYIMAo3NiIJCEgoNxZlIyMKLzMzBwd0GTBsCCIRGHFVBGFBDigtBj0iIgkgK3AHBQUpeA0QAkUMKSoBJBYPCT80cBMGBgsYUQY8PwIFBBEUFBMSKCFwJRcGJi4eBgUgCCo5BhIDJwUiKBRUGgZCEwgXNycSAAQWOwAhCT8oABQbESUyDQYSPxcsBAY6ADEvICstXQcHHDJCKSMeLxR+MkcSCC4XCyxc
Requested by
Host: d18kg2zy9x3t96.cloudfront.net
URL: https://d18kg2zy9x3t96.cloudfront.net/?yzgkd=978153
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-78.fra56.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
6ee1a533c7f269fe4121072da18e31aac09284b364d94880b92cbee0cbb9f5bb

Request headers

Referer
https://upfilesurls.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1231
content-type
text/html
date
Mon, 12 Jun 2023 23:41:08 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
x-amz-cf-id
qQeTYmejqnx0uXO_B4MF_dh6UxJk_5uuXSjWohjafPa5SF0jKlqLlQ==
x-amz-cf-pop
FRA56-P3
x-cache
Miss from cloudfront
U2U3Z1MyB1QKbDJYVUEmIQkKQmEVQAUhN2JdXABhKRwOH2AnXAFJMD8KQgM1IQpZE309AENCYRUnZjIJHTRNIjoYNnoLFzkwQSwLZyxSPxlqBmY9PR8hAxQLKSMALisFJHUeazQjbzYWFhJAJgE+Bk4pKjAoVDASOyxbXz42V0QKCyovAAEUBTR9NAEkAU8EYxlWd...
apptquitesouse.com/ Frame FABC 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://apptquitesouse.com/U2U3Z1MyB1QKbDJYVUEmIQkKQmEVQAUhN2JdXABhKRwOH2AnXAFJMD8KQgM1IQpZE309AENCYRUnZjIJHTRNIjoYNnoLFzkwQSwLZyxSPxlqBmY9PR8hAxQLKSMALisFJHUeazQjbzYWFhJAJgE+Bk4pKjAoVDASOyxbXz42V0QKCyovAAEUBTR9NAEkAU8EYxlWdhILORZBLgBqNG0vAh8BX14rClYOHRQHPEEuKjcAeQ0FPAZmIiUeCF8fEgsnBT5gHjBUAAE8BmYiYR8ceVYRBDcGI2EKIVQzZmQBTw84Ny0HDgIHIEYsFwEwfh5jOCtPNSkSLRoPJBEIDlY2YTxzBARnCHxXBiAuWg8rMAhlVzUAXG4sOh0KVDYWPixOUzwLCF8NNWArZCwHAgx7CwE4AXYTKhItYQg1BFVyAz0FUVU2ESsGcA8rEjF+CRgqL3MsFB1ABSERAjdOBAQdEnVVMCkGfy51ORZYCSNuC2EWFToIYSIWBiR0EA
Requested by
Host: d18kg2zy9x3t96.cloudfront.net
URL: https://d18kg2zy9x3t96.cloudfront.net/?yzgkd=978153
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-78.fra56.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
cd4af511735ec6f0c8e178bfb84c383167eb4fb34f0a99f3bd53bc8bc50aabf4

Request headers

Referer
https://upfilesurls.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1222
content-type
text/html
date
Mon, 12 Jun 2023 23:41:08 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
x-amz-cf-id
MIOKEcddPtBrts2LHeqlUv5IG4iMUXr5Z4QUbdpzwF7-4TJY4NrVBg==
x-amz-cf-pop
FRA56-P3
x-cache
Miss from cloudfront
M1lsWDQcZg8rCWJoIixVexNfAmJLAz82QEIOKix4UB4iDWNmHEosXVdkVW8MAmxffkRaPVFpEkAtDSxBQGRdfl1dPwNlEkVkXXYHB3dfahoAfxllBRUtHDlTDmhKKEBHNVFpAgtvWmkHAW9UagcL
appyrinceas.com/ 		0
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://appyrinceas.com/M1lsWDQcZg8rCWJoIixVexNfAmJLAz82QEIOKix4UB4iDWNmHEosXVdkVW8MAmxffkRaPVFpEkAtDSxBQGRdfl1dPwNlEkVkXXYHB3dfahoAfxllBRUtHDlTDmhKKEBHNVFpAgtvWmkHAW9UagcL
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/9bKt1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 23:41:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DIFy%2BXeolWAZTKdtDxLBXRPEr%2Bic1uevhqnc%2FwzjlJ0jm326fVpWCQtaCBGbLZRaCuJlPYa5duT7%2BSyOi4cd6sQjOYXnXW4sTBnuyfpLdzmmo9aZgcd1n7w5X2bbx6Ttko4%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7d65f15f4c333610-FRA
alt-svc
h3=":443"; ma=86400
login.php
www.facebook.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/9bKt1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
  • https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&ffgf=1&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneHYmfDE_yzT2bO0_K6yqC2j_vJiav6xA2fi9TD9g7tiVbMJVTvM...
  • https://accounts.google.com/v3/signin/identifier?dsh=S654389273%3A1686613268496488&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&ffgf=1&hl=en&ifkv=Af_xneHUAw6WaLZNB2QBbkJc8I3Ya1TNLVV8Fv_nmeWm...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/v3/signin/identifier?dsh=S654389273%3A1686613268496488&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&ffgf=1&hl=en&ifkv=Af_xneHUAw6WaLZNB2QBbkJc8I3Ya1TNLVV8Fv_nmeWm1UNtvz1XRZdhBiwJ3C4JTaCkZ_zSPuiv3g&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/9bKt1
Protocol
H2
Server
2a00:1450:4001:801::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Redirect headers

date
Mon, 12 Jun 2023 23:41:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-3PrqDkubhXzdMmWGPRfmBA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
399
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?dsh=S654389273%3A1686613268496488&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&ffgf=1&hl=en&ifkv=Af_xneHUAw6WaLZNB2QBbkJc8I3Ya1TNLVV8Fv_nmeWm1UNtvz1XRZdhBiwJ3C4JTaCkZ_zSPuiv3g&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
  • https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&ffgf=1&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneFcgV7JKrmZTFXKljDpzY_Ibjdu8G6xrCd7jEHtpaqAAFFF...
  • https://accounts.google.com/v3/signin/identifier?dsh=S34184187%3A1686613268537837&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&ffgf=1&hl=en&ifkv=Af_xneE-pWQYyBtUQNmxcDaMuW20znOa9q5v2-3LQl65...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/v3/signin/identifier?dsh=S34184187%3A1686613268537837&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&ffgf=1&hl=en&ifkv=Af_xneE-pWQYyBtUQNmxcDaMuW20znOa9q5v2-3LQl655rHlZJE8JAqTILe3XBUC4XCWwVGmTsaIEw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/9bKt1
Protocol
H2
Server
2a00:1450:4001:801::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Redirect headers

date
Mon, 12 Jun 2023 23:41:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-_hbsUXWbrCkMP6wBI-B6lg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
405
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?dsh=S34184187%3A1686613268537837&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&ffgf=1&hl=en&ifkv=Af_xneE-pWQYyBtUQNmxcDaMuW20znOa9q5v2-3LQl655rHlZJE8JAqTILe3XBUC4XCWwVGmTsaIEw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
cWVVZTVeWjYWCCYIYCN7JxUjPQYSIgwIRRcGIlRGKAk9VHRDVXMRXBVYbFIBR1dhQ0UYAWhUEwIRNBFAAlhkQ1wfAzpYEwdYZEsGRUtmVxtCQyBYBFcRJQRSTFRzFUEFCWhUA0lTY1QGQ1NtVw1H
appyrinceas.com/ 		0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://appyrinceas.com/cWVVZTVeWjYWCCYIYCN7JxUjPQYSIgwIRRcGIlRGKAk9VHRDVXMRXBVYbFIBR1dhQ0UYAWhUEwIRNBFAAlhkQ1wfAzpYEwdYZEsGRUtmVxtCQyBYBFcRJQRSTFRzFUEFCWhUA0lTY1QGQ1NtVw1H
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/9bKt1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 23:41:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1JRKsDuv8SzX%2F9cGEAr5NxC7h9zztiu2UKBkV3QIHNBFpCfNiCg6UQ%2F1Rdh8OahesqVZGRhmNKhp0H4tGx8ay5Gzq%2Bfha9%2Fs2fo3jhbmX9db2XXBO41p%2FgWZwyPNJzrCx5I%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7d65f15f4c343610-FRA
alt-svc
h3=":443"; ma=86400
BSFLUDdUElohFH09BTggACwIJStbFyZaV0E8Cl9IDWFeUEYTJQcGTARtSBEFVCEbEUwEcwcMF1poSBRMBHteTEMbZkgXTARzGhIQUmhfRAFBIQJfQANtWFRABmdYWkIFYg
appyrinceas.com/NVVuYnEaag0RTGE5KDU/ 		0
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://appyrinceas.com/NVVuYnEaag0RTGE5KDU/BSFLUDdUElohFH09BTggACwIJStbFyZaV0E8Cl9IDWFeUEYTJQcGTARtSBEFVCEbEUwEcwcMF1poSBRMBHteTEMbZkgXTARzGhIQUmhfRAFBIQJfQANtWFRABmdYWkIFYg
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/9bKt1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 23:41:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jP%2FdWR0hfyksmBMceUaUV%2BbPpkPnL2SmTLPjbw5Gd7hewyfNCLpIZpuKhCSwRkVASJd%2BdQwjYXW90Y5WrbCzec3Q6eeK5UnVI8yhol5zDyQdhX14RaFX30Rib7RGQe%2B9Hg4%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7d65f15f4c353610-FRA
alt-svc
h3=":443"; ma=86400
impl.v16.15.0.js
live.demand.supply/ 		74 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/impl.v16.15.0.js
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/9bKt1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17e049f64e3dea79709c28dc793b77b590002deb3ce42a2121ec45482e07e2ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-nf-request-id
01H2GK305XV01MVKQGDRPM2FJQ
date
Mon, 12 Jun 2023 23:41:08 GMT
content-encoding
br
cf-cache-status
HIT
age
281711
cf-polished
origSize=76095
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"887f42604f58d6c4bb87beeb70301b46-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin
*
cf-ray
7d65f15f08cf195e-FRA
dXBmaWxlc3VybHMuY29tLw==
live.demand.supply/p4/v16-10-0/ 		984 B
607 B 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/p4/v16-10-0/dXBmaWxlc3VybHMuY29tLw==
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/9bKt1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c06fd5005ee74dbe2f01a6206b78bbd02514e97996853ced2fd1f89c02034ab0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 23:41:08 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
7d65f15f08d0195e-FRA
alt-svc
h3=":443"; ma=86400
/
d18kg2zy9x3t96.cloudfront.net/ 		349 KB
113 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d18kg2zy9x3t96.cloudfront.net/?yzgkd=978153
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/9bKt1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:3e00:0:2146:f680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
db42aaa59cf24d641a6b6ceec30dc201fcd077cc224ac04865f1d9597fb6bc2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 23:41:08 GMT
content-encoding
gzip
via
1.1 3199fed6c4260c9448326645d333530a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
access-control-allow-origin
https://upfilesurls.com
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
access-control-allow-credentials
true
content-length
115439
x-amz-cf-id
1q3T6_6XKiPazpIcbCq0ffabvx7xJBNATM6EnU38BtdmUQ0-bi_MGg==
api.js
www.recaptcha.net/recaptcha/ 		921 B
901 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/js/frontend.js?id=88f283c744d8a6e43cfb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7e57a94332f82391e3ce041b8e8331ebf03e0495435cc608da7e367be6da9855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 23:41:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
581
x-xss-protection
1; mode=block
expires
Mon, 12 Jun 2023 23:41:08 GMT
arrow-down.png
upfilesurls.com/images/ 		208 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upfilesurls.com/images/arrow-down.png?c98e5283a69cb508d054d30256af43c6
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/css/frontend.css?id=2396ffb76e738e465b53
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:98a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59b7ad6d6f457b624e25d22959edc7c83af2ac52edba32fd6648c97af0d1780c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/css/frontend.css?id=2396ffb76e738e465b53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 23:41:08 GMT
strict-transport-security
max-age=31536000, max-age=31536000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1669605
content-length
208
last-modified
Fri, 08 Apr 2022 10:55:45 GMT
server
cloudflare
etag
"625014b1-d0"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=miv9db6HpVwtDZrl8T7zPE8GbbANbl%2BJzSATjq0I6Xu9MU%2FIVTAPtfe4Xu%2BqypmXqnQg9RSJaYiaBTssZ3YOH0XrxHRTmHJwHkNc6VcS7ChLVcFk6KRg4qvW381mgZqcCWKubUx7VsZ%2F8n7SkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7d65f15f99ef03e4-FRA
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://upfilesurls.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 19:08:02 GMT
x-content-type-options
nosniff
age
189186
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 09 Jun 2024 19:08:02 GMT
e.js
live.demand.supply/e/ 		0
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?e=ll&d=180&cs=c&dsReferer=dXBmaWxlc3VybHMuY29tLzliS3QxI2dvb2dsZV92aWduZXR0ZQ==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-nf-request-id
01H0WH535VZPRFR8SSXVB2WVS7
date
Mon, 12 Jun 2023 23:41:08 GMT
cf-cache-status
HIT
age
2027136
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"dfe0abe17839ba4f36623d3c9332b694-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7d65f15fc9e7928f-FRA
dXBmaWxlc3VybHMuY29tLzliS3QxI2dvb2dsZV92aWduZXR0ZQ==
live.demand.supply/p4/v16-10-0/ 		983 B
698 B 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/p4/v16-10-0/dXBmaWxlc3VybHMuY29tLzliS3QxI2dvb2dsZV92aWduZXR0ZQ==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f63a94e50059daa2803e847b810fddb947850dc0dfb57cf587ff7f4fab936fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 23:41:08 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
7d65f15fb86f367f-FRA
alt-svc
h3=":443"; ma=86400
ds.2.html
live.demand.supply/ 		413 B
585 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/ds.2.html
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-nf-request-id
01GZ1TRE6JCM1Y4N530MF91ECS
date
Mon, 12 Jun 2023 23:41:08 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
2027027
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin
*
cf-ray
7d65f15fc9ea928f-FRA
alt-svc
h3=":443"; ma=86400
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/ 		404 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0c384e9f5a0511e6e45bbaf26eba3f51edf331b05e20efa57f243d87ad4c452e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:33:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
40088
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127303
x-xss-protection
0
server
cafe
etag
14748094856067035890
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 11 Jun 2024 12:33:00 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		587 B
326 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=upfilesurls.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
61f7d9eaabbfde4b1fe0a802ca35b9bc8ce06e6d585a0a10071c155c6bcab518
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 23:41:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Mon, 12 Jun 2023 23:41:08 GMT
9VTJ2Mmw2XRhUUyFbEg9VYgpHB19zWAVdAiUPDEcBbXEyAgAbQVBGFjEPRhQANFwRD0owXBUPXXNTElBRYRQCQgM+Dx1dFCNQBlMLL1lQRw1oXxlIBTleFxdeEwdYAklnAl5FBTtWGUUfcABGXBhwAEYDXHsCUwEucABGRQU7BEIXXxcXRAIUYwZfF15lUw-ZCADB...
d18kg2zy9x3t96.cloudfront.net/ Frame 894D 		814 B
854 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d18kg2zy9x3t96.cloudfront.net/9VTJ2Mmw2XRhUUyFbEg9VYgpHB19zWAVdAiUPDEcBbXEyAgAbQVBGFjEPRhQANFwRD0owXBUPXXNTElBRYRQCQgM+Dx1dFCNQBlMLL1lQRw1oXxlIBTleFxdeEwdYAklnAl5FBTtWGUUfcABGXBhwAEYDXHsCUwEucABGRQU7BEIXXxcXRAIUYwZfF15lUw-ZCADBFE1AHPEZTACpgAUEcX2MXRAJEPloCXwBwADUXXmVeH1kJcABGVQk2WRkbSWcCFVoeOl8TF14TA0cGQmUcQwVfYBxHAlpwAEZBDTNTBFtJZ3RDAVt7AUAUGWgD
Requested by
Host: apptquitesouse.com
URL: https://apptquitesouse.com/eWNYUlEYATs/bhheOnQkCw9ld2M/RmoUNUhbMzVjAxphKmINWm58MhUMLTY3Cww2Jn8XBix3Yz9aDgYbSy41JWMhMTAHBAAlOhc2QDUBNSExIWlrKy4iDjYQEDYIFhQaIToKFAAiPxMzKDUaFRcTJggAOSgiFhQmKydoPSYhIQ0CCSEtDBc9OzEBAAA6Mj8fdEshHCpgHSUbHAA7DxUeHUgPCQAmSAwAKj0wIQw+ND8bPDcUDgcBEzoVDRk+ZD8hDCYGPjYNNDI4IR8KExEUGRcIPTsQIRIsFB0nMjghHwAALFQaFxghOyAxCSsiEQcIDjk+FGBMDw0lfCMgGRYTPyZpExkpJgIGEDoTPxMEPAAAYBwhMRkYFCkPNxEJDiEvExUsOwA/BxwraTkbGiIaFQcoCGoFAxIBCwUyOiUOPTQ2D2AGF0hXDBNhGiQJPwQaMi8ENyAhIBoQFRMvExQjIRwGHy0hHiYbI1AKFhAvF28TBDg2HwU2PUUyIT4XE2UoJBRbGxZhFS0r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:3e00:0:2146:f680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
19a6cffaedba4c37a8496453cd0e93486f28d8cbf9ae4f5c7c5c2f8eee394814

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://apptquitesouse.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 23:41:08 GMT
content-encoding
gzip
via
1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
578
x-amz-cf-id
GBJYF43M2pCfd75Dc0j65b-kA1Kl4y-Vhx0ig9mM0-qaFfpZ5rKyRw==
DkVCaGAXQkJoYEgGSWp1SnRCaGAOXwlsZFwFJX9iSU5RbnlcBFc7IA-laAi01G10OLnVLcFJpZ1cFUX9iSR4MMiQUWkJoE1wEVzY5ElNCaGAeUwQxP1ATVWozEUQINzVcBCFrYU0YV3RlTgVSdGFJAEJoYApXATsiEBNVHGVKAUlpZl9DWms
d18kg2zy9x3t96.cloudfront.net/qWlB5Nmc5PxdQWC45HQtebWRPBFN8OgpZCSptGwA0Nj0+TApidg1MA2dgX1oGNDdEEAI0M0QHQTs0GwtTfCQJWQxnOxZOETggGFEdMXYMV1o3PwNfCzYxXAQhb35JE1VqeA5fCT4/ Frame 4DA4 		821 B
858 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d18kg2zy9x3t96.cloudfront.net/qWlB5Nmc5PxdQWC45HQtebWRPBFN8OgpZCSptGwA0Nj0+TApidg1MA2dgX1oGNDdEEAI0M0QHQTs0GwtTfCQJWQxnOxZOETggGFEdMXYMV1o3PwNfCzYxXAQhb35JE1VqeA5fCT4/DkVCaGAXQkJoYEgGSWp1SnRCaGAOXwlsZFwFJX9iSU5RbnlcBFc7IA-laAi01G10OLnVLcFJpZ1cFUX9iSR4MMiQUWkJoE1wEVzY5ElNCaGAeUwQxP1ATVWozEUQINzVcBCFrYU0YV3RlTgVSdGFJAEJoYApXATsiEBNVHGVKAUlpZl9DWms
Requested by
Host: apptquitesouse.com
URL: https://apptquitesouse.com/cUFkQ1AQIwcubxB8BmUlAy1ZZmI3ZFYFNEB5DyRiCzhdO2MFeFJtMx0uESc2Ay4KN34fJBBmYjcwMy8SRA8JIGUhOQASBzJ1UQsBBSQGFAIhAyINaD4mFBkTIjEQBCcwcSopYFRzJhcRASgAJGE8AFYnNylwCwQeNSUhBhE4cSlzATkQMDBgNjYQFzYyEC4UAQkvKzsKPgQwJDc2ByEnHSkYKRVhHnI0NB4XAh4aKCkANSsyQnQuBmEnMAECZRcCMHd1QwcgKAYyICMCCCAqLiwJNCYjEAcBcDctAjIgIwIfKTYIMAo3NiIJCEgoNxZlIyMKLzMzBwd0GTBsCCIRGHFVBGFBDigtBj0iIgkgK3AHBQUpeA0QAkUMKSoBJBYPCT80cBMGBgsYUQY8PwIFBBEUFBMSKCFwJRcGJi4eBgUgCCo5BhIDJwUiKBRUGgZCEwgXNycSAAQWOwAhCT8oABQbESUyDQYSPxcsBAY6ADEvICstXQcHHDJCKSMeLxR+MkcSCC4XCyxc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:3e00:0:2146:f680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
78f0fc1c8498a0186558d3af62cf2ed9304f80684100a3d124c300d2b660c4e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://apptquitesouse.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 23:41:08 GMT
content-encoding
gzip
via
1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
581
x-amz-cf-id
qPWh5bHEW8b_nlHMyEuqT9d6uTQ-ek2H-oLwDgrSBjDz9wZ0ssYOdg==
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/js/frontend.js?id=88f283c744d8a6e43cfb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 23:41:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47313
x-xss-protection
0
server
cafe
etag
15281358973900162890
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 12 Jun 2023 23:41:08 GMT
invisible.js
upfilesurls.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6cdb09c9/ Frame 7B87
Redirect Chain
  • https://upfilesurls.com/cdn-cgi/challenge-platform/scripts/invisible.js
  • https://upfilesurls.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6cdb09c9/invisible.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://upfilesurls.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6cdb09c9/invisible.js
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/9bKt1
Protocol
H2
Server
2606:4700:20::681a:98a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
082fe63d178cb8ecd1c5a9f5afbd5593bf8bf834b6c8fb394ac4ee72dfcf0afd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 23:41:08 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VzlYVMzLrIsW%2BbOXbHSVaB%2B0VOy9nXNCaQlrzsg2USD886FHk346nwPY6S86CEtWyoj1Q31OPSnqjISuDpFesNacTSvf4TcHsZWNrbupxVQ1G1ASOjknPhuiCc0tP2IZsNN5EzzMASm4vdOTww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7d65f161bb1a03e4-FRA

Redirect headers

date
Mon, 12 Jun 2023 23:41:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=de1CYjAnp0ysGXkK6eFkepZ9CyCZ%2FIug3SwvKrsaIH%2BG6OY9dFGaoDrpNhivn0bKFUEgwoXkHoELYfFMh9pphOx7RJKGgROGw18lam%2BItK3y1R299X1cjJSNwM%2BFeU3r66cYqc9m%2FLXKK%2BNDkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/6cdb09c9/invisible.js
cache-control
max-age=300, public
cf-ray
7d65f1603a3a03e4-FRA
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-197252557-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 12 Jun 2023 23:04:48 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
2180
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Tue, 13 Jun 2023 01:04:48 GMT
e.js
live.demand.supply/x/ 		0
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/e.js?ce=fs&dsReferer=dXBmaWxlc3VybHMuY29tLzliS3QxI2dvb2dsZV92aWduZXR0ZQ==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-nf-request-id
01GYF979PMJP686XKAJ5KDJFJX
date
Mon, 12 Jun 2023 23:41:08 GMT
cf-cache-status
HIT
age
2400820
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7d65f1605a3a928f-FRA
recaptcha__de.js
www.gstatic.com/recaptcha/releases/Xh5Zjh8Od10-SgxpI_tcSnHR/ 		410 KB
165 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Xh5Zjh8Od10-SgxpI_tcSnHR/recaptcha__de.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
67e8970716778d87e9cdd2c6a8ed4fb82a56dadcc9919a8eee9764e2eb4d70f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://upfilesurls.com/
Origin
https://upfilesurls.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 21:03:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9481
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
167992
x-xss-protection
0
last-modified
Sun, 04 Jun 2023 14:00:37 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 11 Jun 2024 21:03:07 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=upfilesurls.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 23:41:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:c400:a:e047:753:be1 , United States, ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Mon, 12 Jun 2023 05:58:55 GMT
Via
1.1 2a6277094357eb47f8dbeacb06ed96c2.cloudfront.net (CloudFront)
Last-Modified
Thu, 04 May 2023 00:14:06 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P2
Age
63734
x-amz-server-side-encryption
AES256
ETag
"4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1858
X-Amz-Cf-Id
gCSMbZCb31r6hzA0L3BNFFPrbtRP-NGtCW2kkQYAaqxIcYz7CgWVsg==
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 23:41:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 31 May 2023 13:09:50 GMT
server
nginx
etag
W/"6477471e-a980"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 13 Jun 2023 23:41:08 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-97.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 01:47:30 GMT
content-encoding
gzip
via
1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
last-modified
Wed, 31 May 2023 20:34:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
78819
x-amz-server-side-encryption
AES256
etag
W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
e74pMxP9rBJzdtCZyWkMUQrc3jx8rkuVJSCyXhNma7-TKcegdaEcXQ==
esp.js
cdn.id5-sync.com/api/1.0/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6df03d6bd1a8ca1ce49d6b92d5fd80d5c1358191040696703718ce2054b1b2b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 23:41:08 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 06 Jun 2023 14:15:50 GMT
server
cloudflare
x-amz-request-id
NG7B76GJN825H0S8
age
3349
etag
W/"8c1740edd46834c66e82586d99a9e74c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7d65f161bdc51c2a-FRA
x-amz-id-2
NyHCyAtkatE46IVClDhJEwyOxJHtf6giBt/cxzVom8MvAYI/wUtkQGiE+SzHZZ7YvcLzIaP6EBI=
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
877 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 12 Jun 2023 23:41:08 GMT
x-content-type-options
nosniff
content-encoding
br
age
1291
x-jsd-version
master
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
439
x-served-by
cache-fra-etou8220106-FRA
x-jsd-version-type
branch
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 23:11:08 GMT
via
1.1 google
age
1800
x-guploader-uploadid
ADPycdtDDvf-u0mQPiQcR3HyPpvGl4mYefgM1SlmvCQo7TU2iQosSECTYQJ38hXByvNkrzJNU-kqmF_lxFiPB8Oz8SzLag
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1938
last-modified
Thu, 27 Apr 2023 19:53:17 GMT
server
UploadServer
etag
"0a4a90264145ed4c5c647dae5dfb0429"
x-goog-generation
1682625197861193
x-goog-hash
crc32c=jhvysQ==, md5=CkqQJkFF7UxcZH2uXfsEKQ==
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
1938
accept-ranges
bytes
expires
Tue, 13 Jun 2023 00:11:08 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		746 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=689369084963190&correlator=490843879917265&eid=31073560%2C31075061&output=ldjh&gdfp_req=1&vrg=202306060101&ptt=17&impl=fifs&iu_parts=339263271%3A22776202201%2CGam_upfilesurls.com_display&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=3273233675&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1686613268599&lmt=1686613268&dlt=1686613267984&idt=574&adxs=400&adys=281&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fupfilesurls.com%2F9bKt1%23google_vignette&frm=20&vis=1&psz=800x250&msz=800x250&fws=0&ohw=0&ga_vid=1363446078.1686613269&ga_sid=1686613269&ga_hid=857233731&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY8LDwj4sxSABSAghkEhkKCnB1YmNpZC5vcmcY8LDwj4sxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGPCw8I-LMUgAUgIIZBIXCghydGJob3VzZRjwsPCPizFIAFICCGQSGQoKdWlkYXBpLmNvbRjwsPCPizFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGPCw8I-LMUgAUgIIZA..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9574e33ca3d915450762cdfd50d7cd15e9d739906c3fd50cd68311d0cff1b59d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 23:41:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
376
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://upfilesurls.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		58 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=689369084963190&correlator=490843879917265&eid=31073560%2C31075061&output=ldjh&gdfp_req=1&vrg=202306060101&ptt=17&impl=fifs&iu_parts=339263271%3A22776202201%2CGam_upfilesurls.com_display&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=2&adks=3273233668&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1686613268608&lmt=1686613268&dlt=1686613267984&idt=574&adxs=400&adys=595&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fupfilesurls.com%2F9bKt1%23google_vignette&frm=20&vis=1&psz=800x250&msz=800x250&fws=0&ohw=0&ga_vid=1363446078.1686613269&ga_sid=1686613269&ga_hid=857233731&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY8LDwj4sxSABSAghkEhkKCnB1YmNpZC5vcmcY8LDwj4sxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGPCw8I-LMUgAUgIIZBIXCghydGJob3VzZRjwsPCPizFIAFICCGQSGQoKdWlkYXBpLmNvbRjwsPCPizFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGPCw8I-LMUgAUgIIZA..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
786a1d8605367fdb66af7a7126d90aefe502de062fb3ff0148e1ee9ce24dfc3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 23:41:08 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22509
x-xss-protection
0
google-lineitem-id
6282713890
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138430325756
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://upfilesurls.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		638 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=689369084963190&correlator=490843879917265&eid=31073560%2C31075061&output=ldjh&gdfp_req=1&vrg=202306060101&ptt=17&impl=fifs&iu_parts=339263271%3A22776202201%2CGam_upfilesurls.com_display&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=3&adks=3273233670&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1686613268612&lmt=1686613268&dlt=1686613267984&idt=574&adxs=400&adys=927&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fupfilesurls.com%2F9bKt1%23google_vignette&frm=20&vis=1&psz=800x250&msz=800x250&fws=0&ohw=0&ga_vid=1363446078.1686613269&ga_sid=1686613269&ga_hid=857233731&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY8LDwj4sxSABSAghkEhkKCnB1YmNpZC5vcmcY8LDwj4sxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGPCw8I-LMUgAUgIIZBIXCghydGJob3VzZRjwsPCPizFIAFICCGQSGQoKdWlkYXBpLmNvbRjwsPCPizFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGPCw8I-LMUgAUgIIZA..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
99cf522e069b581928ad7206c5634ee99579ae6902075e99259736520893b146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 23:41:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
279
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://upfilesurls.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
62c2d0d2b6738ce73d21cf63dc9564ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 198D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://62c2d0d2b6738ce73d21cf63dc9564ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://upfilesurls.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Jun 2023 23:41:08 GMT
expires
Tue, 11 Jun 2024 23:41:08 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
upfilesurls.com_auto_728x90_sticky_display_bottom
live.demand.supply/cp/ 		29 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/upfilesurls.com_auto_728x90_sticky_display_bottom?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=dXBmaWxlc3VybHMuY29tLzliS3QxI2dvb2dsZV92aWduZXR0ZQ==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfc9f1055f696637e8beedf56d6a4fcfd1189acbee659ba21f8cb5dc18ee9a7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 23:41:08 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
7d65f1611aaf928f-FRA
alt-svc
h3=":443"; ma=86400
content-length
29
ads
securepubads.g.doubleclick.net/gampad/ 		2 KB
885 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=689369084963190&correlator=2347968068094507&eid=31073560%2C31075061&output=ldjh&gdfp_req=1&vrg=202306060101&ptt=17&impl=fifs&iu_parts=44890869%3A22859910411%2Cca-pub-3831894559014614-tag%2C044293ce-89b1-498a-9bcf-8275878b2c1e&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=4&adks=3902365316&sfv=1-0-40&ists=1&fas=8&prev_scp=ti%3D909bab24-a290-4af4-85e9-f01ea4e8108f%26chrand%3Dy%26pof%3D0%26interstitials-bid%3D1%26bid-p%3Dgoogle%26bsc%3D78&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1686613268665&lmt=1686613268&dlt=1686613267984&idt=574&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fupfilesurls.com%2F9bKt1%23google_vignette&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1363446078.1686613269&ga_sid=1686613269&ga_hid=857233731&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY8LDwj4sxSABSAghkEhkKCnB1YmNpZC5vcmcY8LDwj4sxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGPCw8I-LMUgAUgIIZBIXCghydGJob3VzZRjwsPCPizFIAFICCGQSGQoKdWlkYXBpLmNvbRjwsPCPizFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGPCw8I-LMUgAUgIIZA..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
804843654e5f28ba5c8567951567a10b4b5e04b3b33386a122b32c358abc0bc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 23:41:08 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
855
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://upfilesurls.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
95ac0261ac793f12426f513852780977bd0cf558e29fec5ab00c773a133f58d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 13:22:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
37110
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13124
x-xss-protection
0
server
cafe
etag
18412689142917685927
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 11 Jun 2024 13:22:38 GMT
BQRycWNwB2czcHI
d18kg2zy9x3t96.cloudfront.net/BQUZNQzEiKSMlDjUvKX4IeXJ9cQZnLD4sXzF7IxVABy8gFXQEEwwARmcyNycMcWAhIl8me2smXyJ7fGVQJSRwdxc0J3AuXjsvIS9QZHQLdh9xY39zGTYvIydeNjVocQEvMmhxAXB2Y3MUcgRocQE2LyN1BWR1D2YDcT57dx... Frame FABC 		193 B
459 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d18kg2zy9x3t96.cloudfront.net/BQUZNQzEiKSMlDjUvKX4IeXJ9cQZnLD4sXzF7IxVABy8gFXQEEwwARmcyNycMcWAhIl8me2smXyJ7fGVQJSRwdxc0J3AuXjsvIS9QZHQLdh9xY39zGTYvIydeNjVocQEvMmhxAXB2Y3MUcgRocQE2LyN1BWR1D2YDcT57dxhkdH0iQTEqKDRUIy0kNxRzAH-hwBm91e2YDcW4mK0UsKmhxcmR0fS9YKiNocQEmIy4oXmhjf3NSKTQiLlRkdAtyAHVofW0EdnV4bQBxcGhxATInKyJDKGN/BQRycWNwB2czcHI
Requested by
Host: apptquitesouse.com
URL: https://apptquitesouse.com/U2U3Z1MyB1QKbDJYVUEmIQkKQmEVQAUhN2JdXABhKRwOH2AnXAFJMD8KQgM1IQpZE309AENCYRUnZjIJHTRNIjoYNnoLFzkwQSwLZyxSPxlqBmY9PR8hAxQLKSMALisFJHUeazQjbzYWFhJAJgE+Bk4pKjAoVDASOyxbXz42V0QKCyovAAEUBTR9NAEkAU8EYxlWdhILORZBLgBqNG0vAh8BX14rClYOHRQHPEEuKjcAeQ0FPAZmIiUeCF8fEgsnBT5gHjBUAAE8BmYiYR8ceVYRBDcGI2EKIVQzZmQBTw84Ny0HDgIHIEYsFwEwfh5jOCtPNSkSLRoPJBEIDlY2YTxzBARnCHxXBiAuWg8rMAhlVzUAXG4sOh0KVDYWPixOUzwLCF8NNWArZCwHAgx7CwE4AXYTKhItYQg1BFVyAz0FUVU2ESsGcA8rEjF+CRgqL3MsFB1ABSERAjdOBAQdEnVVMCkGfy51ORZYCSNuC2EWFToIYSIWBiR0EA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:3e00:0:2146:f680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2cd93801a077ae328be264fe3137664a53862ec8decb48f2119b3c2a98516fde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://apptquitesouse.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 23:41:08 GMT
content-encoding
gzip
via
1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
181
x-amz-cf-id
v9_0ywY9yNfS8ovVEwZ8vMeZHmWWsdTUlkz_hz3zriCckr3XCgOO8g==
collect
www.google-analytics.com/j/ 		1 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=857233731&t=pageview&_s=1&dl=https%3A%2F%2Fupfilesurls.com%2F9bKt1&ul=en-us&de=UTF-8&dt=VID_102011224_172158_693.mp4&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=576038809&gjid=1606452414&cid=1363446078.1686613269&tid=UA-197252557-1&_gid=542899182.1686613269&_r=1&gtm=457e36c0&jsscut=1&z=351903641
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://upfilesurls.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 23:41:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://upfilesurls.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
syncframe
gum.criteo.com/ Frame A89B 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=upfilesurls.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://upfilesurls.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 12 Jun 2023 23:41:08 GMT
server
Kestrel
server-processing-duration-in-ticks
316914
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
map
bcp.crwdcntrl.net/6/ 		60 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.137.8.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-137-8-33.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
138989ef63f4ca5eb8c68c87824044179310cc971d69fdc1e7ef8832feecdff7

Request headers

Referer
https://upfilesurls.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 23:41:08 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://upfilesurls.com
cache-control
no-cache
x-server
10.45.22.116
access-control-allow-credentials
true
content-length
60
expires
0
7d65f15b7f7403e4
upfilesurls.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 7B87 		0
510 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://upfilesurls.com/cdn-cgi/challenge-platform/h/g/cv/result/7d65f15b7f7403e4
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:98a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 12 Jun 2023 23:41:09 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
7d65f1634c1a03e4-FRA
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JDqMNWLO1LdTR3RhqpHUiMD6nUn33WcYemK1M9rjGRvQOoCYPNUwpu4G7nxNj%2FU%2Bf1X3%2BQAkN58wDNLfnLkoF30XSVw1OMpq2RKGn%2Fkz%2FvH1ZcD3nvglF%2FenJobUarYwnrug13Zj98q3jejHTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
e.js
live.demand.supply/e/ 		0
483 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=upfilesurls.com_auto_interstitial_desktop&e=nai&dsReferer=dXBmaWxlc3VybHMuY29tLzliS3QxI2dvb2dsZV92aWduZXR0ZQ==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-nf-request-id
01H0WH535VZPRFR8SSXVB2WVS7
date
Mon, 12 Jun 2023 23:41:09 GMT
cf-cache-status
HIT
age
2027137
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"dfe0abe17839ba4f36623d3c9332b694-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7d65f163dc11928f-FRA
ads
securepubads.g.doubleclick.net/gampad/ 		168 KB
49 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=689369084963190&correlator=3060462288141456&eid=31073560%2C31075061&output=ldjh&gdfp_req=1&vrg=202306060101&ptt=17&impl=fifs&iu_parts=44890869%3A22859910411%2Cca-pub-3831894559014614-tag%2C8218a573-db51-4303-a715-73cced357d63&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=5&adks=655150013&sfv=1-0-40&ists=1&fas=8&prev_scp=ti%3D909bab24-a290-4af4-85e9-f01ea4e8108f%26chrand%3Dy%26pof%3D0%26interstitials-bid%3D0.2%26bid-p%3Dgoogle%26bsc%3D78&eri=1&sc=1&cookie=ID%3D7ffb3d94a20244b4%3AT%3D1686613268%3ART%3D1686613268%3AS%3DALNI_MbOaASIff59Ux1WrjnOaCehQFziuw&gpic=UID%3D00000c2eda927ed8%3AT%3D1686613268%3ART%3D1686613268%3AS%3DALNI_MZQnLcaGJ9v4BpcTQquLXbfFE7gHw&abxe=1&dt=1686613269099&lmt=1686613269&dlt=1686613267984&idt=574&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=5&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fupfilesurls.com%2F9bKt1%23google_vignette&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1363446078.1686613269&ga_sid=1686613269&ga_hid=857233731&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY8LDwj4sxSABSAghkEhkKCnB1YmNpZC5vcmcYnLLwj4sxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGPCw8I-LMUgAUgIIZBIXCghydGJob3VzZRjwsPCPizFIAFICCGQSGQoKdWlkYXBpLmNvbRjwsPCPizFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGPCw8I-LMUgAUgIIZA..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2c305b3ee8a96d29c17277f9e953b4b8304f7906bdeae18cac0a713af81c4d10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 23:41:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49675
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://upfilesurls.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B76D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst5QJSnexW3UJ00XLv_RC-JI54mxh7XSsybfvTh96Hh8MtB0fB-Z-TV2KZqiz6d07kayDHi_8D3DSJaSqMTu7ZUYZo0MhMnT24u7HW7H0uY0WKH3eBfgTncQBdcFMeNaE63KowmUnd042FYdf03ZEzJdSdqdWhskCl-zOxdD1_pINZ_iVOlzC8h9jG0PRfoV90ySorsOTT6-jSFg_C0Pgcs6E0ceEU0z0TqY_xpA4ymvCJNoEkqtqkp4SNjn3UbWe4IePlVnZ3CV3u1VRECjx7zaAugCUjSk0JqXSGH8D593G911NP_WOJbVKsjqztC-BUSIHrP-g7m9PUV0zK-90VEUerBhJAj9A&sai=AMfl-YRZ_56uYINEFA_7TuET_bUpf5zdofjLB6KxjUDYjcFE8iUPS98TdzkN22kIuFOfshMvyH7EStGjiox0IMj3OL30Oqj2bdDyeLTauYECS-lvAsEINme0ZO8KEFUMiZtZ8Y5PT0qof0-plgiovq4&sig=Cg0ArKJSzN2-wawf8tq4EAE&uach_m=[UACH]&adurl=
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/9bKt1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 23:41:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 12 Jun 2023 23:41:09 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230608/r20110914/ Frame B76D 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230608/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
499535f3eac5c43e736542cc65f763d3694486966ac359b6aa03416cb4f66b9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 19:25:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
15368
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8791
x-xss-protection
0
server
cafe
etag
1771513136926955597
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Jun 2023 19:25:01 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230608/r20110914/client/ Frame B76D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230608/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 21:12:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
8893
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Jun 2023 21:12:56 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B76D 		176 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b1e1bef92ba957c4648c2118de4eece20ffb8e58eedbb33bce5c2227b46e9ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 23:41:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56133
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1686570138914868"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 12 Jun 2023 23:41:09 GMT
811511909485606589
tpc.googlesyndication.com/simgad/ Frame B76D 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/811511909485606589
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467d23dee5e3ba7f6eeac766fb074fe5e014fec821ce6b6c6cfac4426c8707c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Fri, 09 Jun 2023 23:15:31 GMT
x-content-type-options
nosniff
age
260738
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55229
x-xss-protection
0
last-modified
Fri, 21 Apr 2023 19:45:25 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 08 Jun 2024 23:15:31 GMT
e.js
live.demand.supply/e/ 		0
482 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=upfilesurls.com_auto_728x90_sticky_display_bottom&pdc=0.2180137753486633&ucv=null&e=tcp&dsReferer=dXBmaWxlc3VybHMuY29tLzliS3QxI2dvb2dsZV92aWduZXR0ZQ==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-nf-request-id
01H0WH535VZPRFR8SSXVB2WVS7
date
Mon, 12 Jun 2023 23:41:09 GMT
cf-cache-status
HIT
age
2027137
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"dfe0abe17839ba4f36623d3c9332b694-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7d65f1641c59928f-FRA
sdb.css
live.demand.supply/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/css/sdb.css
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-nf-request-id
01GZGR6SCB0Q49R1S22Y9RAR9T
date
Mon, 12 Jun 2023 23:41:09 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
server
cloudflare
age
1014742
etag
W/"281c43d3e253957887c3e1dad5bbb310-ssl-df"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
max-age=2592000,immutable,stale-if-error=604800
cf-ray
7d65f1642b02367f-FRA
alt-svc
h3=":443"; ma=86400
e.js
live.demand.supply/x/ 		0
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/e.js?ce=bb&r=upfilesurls.com_auto_728x90_sticky_display_bottom&dsReferer=dXBmaWxlc3VybHMuY29tLzliS3QxI2dvb2dsZV92aWduZXR0ZQ==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-nf-request-id
01GYF979PMJP686XKAJ5KDJFJX
date
Mon, 12 Jun 2023 23:41:09 GMT
cf-cache-status
HIT
age
2400821
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7d65f1642c5e928f-FRA
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=689369084963190&correlator=1610878279165371&eid=31073560%2C31075061&output=ldjh&gdfp_req=1&vrg=202306060101&ptt=17&impl=fifs&iu_parts=44890869%3A22859910411%2Cca-pub-3831894559014614-tag%2C09dea4b7-b301-4406-9573-8ca469e4fde9&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=6&adks=1444295116&sfv=1-0-40&prev_scp=ti%3D909bab24-a290-4af4-85e9-f01ea4e8108f%26chrand%3Dy%26pof%3D0%26bid%3D0.12%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D78&eri=1&sc=1&cookie=ID%3D03b421af77889cb1%3AT%3D1686613268%3ART%3D1686613268%3AS%3DALNI_MYzsZ7YRiEFz_8tQDw8Fd29qvx3Ew&gpic=UID%3D00000c2edaa863d9%3AT%3D1686613268%3ART%3D1686613268%3AS%3DALNI_MbT-n6igGNHjv4f_lKT1c3GZWFAEg&abxe=1&dt=1686613269146&lmt=1686613269&dlt=1686613267984&idt=574&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fupfilesurls.com%2F9bKt1%23google_vignette&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=1363446078.1686613269&ga_sid=1686613269&ga_hid=857233731&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY8LDwj4sxSABSAghkEhkKCnB1YmNpZC5vcmcYnLLwj4sxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGPCw8I-LMUgAUgIIZBIXCghydGJob3VzZRjwsPCPizFIAFICCGQSGQoKdWlkYXBpLmNvbRjwsPCPizFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGPCw8I-LMUgAUgIIZA..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee084d92251eabb725ffa15015355fe742f36bf1be5552bae06312e40ebf70ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 23:41:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11765
x-xss-protection
0
google-lineitem-id
5562801960
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138332681208
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://upfilesurls.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
encrypt
esp.rtbhouse.com/ 		241 B
335 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
1cd346a480fc74804c7542d24beb6d2150d6f2fb777191119e83264208378c53

Request headers

Referer
https://upfilesurls.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 12 Jun 2023 23:41:09 GMT
via
1.1 google, 1.1 google
server
Google Frontend
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
f0eb70cad9d93449debb511dec8fc8c5
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
241
encrypt
esp.rtbhouse.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://upfilesurls.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET
access-control-allow-origin
https://upfilesurls.com
access-control-max-age
600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
content-type
text/plain; charset=utf-8
date
Mon, 12 Jun 2023 23:41:09 GMT
server
Google Frontend
vary
Origin
via
1.1 google, 1.1 google
x-cloud-trace-context
0755a75ca534bf7d8082ddda60ffdcb8
increment
id5-sync.com/api/esp/ 		0
324 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://upfilesurls.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://upfilesurls.com
date
Mon, 12 Jun 2023 23:41:08 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
sid
mug.criteo.com/ Frame A89B
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=upfilesurls.com&sn=ChromeSyncframe&so=0&topUrl=upfilesurls.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=2YDBcnxiNUVmd0Q0b25rUGFRbnZMcnFPZ09hNHUwcnlRclNtRGYxV0xzTGlIejBWNjRnMHdXaGNSVXJ5VVNUYnFnZzFKNWpIOVZvem5HVm54TWRwcFZLSjV4d0IwUUNQQ2Rtd3NPMHdRQVFlSjVudFF6b2t1WVRRK0dYbm...
430 B
672 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=2YDBcnxiNUVmd0Q0b25rUGFRbnZMcnFPZ09hNHUwcnlRclNtRGYxV0xzTGlIejBWNjRnMHdXaGNSVXJ5VVNUYnFnZzFKNWpIOVZvem5HVm54TWRwcFZLSjV4d0IwUUNQQ2Rtd3NPMHdRQVFlSjVudFF6b2t1WVRRK0dYbm9UTVc1ZEU5SkVJZUQxaWV0OTFaeFdBUUNCUnJOWDBQZU9WY2s1R1lZdWJRdXRqbStnUy9XMFJMY01ITCtBVFBDSk91Yjd5RFEvbWp4ZDNJZ3BvZ1hXWUZpb256UnVMSXREZS9iVUNYQnRyOUVWQ3ZxZ0U3bVlERWpybVJicHgwTTRqRmtwUXJRUXlEQmtNZndxZkpCOXB4TGt6QWk0Yk16aUlwaDF4QVpSMXczOG9pQ256ND18&cppv=2
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/9bKt1
Protocol
H2
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
c17630a89e863595aab41b81762f665ac9fc938b7717b2bf293794b2a303b5e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 23:41:08 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1140279
expires
0

Redirect headers

pragma
no-cache
date
Mon, 12 Jun 2023 23:41:08 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=2YDBcnxiNUVmd0Q0b25rUGFRbnZMcnFPZ09hNHUwcnlRclNtRGYxV0xzTGlIejBWNjRnMHdXaGNSVXJ5VVNUYnFnZzFKNWpIOVZvem5HVm54TWRwcFZLSjV4d0IwUUNQQ2Rtd3NPMHdRQVFlSjVudFF6b2t1WVRRK0dYbm9UTVc1ZEU5SkVJZUQxaWV0OTFaeFdBUUNCUnJOWDBQZU9WY2s1R1lZdWJRdXRqbStnUy9XMFJMY01ITCtBVFBDSk91Yjd5RFEvbWp4ZDNJZ3BvZ1hXWUZpb256UnVMSXREZS9iVUNYQnRyOUVWQ3ZxZ0U3bVlERWpybVJicHgwTTRqRmtwUXJRUXlEQmtNZndxZkpCOXB4TGt6QWk0Yk16aUlwaDF4QVpSMXczOG9pQ256ND18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
275798
content-length
0
expires
0
truncated
/ Frame B76D 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80970a4284697eaddc81a0900a3d905cfdfffd20c417ecbd3b25c8f95d06767b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/png
popunder.gif
appyrinceas.com/ 		35 B
414 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://appyrinceas.com/popunder.gif
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/9bKt1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
public
date
Mon, 12 Jun 2023 23:41:09 GMT
cf-cache-status
HIT
last-modified
Mon, 12 Jun 2023 11:29:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
43905
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0m7EmJuXPf1wXLI11AAakeok1cdwW8moNdgceJMOEFouDS58d6tT3sab53AQrgmyq9iVaGKulTFSifBvGH3h%2FiikSwEdz0zEsYhkSpKICPJaq8V%2FyCr0SBETp31O81WFvHE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
cf-ray
7d65f164afbc3610-FRA
alt-svc
h3=":443"; ma=86400
view
securepubads.g.doubleclick.net/pcs/ Frame B76D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvX2fdWixZ7g1rTJhBANKxkjVn4DzNQ2Fzfz3e5gvMO9Min-wi6n0idTrANTgzuGYkO8aQjkkMNPEm__cneo8iqMCFjc1GGiLB5gVEtOb-e6s4_gluHPWlxbN4DeJHy_u_4Pagz22dB7BSVzIU-PXKuK0mJAH79K-8KmhBw9EJ2PXA44Qo5B2Os_09MFqezbPr1IVdANuZQ9NBUJ9pmcjYgXGisVv5pg86PFUjNnjlI7ZhuFl8Rsi_rNez6Qg7u6sm5Kx2ZBge6gQS8Ry5X0FbQqevUZRoz0sUzHHlt30iCeGNSWMrOpXjjpdEajeeg-bYV_aLz8chsRk4kP74Et14Ql3dz3IWqdgte&sai=AMfl-YQ57q1fRuahAXfHBhlhUYy2PqiTet4zCwVuYBuKmKW4s5VokIqqqFQ8WvxIqaXYym1xC_WzWtSeGUs9VjxdTKqj1rWMkvrBEcQdWyboZoOVbim-VxJo6wX9I-bweMVkyMz9BDQOIlUVznAB7Tc&sig=Cg0ArKJSzDg3pxfb_AdyEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 23:41:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 12 Jun 2023 23:41:09 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/js/frontend.js?id=88f283c744d8a6e43cfb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 23:41:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47311
x-xss-protection
0
server
cafe
etag
7722552554236374044
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 12 Jun 2023 23:41:09 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306060101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2cce2f4c7871e31519b2661174065cefa29c7f7186133834e72ccaf3e58d09a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 23:41:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11256
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 23:41:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 12 Jun 2023 23:41:09 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BF5A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://upfilesurls.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
8873
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Jun 2023 21:13:16 GMT
expires
Tue, 11 Jun 2024 21:13:16 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame BDA1 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
42015a382f14a8c92ca438f56737976268aad88736b92a27a9bb4f83325ee55e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-K_dxQMG31v5KKsnB7eYNTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://upfilesurls.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-K_dxQMG31v5KKsnB7eYNTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 12 Jun 2023 23:41:09 GMT
expires
Mon, 12 Jun 2023 23:41:09 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
_gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js
pagead2.googlesyndication.com/bg/ Frame BF5A 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/_gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fe02c6f5a37c72317bbd729b31e3b19ad08e8ccf0f22c2553f3417353d9d63b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 19:33:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
533276
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14773
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 05 Jun 2024 19:33:13 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7C37 		0
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7C37 		0
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=upfilesurls.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 23:41:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		72 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=689369084963190&correlator=2029041056097166&eid=31073560%2C31075061&output=ldjh&gdfp_req=1&vrg=202306060101&ptt=17&impl=fifs&iu_parts=44890869%3A22859910411%2Cca-pub-3831894559014614-tag%2C442c7285-9bff-4435-aac6-7d5249177d41&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=7&adks=1775280552&sfv=1-0-40&prev_scp=ti%3D909bab24-a290-4af4-85e9-f01ea4e8108f%26chrand%3Dy%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D78&eri=1&sc=1&cookie=ID%3D6012169f4df94c4a%3AT%3D1686613268%3ART%3D1686613268%3AS%3DALNI_Ma7971NMh0lqGnKeoeb6lFYs92WUw&gpic=UID%3D00000c2eda7d92c0%3AT%3D1686613268%3ART%3D1686613268%3AS%3DALNI_MY3E1Ls9vrjPJCeRdFCB-dTcLsHmw&abxe=1&dt=1686613269458&lmt=1686613269&dlt=1686613267984&idt=574&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fupfilesurls.com%2F9bKt1%23google_vignette&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=1363446078.1686613269&ga_sid=1686613269&ga_hid=857233731&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY8LDwj4sxSABSAghkEhkKCnB1YmNpZC5vcmcYnLLwj4sxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGPCw8I-LMUgAUgIIZBLWAQoIcnRiaG91c2USwAEydjhuYUFGZjJvekxoMm9zRWljNC8ybGNFK3VFYUFSS1RWWk1na3RlQUd0UFhTSS9QeGU5RUh3VjhXR2hEcnFLeXZSbTI5dUkwME1HWmxnYjNhN1VpTWorWHFhNVpMcFhpNDBENGI5cUFtMjYrcXo3dHRWVkxFSGxGQUJPcmJWUUpJUDhyU2E0dVpyYjRmNzVMWjk2Y3JuOHB2THBzUWVtY2pEMG85YTZmSDhjdVdYZzU1U1NCT0I3a01OWlVVMjcYxbbwj4sxSAASGQoKdWlkYXBpLmNvbRjwsPCPizFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGOm18I-LMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ad18b5b859fb7bcad33cc654cac5ca992407e1dcd89d95a8e3aacf1759450222
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 23:41:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15604
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://upfilesurls.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
62c2d0d2b6738ce73d21cf63dc9564ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E7F9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://62c2d0d2b6738ce73d21cf63dc9564ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://upfilesurls.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Jun 2023 23:41:08 GMT
expires
Tue, 11 Jun 2024 23:41:08 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/ 		0
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.7&b=2&r=upfilesurls.com_auto_interstitial_desktop&sy=a1b43bfd-6e4c-41c8-a137-f0ea23ad079b&ts=78&cd=2&pud=180&pus=c&pue=752&pid=20&pis=c&pie=842&ppd=124&pps=a&ppe=946&pcl=1012&ttc=1156&tti=2019&ttif=0&lca=946&lcak=ppe&lct=946&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=upfilesurls.com&mlre=undefined&mlin=1&mlsi=undefinedxundefined&mlbw=4g&mlcs=NaN&mltp=909bab24-a290-4af4-85e9-f01ea4e8108f&e=lm&dsReferer=dXBmaWxlc3VybHMuY29tLzliS3QxI2dvb2dsZV92aWduZXR0ZQ==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-nf-request-id
01H0WH535VZPRFR8SSXVB2WVS7
date
Mon, 12 Jun 2023 23:41:09 GMT
cf-cache-status
HIT
age
2027137
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"dfe0abe17839ba4f36623d3c9332b694-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7d65f1668da0928f-FRA
sodar
pagead2.googlesyndication.com/pagead/ Frame BDA1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306060101&jk=689369084963190&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers
css2
fonts.googleapis.com/ Frame E7F9 		4 KB
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 62c2d0d2b6738ce73d21cf63dc9564ef.safeframe.googlesyndication.com
URL: https://62c2d0d2b6738ce73d21cf63dc9564ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://62c2d0d2b6738ce73d21cf63dc9564ef.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 12 Jun 2023 23:41:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 12 Jun 2023 22:40:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Jun 2023 23:41:09 GMT
css
fonts.googleapis.com/ Frame 8748 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/9bKt1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://62c2d0d2b6738ce73d21cf63dc9564ef.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 12 Jun 2023 23:41:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 12 Jun 2023 22:57:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Jun 2023 23:41:09 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230608/r20110914/client/ Frame 8748 		2 KB
892 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230608/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/9bKt1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://62c2d0d2b6738ce73d21cf63dc9564ef.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 19:26:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
15290
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Jun 2023 19:26:19 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230608/r20110914/ Frame 8748 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230608/r20110914/abg_lite_fy2021.js
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/9bKt1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
499535f3eac5c43e736542cc65f763d3694486966ac359b6aa03416cb4f66b9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://62c2d0d2b6738ce73d21cf63dc9564ef.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 19:25:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
15368
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8791
x-xss-protection
0
server
cafe
etag
1771513136926955597
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Jun 2023 19:25:01 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 5BEA 		143 B
383 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/9bKt1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://62c2d0d2b6738ce73d21cf63dc9564ef.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2956
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Jun 2023 22:51:53 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230608/r20110914/client/ Frame 8748 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230608/r20110914/client/window_focus_fy2021.js
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/9bKt1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://62c2d0d2b6738ce73d21cf63dc9564ef.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 21:12:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
8893
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Jun 2023 21:12:56 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 637B 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/9bKt1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://62c2d0d2b6738ce73d21cf63dc9564ef.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
37217
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Jun 2023 13:20:52 GMT
etag
48472445140208031
expires
Tue, 13 Jun 2023 13:20:52 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230608/r20110914/client/ Frame 8748 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230608/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/9bKt1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f6a668741aaae51af53932f5546ed0ba37f4c96c432e47497fa57a020232e332
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://62c2d0d2b6738ce73d21cf63dc9564ef.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 19:27:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
15245
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7977
x-xss-protection
0
server
cafe
etag
11528802260939709675
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Jun 2023 19:27:04 GMT
l
www.google.com/ads/measurement/ Frame 8748 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRH_YwgyzTBcyLxUrs9VP1pSDlA3QSCU2o0e7Xy6JEZs1jl0dSTRt1n1OVrhFdioTMkow5sKIzEOi1yrqvsYmyU98eTIg
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/9bKt1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://62c2d0d2b6738ce73d21cf63dc9564ef.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8748 		176 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/9bKt1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b1e1bef92ba957c4648c2118de4eece20ffb8e58eedbb33bce5c2227b46e9ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://62c2d0d2b6738ce73d21cf63dc9564ef.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 23:41:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56133
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1686570138914868"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 12 Jun 2023 23:41:09 GMT
d955217a3c39fa1d48035534c1a62142.js
www.gstatic.com/mysidia/ Frame 8748 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/d955217a3c39fa1d48035534c1a62142.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/9bKt1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a3c8d1021bd2ee3bb73e29d8fdf79a184be2c6b5ef6ba41b0a6bd09519d0dfd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://62c2d0d2b6738ce73d21cf63dc9564ef.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 23:20:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1257
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13662
x-xss-protection
0
last-modified
Sat, 10 Jun 2023 13:19:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 10 Sep 2023 23:20:12 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230608/r20110914/elements/html/ Frame E7F9 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230608/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: 62c2d0d2b6738ce73d21cf63dc9564ef.safeframe.googlesyndication.com
URL: https://62c2d0d2b6738ce73d21cf63dc9564ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7d3e83bea7e4d2f70142c4a5bfd1fae5440ed074c6e9a1f93cccb58ee351f439
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://62c2d0d2b6738ce73d21cf63dc9564ef.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 19:35:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
14722
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8288
x-xss-protection
0
server
cafe
etag
14704779429207107205
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Jun 2023 19:35:47 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E7F9 		205 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: 62c2d0d2b6738ce73d21cf63dc9564ef.safeframe.googlesyndication.com
URL: https://62c2d0d2b6738ce73d21cf63dc9564ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://62c2d0d2b6738ce73d21cf63dc9564ef.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 15:28:56 GMT
x-content-type-options
nosniff
age
29533
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 11 Jun 2024 15:28:56 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E7F9 		604 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: 62c2d0d2b6738ce73d21cf63dc9564ef.safeframe.googlesyndication.com
URL: https://62c2d0d2b6738ce73d21cf63dc9564ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://62c2d0d2b6738ce73d21cf63dc9564ef.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 20:41:14 GMT
x-content-type-options
nosniff
age
10795
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 11 Jun 2024 20:41:14 GMT
pixel
cm.g.doubleclick.net/ Frame 637B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEP3WVeC3c_8OMSGfsueLSDQ&google_cver=1&google_push=ATf1kGN3SYDRD0CMM-_Qypsro-ZP7-EGJpgoLD8W43_VjGW_5sRwLaADBVLWOhAex9SG9DMSeiKds-3qIwT2nAPybtC9...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEP3WVeC3c_8OMSGfsueLSDQ&google_cver=1&google_push=ATf1kGN3SYDRD0CMM-_Qypsro-ZP7-EGJpgoLD8W43_VjGW_5sRwLaADBVLWOhAex9SG9DMSeiKds-3qIwT2nA...
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=8deb0eea-9d78-46a9-8133-a8e388aae723&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGN3SYDRD0CMM-_Qypsro-ZP7-EGJpgoLD8W43_VjGW_5sRwLaADBVLWOhAex9SG9DMSeiKds-3qIwT2nAPybtC9Dg3A873b&google_hm=ICspPG-gTu680tpaXvsrpw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGN3SYDRD0CMM-_Qypsro-ZP7-EGJpgoLD8W43_VjGW_5sRwLaADBVLWOhAex9SG9DMSeiKds-3qIwT2nAPybtC9Dg3A873b&google_hm=ICspPG-gTu680tpaXvsrpw==
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 23:41:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGN3SYDRD0CMM-_Qypsro-ZP7-EGJpgoLD8W43_VjGW_5sRwLaADBVLWOhAex9SG9DMSeiKds-3qIwT2nAPybtC9Dg3A873b&google_hm=ICspPG-gTu680tpaXvsrpw==
date
Mon, 12 Jun 2023 23:41:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame 637B
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELa_vQ9-HBlACf3KLCU0ZbQ&google_cver=1&google_push=ATf1kGM19EyvXuCBdqMjdAi0ZPbFHhQybEMxlyOecLiXT_1D5FhM3t8gI2fesp3nBpyyJ9oI1t3HsnuLZWbrdLHgHpNeDmB...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGM19EyvXuCBdqMjdAi0ZPbFHhQybEMxlyOecLiXT_1D5FhM3t8gI2fesp3nBpyyJ9oI1t3HsnuLZWbrdLHgHpNeDmB743iZ&google_hm=eS00MjRVM25ORTJwSFNnLn...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGM19EyvXuCBdqMjdAi0ZPbFHhQybEMxlyOecLiXT_1D5FhM3t8gI2fesp3nBpyyJ9oI1t3HsnuLZWbrdLHgHpNeDmB743iZ&google_hm=eS00MjRVM25ORTJwSFNnLnBNTXdjLm84UXRQV09JYWFfTX5B
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 23:41:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 12 Jun 2023 23:41:09 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGM19EyvXuCBdqMjdAi0ZPbFHhQybEMxlyOecLiXT_1D5FhM3t8gI2fesp3nBpyyJ9oI1t3HsnuLZWbrdLHgHpNeDmB743iZ&google_hm=eS00MjRVM25ORTJwSFNnLnBNTXdjLm84UXRQV09JYWFfTX5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 637B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJ8v0wiZ65oJUl02bjp5NLU&google_cver=1&google_push=ATf1kGPiiL7beWSZBUUyd6kKlpj4WMciq9fYDAV65y_BuQL3AEkYX38TKU7VL0cvYDpHqL951GD5ZxLb...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJ8v0wiZ65oJUl02bjp5NLU&google_cver=1&google_push=ATf1kGPiiL7beWSZBUUyd6kKlpj4WMciq9fYDAV65y_BuQL3AEkYX38TKU7VL0cvYDpHqL951GD...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjAwMTQzMzg5OTAyODg5NjQ5Nw&google_push=ATf1kGPiiL7beWSZBUUyd6kKlpj4WMciq9fYDAV65y_BuQL3AEkYX38TKU7VL0cvYDpHqL951GD5Zx...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjAwMTQzMzg5OTAyODg5NjQ5Nw&google_push=ATf1kGPiiL7beWSZBUUyd6kKlpj4WMciq9fYDAV65y_BuQL3AEkYX38TKU7VL0cvYDpHqL951GD5ZxLbDh_n6NC92CLpTEHbVu4
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 23:41:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Jun 2023 23:41:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjAwMTQzMzg5OTAyODg5NjQ5Nw&google_push=ATf1kGPiiL7beWSZBUUyd6kKlpj4WMciq9fYDAV65y_BuQL3AEkYX38TKU7VL0cvYDpHqL951GD5ZxLbDh_n6NC92CLpTEHbVu4
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dds
rtb.openx.net/sync/ Frame 637B 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEC7R0XYF3VHngvkYLxQ4YTI&google_cver=1&google_push=ATf1kGPh3cIkZCl8AL-iNof4g7Sl5Z6_pM8R9oQFRmnbhygn8slSEwaAivvKHNh60YM2C_JVx5GH6Y-wBQAuK9QxUH9shClY8xM
Requested by
Host: 62c2d0d2b6738ce73d21cf63dc9564ef.safeframe.googlesyndication.com
URL: https://62c2d0d2b6738ce73d21cf63dc9564ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 23:41:09 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
pixel
cm.g.doubleclick.net/ Frame 637B
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEN_WD-x60v7Ib7069fr-8PI&google_cver=1&google_push=ATf1kGOxirRtew7dFYyvGtOXfKBO6mpAS4b5m6BCgAh8uP5Wk1iePGE01-FNCROh6E44Pod_J3vxYQRJEM2eO...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEN_WD-x60v7Ib7069fr-8PI&google_push=ATf1kGOxirRtew7dFYyvGtOXfKBO6mpAS4b5m6BCgAh8uP5Wk1iePGE01-FNCROh6E44Pod_J3vxYQRJEM2eO...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ATf1kGOxirRtew7dFYyvGtOXfKBO6mpAS4b5m6BCgAh8uP5Wk1iePGE01-FNCROh6E44Pod_J3vxYQRJEM2eODuTOgnRi4TAgqcz&google_hm=d1p3bWRNeXQ0M1hFVzlo...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ATf1kGOxirRtew7dFYyvGtOXfKBO6mpAS4b5m6BCgAh8uP5Wk1iePGE01-FNCROh6E44Pod_J3vxYQRJEM2eODuTOgnRi4TAgqcz&google_hm=d1p3bWRNeXQ0M1hFVzloV0hpcXc=
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 23:41:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 12 Jun 2023 23:41:10 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ATf1kGOxirRtew7dFYyvGtOXfKBO6mpAS4b5m6BCgAh8uP5Wk1iePGE01-FNCROh6E44Pod_J3vxYQRJEM2eODuTOgnRi4TAgqcz&google_hm=d1p3bWRNeXQ0M1hFVzloV0hpcXc=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
236
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 637B
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENh00PxO5TS7qOUBD188QOY&google_cver=1&google_push=ATf1kGO6cvOglLASOTrePmiZO_p-hoZY8Ifss4IkNSOCKVEK_Y3YV99_bl5jWhHkQj18YYTFQpf...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElUSFpSVjMtTy1HWEVO&google_push=ATf1kGO6cvOglLASOTrePmiZO_p-hoZY8Ifss4IkNSOCKVEK_Y3YV99_bl5jWhHkQj18YYTFQpfFfgeutsH_tYY3yowxaalIt_Q
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElUSFpSVjMtTy1HWEVO&google_push=ATf1kGO6cvOglLASOTrePmiZO_p-hoZY8Ifss4IkNSOCKVEK_Y3YV99_bl5jWhHkQj18YYTFQpfFfgeutsH_tYY3yowxaalIt_Q
Requested by
Host: 62c2d0d2b6738ce73d21cf63dc9564ef.safeframe.googlesyndication.com
URL: https://62c2d0d2b6738ce73d21cf63dc9564ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 23:41:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElUSFpSVjMtTy1HWEVO&google_push=ATf1kGO6cvOglLASOTrePmiZO_p-hoZY8Ifss4IkNSOCKVEK_Y3YV99_bl5jWhHkQj18YYTFQpfFfgeutsH_tYY3yowxaalIt_Q
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
Expires
0
pixel
cm.g.doubleclick.net/ Frame 637B
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESELyjB5_ZL...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESELy...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=202b293c-6fa0-4eee-bcd2-da5a5efb2ba7&%%GOOGLE_PUSH_PAIR%%
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=202b293c-6fa0-4eee-bcd2-da5a5efb2ba7&%%GOOGLE_PUSH_PAIR%%
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 23:41:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=202b293c-6fa0-4eee-bcd2-da5a5efb2ba7&%%GOOGLE_PUSH_PAIR%%
date
Mon, 12 Jun 2023 23:41:09 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 637B 		0
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KmBjtENhPEKWWTs28jQ_hEnO8z7a_e0Ggv7BDtmLPrXGvg27bDgZ979sp4jdM_4-Okki_jng
Requested by
Host: 62c2d0d2b6738ce73d21cf63dc9564ef.safeframe.googlesyndication.com
URL: https://62c2d0d2b6738ce73d21cf63dc9564ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 23:41:09 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame 5BEA
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
307 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 62c2d0d2b6738ce73d21cf63dc9564ef.safeframe.googlesyndication.com
URL: https://62c2d0d2b6738ce73d21cf63dc9564ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Jun 2023 23:41:09 GMT
expires
Mon, 12 Jun 2023 23:41:09 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Jun 2023 23:41:09 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
_gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js
pagead2.googlesyndication.com/bg/ Frame 5E9B 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/_gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/9bKt1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fe02c6f5a37c72317bbd729b31e3b19ad08e8ccf0f22c2553f3417353d9d63b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://62c2d0d2b6738ce73d21cf63dc9564ef.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 19:33:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
533276
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14773
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 05 Jun 2024 19:33:13 GMT
generate_204
tpc.googlesyndication.com/ Frame BF5A 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?azKZjQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 23:41:09 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012305221508000/ Frame 228E 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305221508000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
209c55ae7959d440c2e815be93bdb70437bc0d10982d1d14c7f0aab93aebaa28
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 10 Jun 2023 11:57:54 GMT
age
214995
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61790
x-xss-protection
0
server
sffe
etag
"dc39a5ea8e84372b"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 09 Jun 2024 11:57:54 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012305221508000/v0/ Frame 228E 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305221508000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6851a08172611dee3087ed287fb22873c5697e163391ba4b0555e3d7982ca541
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 10 Jun 2023 05:03:11 GMT
age
239878
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5228
x-xss-protection
0
server
sffe
etag
"68ea093d80ab2def"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 09 Jun 2024 05:03:11 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012305221508000/v0/ Frame 228E 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305221508000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca10977700b1bc7b44bfe44bbfc1e134c13cc993d5e59c4bca6de5f7370c1827
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 10 Jun 2023 10:13:15 GMT
age
221274
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28884
x-xss-protection
0
server
sffe
etag
"52a0fa5b1f73dc96"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 09 Jun 2024 10:13:15 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012305221508000/v0/ Frame 228E 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305221508000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b94ab7d03297a9036dc60e17afc685bd191904db7c25e1c4d92f0f1a84f546c2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 10 Jun 2023 06:17:42 GMT
age
235407
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1912
x-xss-protection
0
server
sffe
etag
"64a18d292337e38c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 09 Jun 2024 06:17:42 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012305221508000/v0/ Frame 228E 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305221508000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9fe801269d9ef99d44e6aa9d17ef66db64d1b983d0116c8e142faa8f9da3424d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 10 Jun 2023 00:34:48 GMT
age
255981
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12949
x-xss-protection
0
server
sffe
etag
"4886bdcdd7fc48e5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 09 Jun 2024 00:34:48 GMT
css
fonts.googleapis.com/ Frame 228E 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 12 Jun 2023 23:41:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 12 Jun 2023 22:52:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Jun 2023 23:41:09 GMT
en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 228E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/9bKt1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 16:41:05 GMT
x-content-type-options
nosniff
server
cafe
age
25204
etag
11660698925711390587
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2471
x-xss-protection
0
expires
Tue, 13 Jun 2023 16:41:05 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 228E 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/9bKt1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 10:36:44 GMT
x-content-type-options
nosniff
server
cafe
age
47065
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Tue, 13 Jun 2023 10:36:44 GMT
l
www.google.com/ads/measurement/ Frame 228E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQN2-UtjV6q0QTfBrIoTky3F_drzy02nIMy_rJuRT5mK4N5TDHn0dgN0_sXyBjvwmvyuwheUdL-ode69pUj5E6aSyiocg
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/9bKt1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 228E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CXafdFa2HZOjEHsKD7gPS36ywA-eS9_twxJ-ZpoMRqqDyqdM8EAEglZvKIWCV-peCrAegAdOx-cgDyAEBqQIZAX1J_QqyPuACAKgDAaoEiQJP0P__JzkT8-b78lOpzU_FDA3zhB1PYEfYfPX82OVE5dNWGaBhyUfxHcrxcWaCulEz-jvPSFpp3Iixyarce8eAlH_TJTymvonETIPY6GcoM2C83CToCnsmcQx4pplXWwTdHy8Y6MC2W0Gmiz3I2iKSdggu1aSZRocOrfxfKnaSrPVNIvXmm1W5NW5Q320UqMd3m4Wk4BXS7cyx1-YQYsMq2wwpcfqHNxVRZlCU8iTK6xcPDKuUc8QImrSgDODO-WqwyW3NRQNzROXwhjKiiqzjRLqy7r6b8nWwj8ZQMDNb0vavQlfELEBCTkk-r8eKAAaU4X7IpCQtzZwH5fGfkUseWGhD28cKrfACwAT9p9a9nwTgBAGSBQQIBBgBkgUECAUYBIAH1pPlOKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEELyDB9IIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgPICwHYEwqIFAHQFQGAFwGyFx4KHAgAEhRwdWItNzUwNzQzOTIzMzg2NTQxNRj9-RM&sigh=rhT4cBt1XoY&uach_m=[UACH]&cid=CAQSOwBygQiD3RRC2S7Nh3aDoZ4wZSP_utZf-mRU0ddVM9rRlM9Hr4ZfUXWREFi-NWliaYOCbqY7r7yo2M6tGAE&template_id=5001
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/9bKt1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers
e.js
live.demand.supply/e/ 		0
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=upfilesurls.com_auto_728x90_sticky_display_bottom&pn=2&sn=3&pc=0.2180137753486633&ds=true&e=wdp&dsReferer=dXBmaWxlc3VybHMuY29tLzliS3QxI2dvb2dsZV92aWduZXR0ZQ==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-nf-request-id
01H0WH535VZPRFR8SSXVB2WVS7
date
Mon, 12 Jun 2023 23:41:09 GMT
cf-cache-status
HIT
age
2027137
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"dfe0abe17839ba4f36623d3c9332b694-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7d65f1684e6a928f-FRA
truncated
/ 		182 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		834 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/svg+xml
e.js
live.demand.supply/e/ 		0
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=3&r=upfilesurls.com_auto_728x90_sticky_display_bottom&sy=a1b43bfd-6e4c-41c8-a137-f0ea23ad079b&ts=78&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=upfilesurls.com&mlre=undefined&mlin=0&mlsi=728x90&mlbw=4g&mlcs=NaN&mltp=909bab24-a290-4af4-85e9-f01ea4e8108f&e=lm&dsReferer=dXBmaWxlc3VybHMuY29tLzliS3QxI2dvb2dsZV92aWduZXR0ZQ==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-nf-request-id
01H0WH535VZPRFR8SSXVB2WVS7
date
Mon, 12 Jun 2023 23:41:09 GMT
cf-cache-status
HIT
age
2027137
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"dfe0abe17839ba4f36623d3c9332b694-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7d65f1685e6d928f-FRA
14763004658117789537
tpc.googlesyndication.com/simgad/14640235740222329005/ Frame 228E 		792 B
819 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14640235740222329005/14763004658117789537?w=100&h=100
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/9bKt1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7383da9d3d424acb1185b5503314d53f147c7d32ea183b28cf1f1a9d1a9c93f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 18:52:55 GMT
x-content-type-options
nosniff
age
190094
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
792
x-xss-protection
0
last-modified
Tue, 07 Feb 2023 14:10:00 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 09 Jun 2024 18:52:55 GMT
truncated
/ Frame 228E 		161 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 228E 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
76627360600d53a83ce8fbb1e0367a00e8ce88501974a96410f36c0577335548

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 228E 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://upfilesurls.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 19:09:17 GMT
x-content-type-options
nosniff
age
534712
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Jun 2024 19:09:17 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 228E
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Protocol
H3
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Redirect headers

date
Mon, 12 Jun 2023 23:41:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 228E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012305221508000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 16:41:05 GMT
x-content-type-options
nosniff
server
cafe
age
25205
etag
11660698925711390587
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2471
x-xss-protection
0
expires
Tue, 13 Jun 2023 16:41:05 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 228E 		295 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012305221508000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 10:36:44 GMT
x-content-type-options
nosniff
server
cafe
age
47066
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Tue, 13 Jun 2023 10:36:44 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B76D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv5TlWJ6tWQeGxogScXd97COzMNJZ67yQVMNZNJZhcmiWXAt2zkqTgV0yUdUiV62jXlzZNLeejmqYhpcscTV_qoATbwbu5EP-lh5reNQ_bjnlLkGgrR&sig=Cg0ArKJSzDIfxrQ8ODp6EAE&id=lidar2&mcvt=1001&p=595,650,845,950&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230612&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3273233668&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686613269115&rpt=157&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 23:41:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306060101&jk=689369084963190&bg=!1dal1oLNAAaGYqkwpmI7ADkAdvg8WoKxBb8Ve9HXhaV6Lqyaz91HDePidLT9CD9x5bSxhq8CGFclyx0f8mtoerVFtOtVWtB648YCAAABcFIAAAACaAEHmQLRikhLa6SFpH8Xfl39C-FBgT_ESJfNXuZtUj0AP_Y30sWf5wGl6IjQxCZ3zFcw1c3h26iJqvyClVyJQ50jsT-6ezqnECNK2funZRHPWOcz0L2UQ5uAQzUxNO-QLj0gK6V0WN4mxmLpk5--_IMncoak41KanTqdCJQ0v0_Fhq_eRPIFYelPsCUlt_aVLapgQEqofXov0XNg5Nyx81vWPcrP49N54dsL53ZbqC61ngJziCZKPcP53qC8jGRhbaED4iXdesZdfdwpSa67JcAmO-VmgzJv-q7fexx58Lic8QIYzP5lHtQPJADkPaFKvGTVXSX0zKK4N06FUbwB_xQV4ccgjSYg0z1KkqIGRmiYZwkZKwRm3RBb0NAhvUwWzETwKkI5DubcSNmXe20aZCo3JaEDAgf3ZuHRms57p5SF81OCdJ0TzTTwoRgNFiCyuEEy39RLNtM6Y8jDSebnnmO6qGnz0kxQ4vf7wWqDvqtnL9SOY2lutR8JQ2iAhexBw2ucipInWHdHqfonlFrlvhSHNQRvvYI1BoT7VUxNdFit_u2mqI_mT6omS8K2sJhlKURGLPo2UlL_6aK4s3WHbBfdlTACZmmkOQ27ivFxq5zEXC8oLjmv0GlGfWvDWMqBHFE-WMblwWkyC-XZFE7iQd7pbjutqDQDl5SxcMF85HTE5M4YIoyEG4IgazGz9eUP7NXdsVtIeC_YFCEhByWMhKe1qnD9vEBAdL41L8fbAIgfClGTfeVwuiy0hWA5TF-tyK32nrg1kYlKwtlBmPgAIkrkp-LuwkXho3ZEIst52SjSj0quhZGwdrcANSK3CJFCbYQqHs0S-Vx5JAJDhAy0NofuJJ2JvcXZWrl4WtcXds0Wbk8UXJXQCG4ExIpPO_IBOd1bhBXZmkvHsPWqtoumjmp0yY1NPr_yI8mNGUXpFzDmGIao25Rq9lvGL442gxrSvDZiQzXAJQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 228E 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvydWCJGkoZh6FZ5ob19YD1Wx1EgFrRIbyObgH0kHm03UAC_EGwRz9lB8VNssaZp_RFkUVBKUwtwL3xsY_f8KX8XVn61xfyMUiPCUhULqEEqi3srr4RaltVf8E5Lwfgpul_b5rwKJMkXkWS&sai=AMfl-YQvR3_OTjUIMnNkDSnuB5ihPDzJhyTMlHBQWD-n8WEkbGXhqjZ3JTOW0vj_Et8nsB5k4qQa9WtP92cgBKZ1yd8JKhX3u_eleq_UJZFwb1qROBfQm1Ba2NYqLgY&sig=Cg0ArKJSzF0nZMHsMo2LEAE&cid=CAQSOwBygQiD3RRC2S7Nh3aDoZ4wZSP_utZf-mRU0ddVM9rRlM9Hr4ZfUXWREFi-NWliaYOCbqY7r7yo2M6tGAE&id=ampim&o=436,1110&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=295&tls=1295&g=100&h=100&tt=1295&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 23:41:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv23xyZrIOKxPJLoQ1OR8VQA5tUKpAsJw7lFmhKefZcN0aSjiVeDAto3KSSVP36CmlC-c010ZDMBU9qHHI1pOKCFZxu3OK4IL2JVqHKzWxXCnZ52KJ9NsNJcNvSn5OuM_F_Hr8sZk8icfDNKSzzCUxRgdyilMg2WoytBNynKM4-1XLLhkt-rDFgCPOi0i67QeeeGmDrIw6BH6k83GYrMphf42tMsFi8bPC7SQxmOrnEgEpimnMmtuxqq-9YAjcaa4I_AltePR7Z-uAJo2kDdRIGci8eN7n4iogjDZEIDDS0VfzKbuCxivsUXLwktmHO3MTYlfUjiwI4hdOiwP8MQgnhbvTDY8ajAZwJntEmgOM5a0hh_et26UZioLsO67wH9Z7wx8eX--FjT2E5Iw&sai=AMfl-YSibi7NA7-NW9jlEzju5Yn7YiAdlN046rvZ3_3EfuRhr6b2cdSOmhqCZs77U_JrQBcik0E9XxR-Ha7yS9z2i9w1COI9_GLBsyqzvjkmTUFx6sfU5WqijySDm2soPw&sig=Cg0ArKJSzAg0X5afKv0BEAE&uach_m=[UACH]&urlfix=1&adurl=
Domain
www.googletagservices.com
URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Verdicts & Comments Add Verdict or Comment

215 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 boolean| credentialless object| onbeforetoggle object| onscrollend object| stcih function| _0x3609 function| _0x22ec92 function| _0x2d6c object| __ds3dcV__ number| LAST_CORRECT_EVENT_TIME object| utr_978153 number| userTrackingInterval number| _3370463906 object| utr_974624 number| _1448712443 function| s3ii function| P7Q boolean| DEBUG_MODE boolean| ENABLE_LOGS boolean| ENABLE_ONLINE_DEBUGGER boolean| SUPPORT_IE8 boolean| MOBILE_VERSION boolean| EXTERNAL_POLYFILL boolean| SEND_PIXELS boolean| IS_POP_COIN boolean| PIXEL_LOG_LEVEL_INFO boolean| PIXEL_LOG_LEVEL_DEBUG boolean| PIXEL_LOG_LEVEL_WARNING boolean| PIXEL_LOG_LEVEL_ERROR boolean| PIXEL_LOG_LEVEL_METRICS function| G2tt object| googletag object| app_vars function| a3_0x44ef function| a3_0x7c7f function| a0_0x4928 function| a0_0x22f5 object| webpackChunk function| jQuery function| $ number| uidEvent function| Dropzone function| onloadRecaptchaCallback function| onloadHCaptchaCallback string| demandSupplySc string| demandSupplyCr number| demandSupplySr object| houseAdCampaigns string| demandSupplyTi object| demandSupplyTc object| demandSupplyTcI number| demandSupplyPDI number| demandSupplyDFSS number| demandSupplyCRR object| demandSupply object| ggeac object| google_tag_data object| google_js_reporting_queue function| gtag object| dataLayer object| google_tag_manager string| GoogleAnalyticsObject function| ga object| Gg object| dspbjs object| _app object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client undefined| google_measure_js_timing function| processGoogleToken object| googleToken object| googleIMState number| google_unique_id object| gaGlobal string| demandSupplyFS object| google_reactive_ads_global_state object| pbjs function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_na object| sync16589_wa object| sync16589_xa function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_K function| sync16589_L function| sync16589_M function| sync16589_J function| sync16589_la function| sync16589_ma function| sync16589_N function| sync16589_O function| sync16589_oa function| sync16589_P function| sync16589_pa function| sync16589_qa function| sync16589_ra function| sync16589_Q function| sync16589_sa function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_R function| sync16589_S function| sync16589_ya function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_za function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Da function| sync16589_Aa function| sync16589_1 function| sync16589_Ca function| sync16589_Ba function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Fa function| sync16589_Ga function| sync16589_Ia function| sync16589_Ea function| sync16589_7 function| sync16589_Ha function| sync16589_Ka function| sync16589_Ja function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_La function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_$ function| sync16589_Pa function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa object| lotame_sync_16589 object| gaplugins object| gaData object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_137 object| Criteo object| Criteo_identitytag_137 object| __uid2SecureSignalProvider object| __uid2 number| iinf object| recaptcha object| signal_decrypted function| setImmediate function| clearImmediate object| GoogleGcLKhOms object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| google_image_requests

29 Cookies

Domain/Path Name / Value
upfiles.com/ Name: XSRF-TOKEN
Value: eyJpdiI6InQ5Tjh2MjM3SnR4cWh3Z3M4SG5qcWc9PSIsInZhbHVlIjoiRGhzdytZRlpHMXJoNGRJZ0laaDhLOVAvZ0pmK0FUaHU3RHYvbDRjZ01NRUU5TkZhcVV5dkw2ODV2QUJCbG8zVnQ0UGtQWmphS3pHc3dDZE9hTXRZL1JKRUVSU2FmcGsrbUsrRHEvdG9UamRCa1hFYlk5TytjMXZhVUorM2QwYkciLCJtYWMiOiIxMDJiYWZkYTY2YTA5NDMxYzgwMjM1MzlmOWJmMzYxYWU1MGExMGRkODY0M2ZkYTNiNmNiZGViNWY0MzE1ZWVlIiwidGFnIjoiIn0%3D
upfiles.com/ Name: upfiles_session
Value: eyJpdiI6IlZBd2lvbU9la2RUR0tJTDNyZU9xTkE9PSIsInZhbHVlIjoiMUtVYi9YellUNWVkRkxmNExhc2J4RWJoUDVtcDhhaEp2d1RjdzlzQmp6aFBJUyt2dWlMcVVhblQxSVRqTVRWZnVlMU8yRUpLVEFCY0swcHBxK0RCRjFQQ1AvZFd0TnUwZktxNXk5Y2Njc0dPUEVOdXJjRi9ZTTNFNndURk1PRVkiLCJtYWMiOiI0ZWQ0MTdhYTRjMWE0NDcwYTY1OTgyOTdhNTg0ZDI4NDIyNzI5MzRmYzdmNjQzZThiZDY1ZmEzZTJmNTMzNjFlIiwidGFnIjoiIn0%3D
upfilesurls.com/ Name: auth
Value: eyJpdiI6IjJlNmZUdjVMVzJYWkNBZVJoSEpVUHc9PSIsInZhbHVlIjoiT3M4WUlLam1BdHZSYTVkZU5uV294Zz09IiwibWFjIjoiZmVmNGY5ZTZlZDBjZDA0MjIyOWQ2YjBlYjEyYzgwNjdhZTE1ZmY2ZmNlOTYzYzkwM2M0Y2YxNDQ3ODhkMTE2MyIsInRhZyI6IiJ9
upfilesurls.com/ Name: XSRF-TOKEN
Value: eyJpdiI6InlFU1UyTUptVEVuQTZtUEZ1bDIwWnc9PSIsInZhbHVlIjoiaGp4Z0JVQWtidmw5bU5vdCtxdFFUdVU3cFlmVnVRd0VGakpWb2FqeGl1MnZSVkZrdlhyNWpVTVloamg4QTV5Mld2ZWN0aXgyQ001TVlYTkt5V1lsdGFveG9XSmMwWkszaHdVRE1uckdHakhzU2JnSzJLNGs2ZjVoZTdPdU1QMEYiLCJtYWMiOiI4ZDJiMzI4MzA3ZTdmZTFkOTM2MGExNWFjZGRhN2JhZDY3ZjA0MTZjYzUyNzdlMzEyODhmZjFhNjIyODE2MGRmIiwidGFnIjoiIn0%3D
upfilesurls.com/ Name: upfiles_session
Value: eyJpdiI6IlFpQUxDWHBQeEIzOFFLNXBDRjI2VWc9PSIsInZhbHVlIjoialRjOGdsclVTM2NuS3pkOVRBNGRubGcrMTJ4a1UrZzFMSnRCZzRyVkg1Ny9uTW5zTFg0ZlFDWnNxUElNK05pU3VlalFwV0l4bjVJMVNGb21mTjlWOVdtRFNWT1EvK0NsM3pHV3hUR0J2OS9YTjJvQmplWEFUa25vdko5OVRHWUUiLCJtYWMiOiIyYTc0MmVjNDg4NDNkZDdlNDJhODYzZDUzMjBkOTU1YmYzY2UyYzA4MzgyNmZiYWViY2NiOTE5M2NhMDJiOGNmIiwidGFnIjoiIn0%3D
live.demand.supply/ Name: demandSupplyTi
Value: 909bab24-a290-4af4-85e9-f01ea4e8108f
.demand.supply/ Name: __cf_bm
Value: qSTXbYXlCk6i5m.27wFO34HamvIaIuqD6tNKpKb3i8c-1686613268-0-AamcNEzZgcVJODrm42NaDlrJXvu51WdGyfl5yMralvgt7eOKYhyMPcYjVkGWm3hxlJSXdXhMHEkPHcho8aWGwQc=
cschyogh.com/ Name: GL_UI4
Value: eJw9jd1OhDAYRGH5W3VBJ%2BEBfIRWMexeGh9iL0lpP9i60G5Khfj2NiZ6NSeTM5koinb1I%2BI1T5F8iTc8n46sHSSR5JI1x%2BG1bXh%2FemHEBGvaZmhxp5fOi34in2K%2FzML5zq8pDiMZclp20ioq8RSsv%2BZq7GZSZL0TRpXI5mBMJYre2W0hVydIjZgJ%2BcfF2ZDZLD6tQ8J5E1ibwDHDzi51Ut2jOGujwrA6YMdZVeURHm6T8IN1c6dVHiMbnVCE%2BB17KTyN1n2jULRcvb0BdlLdv%2F%2F7m2ycIVe0ahnOrb%2BQ%2BwENTE4o
cschyogh.com/ Name: GL_GI10
Value: eJxljN1Kw0AUhNONXS1KdKAPkBewUHtjr01qL%2FQZlkN6UhbZH3ZPxfTp27QgglczzMw3RVGoeQVlI6rl6nWxXK8Xo6xeUO45QDUtHrpw8JIG48kxbt85OfIDdOK9DR5q2%2BL%2B6k0Xdoxp0z7%2FyS7UdMs5M246KwOwSeS%2F%2BkOSmlz9SdZjNhZXfH7G%2Fw9KmyOeGhLqyMX6wzorvMPMs5gcebRvIcWQSBjVb3q51CXubDYxhZ9BT%2FAo1vExeDah7zOLVph86%2FIE12BQnw%3D%3D
pogothere.xyz/ Name: csu
Value: 827970448576538@1@1686613268
upfilesurls.com/ Name: ab
Value: 2
.upfilesurls.com/ Name: _ga
Value: GA1.2.1363446078.1686613269
.upfilesurls.com/ Name: _gid
Value: GA1.2.542899182.1686613269
.upfilesurls.com/ Name: _gat_gtag_UA_197252557_1
Value: 1
.criteo.com/ Name: uid
Value: a4e46a62-94f2-42e5-9920-cb8948ad676f
.upfilesurls.com/ Name: __cf_bm
Value: SeNtFBBsJnWYmDvwB0c_rrPLa5eLgZjs_..zZoR1Lu0-1686613269-0-ATOXPbnts60TnD7JVHSZpldpGqMViA7CzX09ZYYUiUK2AI1wExBm5p0Sur9W3VHHuQ==
.upfilesurls.com/ Name: cto_bundle
Value: Iqv_hl9pNG9DNzJOMEdQZ01aZGxZNTRpc0JrR1hGS3V2Q0pPc1UxQjc4TWMlMkJQOFJzbnNQRjdkcHhVc3NiJTJCbVByenhSMjRtclZxYmJKNkp2SjBkbjJNbzlHUTdzdjhoWiUyQmZJY0ZMcW9jYnpycEg1aHdOdDlEbVFCZ05TTyUyRktBYkFBdXRjTXM0SlBxdnZqWkxIZDJGb0UlMkYxdHZnJTNEJTNE
.upfilesurls.com/ Name: __gads
Value: ID=6012169f4df94c4a:T=1686613268:RT=1686613268:S=ALNI_Ma7971NMh0lqGnKeoeb6lFYs92WUw
.upfilesurls.com/ Name: __gpi
Value: UID=00000c2eda7d92c0:T=1686613268:RT=1686613268:S=ALNI_MY3E1Ls9vrjPJCeRdFCB-dTcLsHmw
.doubleclick.net/ Name: IDE
Value: AHWqTUlXgTVPLZkTn0X6-5DhDvUO-JT9U5kKjWUV2wRfXQQGIgWpmokAxeK_uc1k4es
.bidswitch.net/ Name: c
Value: 1686613269
.bidswitch.net/ Name: tuuid_lu
Value: 1686613269
.bidswitch.net/ Name: tuuid
Value: 202b293c-6fa0-4eee-bcd2-da5a5efb2ba7
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 2001433899028896497
.doubleclick.net/ Name: DSID
Value: NO_DATA
.yahoo.com/ Name: A3
Value: d=AQABBBWth2QCEP29gVZkThw2smxkSZph4vYFEgEBAQH-iGSRZAAAAAAA_eMAAA&S=AQAAAjmNvdJViQRGhc_LvAh6MF4
ads.avct.cloud/ Name: uuid
Value: 8deb0eea-9d78-46a9-8133-a8e388aae723
.zemanta.com/ Name: zuid
Value: wZwmdMyt43XEW9hWHiqw

3 Console Messages

Source Level URL
Text
network error URL: https://accounts.google.com/v3/signin/identifier?dsh=S654389273%3A1686613268496488&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&ffgf=1&hl=en&ifkv=Af_xneHUAw6WaLZNB2QBbkJc8I3Ya1TNLVV8Fv_nmeWm1UNtvz1XRZdhBiwJ3C4JTaCkZ_zSPuiv3g&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://accounts.google.com/v3/signin/identifier?dsh=S34184187%3A1686613268537837&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&ffgf=1&hl=en&ifkv=Af_xneE-pWQYyBtUQNmxcDaMuW20znOa9q5v2-3LQl655rHlZJE8JAqTILe3XBUC4XCWwVGmTsaIEw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript warning URL: https://upfilesurls.com/9bKt1#google_vignette
Message:
The resource https://live.demand.supply/p4/v16-10-0/dXBmaWxlc3VybHMuY29tLw== was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

62c2d0d2b6738ce73d21cf63dc9564ef.safeframe.googlesyndication.com
accounts.google.com
ads.avct.cloud
adservice.google.com
apptquitesouse.com
appyrinceas.com
b1sync.zemanta.com
bcp.crwdcntrl.net
c1.adform.net
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdntechone.com
cm.g.doubleclick.net
cschyogh.com
d18kg2zy9x3t96.cloudfront.net
datatechone.com
esp.rtbhouse.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
id5-sync.com
invstatic101.creativecdn.com
live.demand.supply
mug.criteo.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pogothere.xyz
pr-bh.ybp.yahoo.com
rtb.openx.net
securepubads.g.doubleclick.net
static.criteo.net
tags.crwdcntrl.net
tpc.googlesyndication.com
upfiles.com
upfilesurls.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.recaptcha.net
x.bidswitch.net
securepubads.g.doubleclick.net
www.googletagservices.com
141.95.33.111
142.250.186.34
142.91.159.193
172.64.132.29
178.250.7.13
18.156.189.239
188.114.96.3
2600:9000:2250:c400:a:e047:753:be1
2600:9000:2491:3e00:0:2146:f680:21
2606:4700:10::6816:3456
2606:4700:20::681a:98a
2606:4700:3031::6815:480c
2606:4700::6810:8516
2a00:1450:4001:801::200d
2a00:1450:4001:806::2008
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::2004
2a00:1450:4001:829::200a
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2001
2a02:2638:3::c
2a02:2638:d::2
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42::485
2a05:d018:d29:3601:6b04:f2d6:9b64:eb08
2a06:98c1:3120::3
34.96.70.87
35.190.39.111
35.227.252.103
37.157.5.133
37.48.68.71
46.137.8.33
52.222.214.78
52.31.121.178
65.9.66.97
69.173.144.139
70.42.32.191
082fe63d178cb8ecd1c5a9f5afbd5593bf8bf834b6c8fb394ac4ee72dfcf0afd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c384e9f5a0511e6e45bbaf26eba3f51edf331b05e20efa57f243d87ad4c452e
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528
138989ef63f4ca5eb8c68c87824044179310cc971d69fdc1e7ef8832feecdff7
17e049f64e3dea79709c28dc793b77b590002deb3ce42a2121ec45482e07e2ac
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19a6cffaedba4c37a8496453cd0e93486f28d8cbf9ae4f5c7c5c2f8eee394814
1cd346a480fc74804c7542d24beb6d2150d6f2fb777191119e83264208378c53
209c55ae7959d440c2e815be93bdb70437bc0d10982d1d14c7f0aab93aebaa28
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9
2c305b3ee8a96d29c17277f9e953b4b8304f7906bdeae18cac0a713af81c4d10
2cce2f4c7871e31519b2661174065cefa29c7f7186133834e72ccaf3e58d09a1
2cd93801a077ae328be264fe3137664a53862ec8decb48f2119b3c2a98516fde
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33613d442dd3f6abef01c9bee884b9aa828f42820ee62da8b86ad5a9ea7f58f2
3a6496c9ba51de9268160abd403069b72cbf8a70bec8c61f3df9f0fd119aa953
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b
3d3e6705b468cecdd78fb9a1ee6688d60e1d2c1caa0db7baa88db460315dccea
42015a382f14a8c92ca438f56737976268aad88736b92a27a9bb4f83325ee55e
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
456e420aecd5ac679cc2bcb33daf7c063f54894fd076e99e05c06629234d3378
467d23dee5e3ba7f6eeac766fb074fe5e014fec821ce6b6c6cfac4426c8707c5
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb
499535f3eac5c43e736542cc65f763d3694486966ac359b6aa03416cb4f66b9e
4b1e1bef92ba957c4648c2118de4eece20ffb8e58eedbb33bce5c2227b46e9ee
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f63a94e50059daa2803e847b810fddb947850dc0dfb57cf587ff7f4fab936fb
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59b7ad6d6f457b624e25d22959edc7c83af2ac52edba32fd6648c97af0d1780c
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e237aaf5551dad3a82d52c2b60ce5e1e32fb492ea077d0a2d91435794ad519f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61f7d9eaabbfde4b1fe0a802ca35b9bc8ce06e6d585a0a10071c155c6bcab518
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6739a8422451bb01cddb0269107622fa0d2514a39b224090b7bf7b53693c6ec9
67e8970716778d87e9cdd2c6a8ed4fb82a56dadcc9919a8eee9764e2eb4d70f0
6851a08172611dee3087ed287fb22873c5697e163391ba4b0555e3d7982ca541
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ee1a533c7f269fe4121072da18e31aac09284b364d94880b92cbee0cbb9f5bb
76627360600d53a83ce8fbb1e0367a00e8ce88501974a96410f36c0577335548
786a1d8605367fdb66af7a7126d90aefe502de062fb3ff0148e1ee9ce24dfc3c
78f0fc1c8498a0186558d3af62cf2ed9304f80684100a3d124c300d2b660c4e5
7d3e83bea7e4d2f70142c4a5bfd1fae5440ed074c6e9a1f93cccb58ee351f439
7e57a94332f82391e3ce041b8e8331ebf03e0495435cc608da7e367be6da9855
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
804843654e5f28ba5c8567951567a10b4b5e04b3b33386a122b32c358abc0bc9
80970a4284697eaddc81a0900a3d905cfdfffd20c417ecbd3b25c8f95d06767b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259
9574e33ca3d915450762cdfd50d7cd15e9d739906c3fd50cd68311d0cff1b59d
95ac0261ac793f12426f513852780977bd0cf558e29fec5ab00c773a133f58d8
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
99cf522e069b581928ad7206c5634ee99579ae6902075e99259736520893b146
9a717285429d468fadc4d25179fc6feb49e6335f3af1675fb6be1cb50e7e8322
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ab38cf2e016d9820ffdb2b9d2f600b268d7b60d60aa0061e83aedc825ea6670
9fe801269d9ef99d44e6aa9d17ef66db64d1b983d0116c8e142faa8f9da3424d
a3c8d1021bd2ee3bb73e29d8fdf79a184be2c6b5ef6ba41b0a6bd09519d0dfd3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ad18b5b859fb7bcad33cc654cac5ca992407e1dcd89d95a8e3aacf1759450222
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b41fad974758598e9237819bf1f0da1a0110de7a4b0144b38ca7b159eef04348
b94ab7d03297a9036dc60e17afc685bd191904db7c25e1c4d92f0f1a84f546c2
bce03d0908d778d3f9f719737780321e23acda2efe4f0eb880c86b2b26e61265
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
c06fd5005ee74dbe2f01a6206b78bbd02514e97996853ced2fd1f89c02034ab0
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c17630a89e863595aab41b81762f665ac9fc938b7717b2bf293794b2a303b5e1
c6df03d6bd1a8ca1ce49d6b92d5fd80d5c1358191040696703718ce2054b1b2b
ca10977700b1bc7b44bfe44bbfc1e134c13cc993d5e59c4bca6de5f7370c1827
cd4af511735ec6f0c8e178bfb84c383167eb4fb34f0a99f3bd53bc8bc50aabf4
cea79cbcc09eac1a61250d33ad406ef05353595f265fce43dabc4d7b1bf08b15
d454583aa343d4c8aa4e42c0876b20e60c20c0b89284e4ef0c662d0426c18254
d526da1f4d4af45cefd2a0d140abec2beddc3150d13c47d3de893eaa278a369d
db42aaa59cf24d641a6b6ceec30dc201fcd077cc224ac04865f1d9597fb6bc2b
dfc9f1055f696637e8beedf56d6a4fcfd1189acbee659ba21f8cb5dc18ee9a7f
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
e1ad708a5b6bbf41a0b6a91fdd7a4f80fba69d1779497f5fd642154d1e819bad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51161fcc5b2c4b90c3381e517152eb275d52a6c288954e502479d7421386240
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e87e0991dcfaa2c7b015d284d8b5d872363eb52af458b63c8449351b4b24612f
eda0b54603aae268407b3b35ddda6fc094d8de73f3772f4cf9cf2583522be3ed
ee084d92251eabb725ffa15015355fe742f36bf1be5552bae06312e40ebf70ad
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6a668741aaae51af53932f5546ed0ba37f4c96c432e47497fa57a020232e332
f7383da9d3d424acb1185b5503314d53f147c7d32ea183b28cf1f1a9d1a9c93f
fe02c6f5a37c72317bbd729b31e3b19ad08e8ccf0f22c2553f3417353d9d63b1