urlscan.io logo urlscan.io
SecurityTrails logo

upfilesurls.com Open in urlscan Pro
2606:4700:3033::6815:3788  Public Scan

Go To Rescan Add Verdict Report
URL: https://upfilesurls.com/5Lvw5K
Submission: On January 17 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 3 countries across 18 domains to perform 55 HTTP transactions. The main IP is 2606:4700:3033::6815:3788, located in United States and belongs to CLOUDFLARENET, US. The main domain is upfilesurls.com. The Cisco Umbrella rank of the primary domain is 864412.
TLS certificate: Issued by GTS CA 1P5 on November 20th 2023. Valid for: 3 months.
This is the only time upfilesurls.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

14    2606:4700:3033::6815:3788 (United States)

ASN13335 (CLOUDFLARENET, US)
upfilesurls.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
upfiles.com
1    23.109.170.33 (Netherlands)

ASN7979 (SERVERS-COM, US)
cschyogh.com
4    2600:9000:236e:5400:0:5625:cd80:21 (United States)

ASN16509 (AMAZON-02, US)
dv663fc06d35i.cloudfront.net
2    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6810:8516 (United States)

ASN13335 (CLOUDFLARENET, US)
live.demand.supply
6    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    172.64.201.15 (United States)

ASN13335 (CLOUDFLARENET, US)
pogothere.xyz
4    143.204.215.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-17.fra53.r.cloudfront.net
mcurrentlysea.info
4    172.67.218.105 (United States)

ASN13335 (CLOUDFLARENET, US)
esmyinteuk.info
1    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
6    2a00:1450:4013:c00::54 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
accounts.google.com
2    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.recaptcha.net
www.gstatic.com
2    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
Apex Domain
Subdomains		 Transfer
14 upfilesurls.com
upfilesurls.com — Cisco Umbrella Rank: 864412
375 KB
9 google.com
accounts.google.com — Cisco Umbrella Rank: 23
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143
122 KB
7 gstatic.com
fonts.gstatic.com
www.gstatic.com
469 KB
4 esmyinteuk.info
esmyinteuk.info
1 KB
4 mcurrentlysea.info
mcurrentlysea.info
4 KB
4 pogothere.xyz
pogothere.xyz — Cisco Umbrella Rank: 31844
202 KB
4 cloudfront.net
dv663fc06d35i.cloudfront.net
203 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2029
21 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
7 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
148 KB
2 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
167 KB
1 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 46
4 KB
1 recaptcha.net
www.recaptcha.net — Cisco Umbrella Rank: 1284
1 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
1 demand.supply
live.demand.supply — Cisco Umbrella Rank: 54612
1 cschyogh.com
cschyogh.com
1 KB
1 upfiles.com
upfiles.com — Cisco Umbrella Rank: 745102
1 KB
55 18
Domain Requested by
14 upfilesurls.com 3 redirects upfilesurls.com
6 accounts.google.com 4 redirects upfilesurls.com
6 fonts.gstatic.com fonts.googleapis.com
upfilesurls.com
4 esmyinteuk.info upfilesurls.com
4 mcurrentlysea.info dv663fc06d35i.cloudfront.net
4 pogothere.xyz dv663fc06d35i.cloudfront.net
4 dv663fc06d35i.cloudfront.net upfilesurls.com
mcurrentlysea.info
3 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 pagead2.googlesyndication.com upfilesurls.com
2 fonts.googleapis.com upfilesurls.com
2 www.googletagmanager.com upfilesurls.com
www.googletagmanager.com
2 securepubads.g.doubleclick.net upfilesurls.com
securepubads.g.doubleclick.net
1 lh3.googleusercontent.com upfilesurls.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.gstatic.com www.recaptcha.net
1 www.recaptcha.net upfilesurls.com
1 www.facebook.com upfilesurls.com
1 live.demand.supply upfilesurls.com
1 cschyogh.com upfilesurls.com
1 upfiles.com 1 redirects
55 21

This site contains links to these domains. Also see Links.

Domain
upfiles.com
Subject Issuer Validity Valid
upfilesurls.com
GTS CA 1P5		 2023-11-20 -
2024-02-18		 3 months crt.sh
cschyogh.com
R3		 2023-12-12 -
2024-03-11		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
demand.supply
Cloudflare Inc ECC CA-3		 2023-02-19 -
2024-02-19		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-02-28 -
2024-02-27		 a year crt.sh
mcurrentlysea.info
Amazon RSA 2048 M03		 2024-01-04 -
2025-02-01		 a year crt.sh
esmyinteuk.info
E1		 2024-01-02 -
2024-04-01		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-10-26 -
2024-01-24		 3 months crt.sh
misc.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://upfilesurls.com/5Lvw5K
Frame ID: BCCF2DD7DFAD367DDF631FCDF589FF87
Requests: 49 HTTP requests in this frame

Frame: https://mcurrentlysea.info/QWJIUjkgACs/BiBfKnRMMw51dwsHR3oUXTdUfmFfIlJ+Ngp0C2YxVS4XLDRLLgw8fFckFm1gf3c3DRxqFzQdKHUFFTIzUBATBj9RKjsAGFAYUBo8YxUFJR1TdRgqKAwoOy9qCwsIDRt4EhYyG2ouDCpgazsyCxsBDA8gYHMrFXozfgcOBSh8cgAQNgkIMR13CwcpD2pBDRsnYmk7Wj4fQwRUKyt4OQQiag8NGCMkaSswPwteFwwtYG9wAR8YAAgIIyZ3Kw0hGwsbBRIGSio4JRBVGyUKJmAvICUXVBsFEgFwdC4fAFEiJQUQXXMGJBlxFw8uGnsoATJ/dC0oHCVUCzYJYXY4DSUxfiI1LD9/KAd6HAglUCw+XAIFfhttJloSP3gWAQ8YQxEIP3cLAywfCF4bNgFjcAUJfjRxFxoROGB4KyElHHMkBRp7KCAfHFcbOn0oXwYsJDNhMVoSYGssOCUQVQsIDT50OAFwNmEENxEVYy8AHxRTIhsedwsDOz90UzINJiIEKlV6Hl0yBhAQQA
Frame ID: 4CE9F5A0C0750B9761544A222DD41A5E
Requests: 2 HTTP requests in this frame

Frame: https://mcurrentlysea.info/SEYzM28pJFBeUCl7URUaOioOFl0OYwF1Cz5wBQAJK3YFV1x9Lx1QAyczV1UdJyhHHQEtMhYBKT8VX0MnKQNUQyEbLXxXFXw8egI5MCUBSxcfDl9AIgwXe3kFOCh+cj59I0QHXQA8cnIqJQNQfgZ9KFdYWyMNSWIIHhEHRSELFGVWOD9xekQfeSBdRBUPBVBbNTELYH4FeHV/YSY6CXd5BwAVXwAhMSFgejwRdHlYXn4CdAofHwECBw4lflV6PBljAXEkCn4EUV0gdXFZFz4ne1c1LQFhQjYkNXhRXSB1e0oqIyR7fSEtMVsWXQ4iZVQYLgEGRjsQNgV8FWUlankscDJ6VAAiD0oGBh8hBhZdDidrcSgtdUsWXQ4iZVsIARJ6SS0bFEVSLhoIVl0AegpUfhsqdFsAKzF2Q348IARRawc5DHJyWQISUFo7ECl+UlweH2ldH3glZVsXK3VhAjgQc0VSJyskeGAYfwhidRstBEtKOHt/WFI3Dgljaws6YFlAACY2DkQDOXdnQhgwDHs
Frame ID: BFDAF7F4AE752EBD1F926D6FEFF34B76
Requests: 2 HTTP requests in this frame

Frame: https://upfilesurls.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
Frame ID: A34A4BEB2839DB4382CF46675EE3D936
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

HeuZ OS Debloater & Optimizer.rar

Page URL History Show full URLs

  1. https://upfilesurls.com/5Lvw5K HTTP 302
    https://upfiles.com/5Lvw5K HTTP 302
    https://upfilesurls.com/5Lvw5K?token=eyJpdiI6IkgyOXVucytjYmNTeWVXUENYRmU5dWc9PSIsInZhbHVlIjoiektmK3N... HTTP 302
    https://upfilesurls.com/5Lvw5K Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

55
Requests

95 %
HTTPS

80 %
IPv6

18
Domains

21
Subdomains

19
IPs

3
Countries

1720 kB
Transfer

4645 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://upfilesurls.com/5Lvw5K HTTP 302
    https://upfiles.com/5Lvw5K HTTP 302
    https://upfilesurls.com/5Lvw5K?token=eyJpdiI6IkgyOXVucytjYmNTeWVXUENYRmU5dWc9PSIsInZhbHVlIjoiektmK3N1ME5EbFRhdUdpaW5TQStMZz09IiwibWFjIjoiNzBmOTVlOWM1YWJhNjk4ZDFmYWFmYmNmYzZmY2E2ODU3YjlmNzJhMTQzZTlhOWY2OWI1MThiNGQ0YWVkMzY0MCIsInRhZyI6IiJ9 HTTP 302
    https://upfilesurls.com/5Lvw5K Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASKXGp1kPQRZEp-CxuMpZv7NpK2drgFQLN4GIfk8eaisMfYXgCrrjdlyEzbzs88R6HGbVFfPjLgEpA HTTP 302
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp1yFJuO7gmWXIOW9y8FhRp6JN1zFnFmegwRbFT12rvWbUsdvTBZSQeFfnfUnhN-cjWGyn0CeA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-250927193%3A1705460160500702&theme=glif
Request Chain 27
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp2likznwqmtaejmWQ-ai8FGk-z4vDiB1SX-omBlQrQidcZXq59QNXJUvf2cHCHzHoy_tFg-8Q HTTP 302
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp11H4JIJj5QOoXhpA9p4eU-UZnmHIL359y4HlTDR1brMdWN_uYsJbKWVngHDrlhcZiT4M3R9g&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1997410629%3A1705460160498966&theme=glif
Request Chain 34
  • https://upfilesurls.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://upfilesurls.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

55 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 5Lvw5K
upfilesurls.com/
Redirect Chain
  • https://upfilesurls.com/5Lvw5K
  • https://upfiles.com/5Lvw5K
  • https://upfilesurls.com/5Lvw5K?token=eyJpdiI6IkgyOXVucytjYmNTeWVXUENYRmU5dWc9PSIsInZhbHVlIjoiektmK3N1ME5EbFRhdUdpaW5TQStMZz09IiwibWFjIjoiNzBmOTVlOWM1YWJhNjk4ZDFmYWFmYmNmYzZmY2E2ODU3YjlmNzJhMTQzZTlh...
  • https://upfilesurls.com/5Lvw5K
84 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://upfilesurls.com/5Lvw5K
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3788 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc232405f21659a17a606606157a5d30f2587ea772ad6ff6e12a8f8c7093d589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
846b5289f8ba774c-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 17 Jan 2024 02:55:59 GMT
expires
-1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v1UQPsjBu8Z6ziwd6Edohgz45VdLTzQCDjnhwtkYA5O56smwKRuwquKaegKM3Zf%2Fh%2F7unczV9pBfPZjbbz%2BXDMT7G6aXOFGfRa079qX5VYmozT3me3DxyenSHIPBHM3EaYxEst8aK3sGaUuinXM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
846b52883c911c32-FRA
content-type
text/html; charset=UTF-8
date
Wed, 17 Jan 2024 02:55:59 GMT
expires
-1
location
https://upfilesurls.com/5Lvw5K
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xLbMZGZmw%2BgIlI3g7LVQCGKR73Mhs8gqqjX4rGRXvKUH8Yx9A14Q8l1M%2F2Yezp6i4oarVZSvq7FO8tp5g7iFl6p1nhjQ6fZtSXcRBa7xnYD7GW9hYd9qNAfNiHVwizDGIVh3ke41FADF7Zfe1ZM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
frontend.css
upfilesurls.com/css/ 		255 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://upfilesurls.com/css/frontend.css?id=2396ffb76e738e465b53
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/5Lvw5K
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3788 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e51161fcc5b2c4b90c3381e517152eb275d52a6c288954e502479d7421386240

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/5Lvw5K
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:56:00 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 21 Dec 2022 18:47:00 GMT
server
cloudflare
age
584804
etag
W/"63a354a4-3f918"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=laMp1Xumg%2B%2FDPq01sOYtADnkTzHzfIARNZ4NWWCtJLewdsnVW4%2F%2B9FMoiBd6GeK0XlVyvafewzgspmeTWCIeb0fl3qvXShtuSiXqo6ZezhvgwnQDWNbhIHVfBgM6MrWDWY3H1K9nP6wIhEqxUMw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
846b528ff86d774c-AMS
alt-svc
h3=":443"; ma=86400
logo.svg
upfilesurls.com/img/ 		22 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upfilesurls.com/img/logo.svg
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/5Lvw5K
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3788 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d526da1f4d4af45cefd2a0d140abec2beddc3150d13c47d3de893eaa278a369d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/5Lvw5K
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:56:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 08 Apr 2022 10:55:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
584804
etag
W/"625014b1-56e8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1pQ%2FoGuDwmoezCas7R8oTEgDLfq%2Bz6UJnFWbDQAWeHK9EpJOY7UvsUgffBB1yA2MzRUwtqL37l4lB%2F0uGatMH1KfghJXI%2Bi9ojozt7q16ifWMYMYIKUOVU%2FuDreu9G8WZgCLICTg8hBkm9px4eU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=2592000
cf-ray
846b528ff86e774c-AMS
alt-svc
h3=":443"; ma=86400
menu.svg
upfilesurls.com/img/ 		2 KB
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upfilesurls.com/img/menu.svg
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/5Lvw5K
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3788 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d3e6705b468cecdd78fb9a1ee6688d60e1d2c1caa0db7baa88db460315dccea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/5Lvw5K
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:56:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2023 16:39:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
584803
etag
W/"63d009ce-72e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QCf%2Fuiwn9hQO7unUTfk5O2nUbvXXLDmz4zw%2BsgtGXHON37U3UvuTij5CIcev8YR4ojyb2Qr%2BH0kTNwTPVtDaFkD6AjSUM0PvwyeBppZ7vko0tDzkKAgzTQRyPy3ozNQkKgIxvx3Kv3c89CSILZE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=2592000
cf-ray
846b528ff86f774c-AMS
alt-svc
h3=":443"; ma=86400
34742
cschyogh.com/1clkn/ 		6 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cschyogh.com/1clkn/34742
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/5Lvw5K
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
23.109.170.33 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 02:56:00 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=1
Server
nginx
Accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Keep-Alive
timeout=20
/
dv663fc06d35i.cloudfront.net/ 		313 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dv663fc06d35i.cloudfront.net/?dcfvd=1010617
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/5Lvw5K
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:5400:0:5625:cd80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
125ec383eb5a6a47b7a57aa16c2660aa5328b9f9c8021b8cb9806aa77eeec2c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 02:56:00 GMT
content-encoding
gzip
via
1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length
102713
x-amz-cf-id
uA8pPgFJZja2Tq8B8hqPG-gHPria-rwkUX-I6ath8EjMiIyCXogrbg==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/5Lvw5K
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
60019d48ca437ba96d2654c66b934adc9463692248962dc04b16c2cc1effe25b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:56:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29441
x-xss-protection
0
server
cafe
etag
81 / 19739 / m202401100101 / config-hash: 6931021207574245193
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 02:56:00 GMT
faqs-image.svg
upfilesurls.com/img/ 		37 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upfilesurls.com/img/faqs-image.svg
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/5Lvw5K
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3788 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a717285429d468fadc4d25179fc6feb49e6335f3af1675fb6be1cb50e7e8322

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/5Lvw5K
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:56:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 13 Jan 2023 13:29:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
584804
etag
W/"63c15cbf-95fb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eWSG1SQnT1Rjx9UrdkMqf2umObrKeKu5VVE2cnnpDm9pJfnzHeDDFhVjgo3zeP15Dd0MrNmvmFMHnDt2mWDKbwDM269dFdTrNtp7kFaFD2yIpDGhohJV3l%2BJNcnjnOwj%2FS99QANK9wdZdBJuB0o%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=2592000
cf-ray
846b529038a2774c-AMS
alt-svc
h3=":443"; ma=86400
plane.svg
upfilesurls.com/img/ 		684 B
880 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upfilesurls.com/img/plane.svg
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/5Lvw5K
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3788 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d454583aa343d4c8aa4e42c0876b20e60c20c0b89284e4ef0c662d0426c18254

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/5Lvw5K
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:56:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 13 Jan 2023 13:29:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
584804
etag
W/"63c15cbf-2ac"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2FkIaOTrx7u%2BSIVZ7ETlW6pc55NYqb1%2B%2Bj2S2H76v3r%2BO3fPN054GbwSgRUbig%2FW41b19uUNy6RPbmx76yAa4y8BdD3xLkJacGTtfBpTH1NYTjsR34ZkgrwqFfHXfpl937LNDRsx80MQS%2B3EZZc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=2592000
cf-ray
846b529058ba774c-AMS
alt-svc
h3=":443"; ma=86400
ads.js
upfilesurls.com/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://upfilesurls.com/js/ads.js
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/5Lvw5K
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3788 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4689299e8a29627b02f9dd8bb5ecec1ca32122dab181724dee2313627d9d85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/5Lvw5K
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:56:00 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Sun, 08 Jan 2023 11:38:01 GMT
server
cloudflare
age
584804
etag
W/"63baab19-608"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4kiPgAdOr7AY3ATvnDwXkz4ODy9Zcgp4%2FeMIh31%2F5kPtwrMcTUqfg4QvltL8UcK37v2xGNCEgGGU9un%2BnlBUhufT5kxJKEIfgxOzWN57TKaWOe6NurCTKT%2BKwtb1hVHy%2F41z2HAvT3uuDJJmLZ8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
846b529088ee774c-AMS
alt-svc
h3=":443"; ma=86400
frontend.js
upfilesurls.com/js/ 		958 KB
262 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://upfilesurls.com/js/frontend.js?id=88f283c744d8a6e43cfb
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/5Lvw5K
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3788 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e87e0991dcfaa2c7b015d284d8b5d872363eb52af458b63c8449351b4b24612f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/5Lvw5K
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:56:00 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
584834
cf-polished
origSize=980842
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 08 Jan 2023 11:38:01 GMT
server
cloudflare
etag
W/"63baab19-ef76a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SCx8z6L72G4sVzy2fIMUDvJl4DSd1cpYikx1gRukpmXysvw4EnoSHK0un%2FhAAm5VuSAhFsNqcpxPnWh6TnlnhfWPkqi0RMnOxPLAJBS%2FqXEBBR%2BZFpS1ST7xxrw8Sj0j4B8qQ0Fug%2BOxUzq3Je0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
846b5290b94d774c-AMS
js
www.googletagmanager.com/gtag/ 		188 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-197252557-1
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/5Lvw5K
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ebc06693ec3cbee73f581b9a138a151a17295659a9f41db9e8cf570f04cc0fbf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:56:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69395
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 01:03:07 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 17 Jan 2024 02:56:00 GMT
css2
fonts.googleapis.com/ 		18 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/css/frontend.css?id=2396ffb76e738e465b53
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0f9f9de833d585905809ec4e207ddc9b42190d5660f30c54b25a8c6deb3612df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 17 Jan 2024 02:56:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 02:04:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 17 Jan 2024 02:56:00 GMT
up.js
live.demand.supply/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/up.js
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/5Lvw5K
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://upfilesurls.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:14:16 GMT
x-content-type-options
nosniff
age
2504
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46704
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:49:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 02:14:16 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://upfilesurls.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:15:15 GMT
x-content-type-options
nosniff
age
2445
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 02:15:15 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://upfilesurls.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:13:53 GMT
x-content-type-options
nosniff
age
2527
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 02:13:53 GMT
asd100.bin
pogothere.xyz/ 		100 KB
101 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/asd100.bin
Requested by
Host: dv663fc06d35i.cloudfront.net
URL: https://dv663fc06d35i.cloudfront.net/?dcfvd=1010617
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.201.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:56:00 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3720
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 17 Jan 2024 01:54:00 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://upfilesurls.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hF3aKP6IqMs%2BvUaVt8opyuL9WmdTmxYfeGj0LI%2FklUNScNjATA4%2BP4WQgpvPc5S%2FGYkUYv3CbMIWvlS1ENIa3rwx%2BNiRihVXMpy9L0XF1%2F%2F8t3OMoxdmxsYvVbVwTUCu"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
846b5291b820372d-FRA
access-control-allow-headers
X-Requested-With, content-type
/
pogothere.xyz/ 		25 B
378 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/
Requested by
Host: dv663fc06d35i.cloudfront.net
URL: https://dv663fc06d35i.cloudfront.net/?dcfvd=1010617
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.201.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80738b3cade33698500ff386fa301af3793968c0d25941dc494ff083f3949de0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:56:00 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QSBtDHSUlWdWyFInoYISZUmPxIzTYkvS4m%2FgJhVE8IdBKoTFH6Ww57hdpRSprA1V%2FoxYZ3hgZARarMDNzQ36J5Qhqm3XPa%2BUlkJcdc1esfMqgGSdeljkApphfi%2FxmhaP"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
https://upfilesurls.com
content-type
text/plain
access-control-allow-credentials
true
cf-ray
846b5291b81f372d-FRA
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400
utx
mcurrentlysea.info/ 		0
538 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcurrentlysea.info/utx?cb=1jxZn8wytZHa&top=upfilesurls.com&tid=1010617
Requested by
Host: dv663fc06d35i.cloudfront.net
URL: https://dv663fc06d35i.cloudfront.net/?dcfvd=1010617
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-17.fra53.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 02:56:00 GMT
via
1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://upfilesurls.com
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
dId76tiv0u0a3WJgrDmqA83fK3znYLB5acphtDuF8DLjQKQ5x04qhA==
KAd6HAglUCw+XAIFfhttJloSP3gWAQ8YQxEIP3cLAywfCF4bNgFjcAUJfjRxFxoROGB4KyElHHMkBRp7KCAfHFcbOn0oXwYsJDNhMVoSYGssOCUQVQsIDT50OAFwNmEENxEVYy8AHxRTIhsedwsDOz90UzINJiIEKlV6Hl0yBhAQQA
mcurrentlysea.info/QWJIUjkgACs/BiBfKnRMMw51dwsHR3oUXTdUfmFfIlJ+Ngp0C2YxVS4XLDRLLgw8fFckFm1gf3c3DRxqFzQdKHUFFTIzUBATBj9RKjsAGFAYUBo8YxUFJR1TdRgqKAwoOy9qCwsIDRt4EhYyG2ouDCpgazsyCxsBDA8gYHMrFXozfgcOBS... Frame 4CE9 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mcurrentlysea.info/QWJIUjkgACs/BiBfKnRMMw51dwsHR3oUXTdUfmFfIlJ+Ngp0C2YxVS4XLDRLLgw8fFckFm1gf3c3DRxqFzQdKHUFFTIzUBATBj9RKjsAGFAYUBo8YxUFJR1TdRgqKAwoOy9qCwsIDRt4EhYyG2ouDCpgazsyCxsBDA8gYHMrFXozfgcOBSh8cgAQNgkIMR13CwcpD2pBDRsnYmk7Wj4fQwRUKyt4OQQiag8NGCMkaSswPwteFwwtYG9wAR8YAAgIIyZ3Kw0hGwsbBRIGSio4JRBVGyUKJmAvICUXVBsFEgFwdC4fAFEiJQUQXXMGJBlxFw8uGnsoATJ/dC0oHCVUCzYJYXY4DSUxfiI1LD9/KAd6HAglUCw+XAIFfhttJloSP3gWAQ8YQxEIP3cLAywfCF4bNgFjcAUJfjRxFxoROGB4KyElHHMkBRp7KCAfHFcbOn0oXwYsJDNhMVoSYGssOCUQVQsIDT50OAFwNmEENxEVYy8AHxRTIhsedwsDOz90UzINJiIEKlV6Hl0yBhAQQA
Requested by
Host: dv663fc06d35i.cloudfront.net
URL: https://dv663fc06d35i.cloudfront.net/?dcfvd=1010617
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-17.fra53.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
bf742383dd3d2c6b04c7e8de260dad59d4e56c86cdbd60105099204ee08aae62

Request headers

Referer
https://upfilesurls.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1234
content-type
text/html
date
Wed, 17 Jan 2024 02:56:00 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-amz-cf-id
fovpkwA_xmAT6fj6Kt3nKmDgcAcFQKPTV1S1vgR59EHegXZ-qAcOmQ==
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
asd100.bin
pogothere.xyz/ 		100 KB
100 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/asd100.bin
Requested by
Host: dv663fc06d35i.cloudfront.net
URL: https://dv663fc06d35i.cloudfront.net/?dcfvd=1010617
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.201.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:56:00 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3720
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 17 Jan 2024 01:54:00 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://upfilesurls.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=avy7cmyISCD7jVaPhRNfsEVjmMrfFguy2jQw9b4xqRnCRiRHnOYuyXKV45mp1ZxpNNsBbptEtMGSa2xeq9FN05M7w12QIAfV5%2BZ6PDCOsiFbnTltqXMVcejqputLdImc"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
846b5291c828372d-FRA
access-control-allow-headers
X-Requested-With, content-type
/
pogothere.xyz/ 		27 B
349 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/
Requested by
Host: dv663fc06d35i.cloudfront.net
URL: https://dv663fc06d35i.cloudfront.net/?dcfvd=1010617
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.201.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0599fd1252a1bdd15fcb772b3ebff56398b554abc88021bfc389fb38da26051

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:56:00 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Yd3mLc63%2BSjVgKMeZMWzsPjKIobupOrpNIyFLxGEryrAgTGIibHr7M2QqzJQIIokOo6OKGl5APi%2FFQSgdYj5z7szbra9EoHvfwIsIa5UE%2FogKhNJnLriLogtPdwF0Cy"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
https://upfilesurls.com
content-type
text/plain
access-control-allow-credentials
true
cf-ray
846b5291c82a372d-FRA
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400
utx
mcurrentlysea.info/ 		0
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcurrentlysea.info/utx?cb=L0WbhdBlIkhr&top=upfilesurls.com&tid=996601
Requested by
Host: dv663fc06d35i.cloudfront.net
URL: https://dv663fc06d35i.cloudfront.net/?dcfvd=1010617
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-17.fra53.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 02:56:00 GMT
via
1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://upfilesurls.com
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
yAlvd13Oj9g8uSYlJwoH3l2vd8so9UnVuHxXV5Uw7yCYBGn37SI64A==
WFI3Dgljaws6YFlAACY2DkQDOXdnQhgwDHs
mcurrentlysea.info/SEYzM28pJFBeUCl7URUaOioOFl0OYwF1Cz5wBQAJK3YFV1x9Lx1QAyczV1UdJyhHHQEtMhYBKT8VX0MnKQNUQyEbLXxXFXw8egI5MCUBSxcfDl9AIgwXe3kFOCh+cj59I0QHXQA8cnIqJQNQfgZ9KFdYWyMNSWIIHhEHRSELFGVWOD9xek... Frame BFDA 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mcurrentlysea.info/SEYzM28pJFBeUCl7URUaOioOFl0OYwF1Cz5wBQAJK3YFV1x9Lx1QAyczV1UdJyhHHQEtMhYBKT8VX0MnKQNUQyEbLXxXFXw8egI5MCUBSxcfDl9AIgwXe3kFOCh+cj59I0QHXQA8cnIqJQNQfgZ9KFdYWyMNSWIIHhEHRSELFGVWOD9xekQfeSBdRBUPBVBbNTELYH4FeHV/YSY6CXd5BwAVXwAhMSFgejwRdHlYXn4CdAofHwECBw4lflV6PBljAXEkCn4EUV0gdXFZFz4ne1c1LQFhQjYkNXhRXSB1e0oqIyR7fSEtMVsWXQ4iZVQYLgEGRjsQNgV8FWUlankscDJ6VAAiD0oGBh8hBhZdDidrcSgtdUsWXQ4iZVsIARJ6SS0bFEVSLhoIVl0AegpUfhsqdFsAKzF2Q348IARRawc5DHJyWQISUFo7ECl+UlweH2ldH3glZVsXK3VhAjgQc0VSJyskeGAYfwhidRstBEtKOHt/WFI3Dgljaws6YFlAACY2DkQDOXdnQhgwDHs
Requested by
Host: dv663fc06d35i.cloudfront.net
URL: https://dv663fc06d35i.cloudfront.net/?dcfvd=1010617
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-17.fra53.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
16c88f847f4f2270540b113a1fffab128a240760a4d936229b40f2f0842e182b

Request headers

Referer
https://upfilesurls.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1236
content-type
text/html
date
Wed, 17 Jan 2024 02:56:00 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-amz-cf-id
LD4FweON2qNk_UaBuDgZAVpH_tGddkBR7aayjItbz75Apdi0mJm4Rg==
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
cmt1ODFdVBZLDCA+HQ5SN1ICXWQGLBBwY1dZN2taHl0WC1k2OS1bFwYCEQUAQlpFDgBFTQVRVU9aU0tFEx8ASwxDTRxWVx1WU04MQ0VGDB9BX1sIFwdWRB5FAgoSBQBUGwFMXU9aQggERl1FCQdCWUEA
esmyinteuk.info/ 		0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://esmyinteuk.info/cmt1ODFdVBZLDCA+HQ5SN1ICXWQGLBBwY1dZN2taHl0WC1k2OS1bFwYCEQUAQlpFDgBFTQVRVU9aU0tFEx8ASwxDTRxWVx1WU04MQ0VGDB9BX1sIFwdWRB5FAgoSBQBUGwFMXU9aQggERl1FCQdCWUEA
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/5Lvw5K
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.218.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:56:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=enKQ7%2FHpUg4xEobONJ21ih4aakJfi%2FPFcFgDW9EehXWBWinWRQ7QkL6g9ImzVtY8yclA%2B%2BYwj9L5Y3EDnGeR2QrzOhSIgGgMhHfZmQ7TR0FeG72AZGBQsI4cqq7%2FkotGuvo%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
846b52922cd76684-AMS
alt-svc
h3=":443"; ma=86400
login.php
www.facebook.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/5Lvw5K
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
  • https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASKXGp1kPQRZEp-CxuMpZv7NpK2drgFQLN4GIfk8eaisMfYXgCrrjdlyEzbzs88...
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp1yFJuO7gmWXIOW9y8FhRp6JN1zFnFmegwRbFT12rvWbUsdvTBZSQeFfnfUnhN-cjWGyn0CeA&passiv...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp1yFJuO7gmWXIOW9y8FhRp6JN1zFnFmegwRbFT12rvWbUsdvTBZSQeFfnfUnhN-cjWGyn0CeA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-250927193%3A1705460160500702&theme=glif
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/5Lvw5K
Protocol
H2
Server
2a00:1450:4013:c00::54 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Redirect headers

date
Wed, 17 Jan 2024 02:56:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-IoFnT9PnjDVW0hREd9RYfg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
402
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp1yFJuO7gmWXIOW9y8FhRp6JN1zFnFmegwRbFT12rvWbUsdvTBZSQeFfnfUnhN-cjWGyn0CeA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-250927193%3A1705460160500702&theme=glif
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
  • https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp2likznwqmtaejmWQ-ai8FGk-z4vDiB1SX-omBlQrQidcZXq59QNXJ...
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp11H4JIJj5QOoXhpA9p4eU-UZnmHIL359y4HlTDR1brMdWN_uYsJbKWVngHDrlhcZiT4M3R9g&passi...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp11H4JIJj5QOoXhpA9p4eU-UZnmHIL359y4HlTDR1brMdWN_uYsJbKWVngHDrlhcZiT4M3R9g&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1997410629%3A1705460160498966&theme=glif
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/5Lvw5K
Protocol
H2
Server
2a00:1450:4013:c00::54 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Redirect headers

date
Wed, 17 Jan 2024 02:56:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-HJgXb7PZpZd4tPWJHmRzbw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
408
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp11H4JIJj5QOoXhpA9p4eU-UZnmHIL359y4HlTDR1brMdWN_uYsJbKWVngHDrlhcZiT4M3R9g&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1997410629%3A1705460160498966&theme=glif
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
cUVmeEdeegULeiUAAjEkHylQHA8ZADUgN0EjMwgJFx0oXXUzFw1AYQUsAkV+SHNQSHZXNQ8cekBjFQwmBTAVRXZXLAgeKExjEEV2X3ZSVnRFa1ZeMkx0QAw3ECJbSWEBMRIUekByVk1zR3VXTndDfVM
esmyinteuk.info/ 		0
391 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://esmyinteuk.info/cUVmeEdeegULeiUAAjEkHylQHA8ZADUgN0EjMwgJFx0oXXUzFw1AYQUsAkV+SHNQSHZXNQ8cekBjFQwmBTAVRXZXLAgeKExjEEV2X3ZSVnRFa1ZeMkx0QAw3ECJbSWEBMRIUekByVk1zR3VXTndDfVM
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/5Lvw5K
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.218.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:56:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JElINhuJSl26JQAGsHrRhXzBklz526g%2B7bYRan1av6cPz%2FlY55bzZ03snIFdXjJ1PnKwD3XJN3JcRGHvRkYVOnOBjSjNnCS4LonilhZ1XgGyGwg%2FVpDR4PyJh3O%2BaTYTq64%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
846b52922cd66684-AMS
alt-svc
h3=":443"; ma=86400
/
dv663fc06d35i.cloudfront.net/ 		313 KB
101 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dv663fc06d35i.cloudfront.net/?dcfvd=1010617
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/5Lvw5K
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:5400:0:5625:cd80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
af0becd1ac07f50838cc0c83a78abb99ca0e77524c004bfa9b07bc14b188d474

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 02:56:00 GMT
content-encoding
gzip
via
1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
access-control-allow-origin
https://upfilesurls.com
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
access-control-allow-credentials
true
content-length
102713
x-amz-cf-id
bRI9GQI73S7LY-3LJKULb9nJJ_kAPiMvpslIq0nTmK70dVdF598SQA==
api.js
www.recaptcha.net/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/js/frontend.js?id=88f283c744d8a6e43cfb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
da0f3f35aa071262de70a12b291999a7886e60bfbf0b57be8c9861c77d03937b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:56:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Wed, 17 Jan 2024 02:56:00 GMT
arrow-down.png
upfilesurls.com/images/ 		208 B
668 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upfilesurls.com/images/arrow-down.png?c98e5283a69cb508d054d30256af43c6
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/css/frontend.css?id=2396ffb76e738e465b53
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3788 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59b7ad6d6f457b624e25d22959edc7c83af2ac52edba32fd6648c97af0d1780c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/css/frontend.css?id=2396ffb76e738e465b53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:56:00 GMT
cf-cache-status
HIT
last-modified
Fri, 08 Apr 2022 10:55:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
584803
etag
"625014b1-d0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BiZkwFj7u1e2pESuUIJ6rA%2FSFM3ciqtLWQ4unI%2FtLDgWgkvtIrABdwMEJy%2BGqXWpfC1qE4VeGzKsH5%2B8fgPc8sAtds8T4lWkiR0juzhfRQ%2FB6RkPBe%2B9wEBNu%2FjyMUAi%2FkJRwsGVFI2r4mDOH5I%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
846b52922ae0774c-AMS
alt-svc
h3=":443"; ma=86400
content-length
208
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://upfilesurls.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 09:10:14 GMT
x-content-type-options
nosniff
age
63946
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Jan 2025 09:10:14 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/js/frontend.js?id=88f283c744d8a6e43cfb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:56:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51274
x-xss-protection
0
server
cafe
etag
14687257227353915530
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Wed, 17 Jan 2024 02:56:00 GMT
main.js
upfilesurls.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/ Frame A34A
Redirect Chain
  • https://upfilesurls.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://upfilesurls.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://upfilesurls.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/5Lvw5K
Protocol
H3
Server
2606:4700:3033::6815:3788 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6af5a0e046a63159485826f4450db531d727847b00f8eb37ad17e129ce4683e9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:56:00 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QOqsP1IZtmDJkhm7a2SjxIQHCMOjWGEP34zHmiLSk5NRs4p4daYcWsX2PbK5fDKH%2FryhWvTe9QJB0ULTiG9qvX5ZNfISAn3A%2BqYUJx3ybSlmv%2BKWQbs%2Bb26Xu66t%2ByFvNsqpAZEDkUAbRWrzVIQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
846b52926b3e774c-AMS
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 17 Jan 2024 02:56:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RY7Eisv4Eww8KAkaBZR%2BfyfWI%2BxFigBNyuQqVnM%2FrxI5dpePlBiDWercqNfsIega1KfipWh%2BA5u%2BcHQiK54viR0DG0z2z%2BvA%2FsWkvYjKI83DwqrGmx3r6I6PBYf0oy7j1YzhXAvZpXfo%2BvjXRSM%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
846b52924b06774c-AMS
alt-svc
h3=":443"; ma=86400
MHBiBWNnZX5zfGNlaXp8Z2RmZmBlJjElMyc8dXEUYGZnbWFjcyV+Yw
dv663fc06d35i.cloudfront.net/6UENSVVUzLDwzaiQqNmhkYHJiY2RnZTgmOj4zbz5iYg82JjEIAStzISonb2RzPCI8Mmh2Jjw2aGFlMzE3bXd0ISU/KG8xLyo0Pz8vMzE6cyAxfj86LzkvPjRwYgVne2V1cWJ9IjktNjoiI2ZgZTskZmBlZGBtYnBmEmZgZSI... Frame 4CE9 		778 B
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dv663fc06d35i.cloudfront.net/6UENSVVUzLDwzaiQqNmhkYHJiY2RnZTgmOj4zbz5iYg82JjEIAStzISonb2RzPCI8Mmh2Jjw2aGFlMzE3bXd0ISU/KG8xLyo0Pz8vMzE6cyAxfj86LzkvPjRwYgVne2V1cWJ9IjktNjoiI2ZgZTskZmBlZGBtYnBmEmZgZSI5LWRhcGMBd2dlKHVmfHBicz-MlJTwmJTA3OyomcGcWdmFie2N1d2dleCg6ITg8ZmAWcGJzPjw+NWZgZTI1IDk6fHVxYjY9Iiw/MHBiBWNnZX5zfGNlaXp8Z2RmZmBlJjElMyc8dXEUYGZnbWFjcyV+Yw
Requested by
Host: mcurrentlysea.info
URL: https://mcurrentlysea.info/QWJIUjkgACs/BiBfKnRMMw51dwsHR3oUXTdUfmFfIlJ+Ngp0C2YxVS4XLDRLLgw8fFckFm1gf3c3DRxqFzQdKHUFFTIzUBATBj9RKjsAGFAYUBo8YxUFJR1TdRgqKAwoOy9qCwsIDRt4EhYyG2ouDCpgazsyCxsBDA8gYHMrFXozfgcOBSh8cgAQNgkIMR13CwcpD2pBDRsnYmk7Wj4fQwRUKyt4OQQiag8NGCMkaSswPwteFwwtYG9wAR8YAAgIIyZ3Kw0hGwsbBRIGSio4JRBVGyUKJmAvICUXVBsFEgFwdC4fAFEiJQUQXXMGJBlxFw8uGnsoATJ/dC0oHCVUCzYJYXY4DSUxfiI1LD9/KAd6HAglUCw+XAIFfhttJloSP3gWAQ8YQxEIP3cLAywfCF4bNgFjcAUJfjRxFxoROGB4KyElHHMkBRp7KCAfHFcbOn0oXwYsJDNhMVoSYGssOCUQVQsIDT50OAFwNmEENxEVYy8AHxRTIhsedwsDOz90UzINJiIEKlV6Hl0yBhAQQA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:5400:0:5625:cd80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b59cbe66bb7e770243e76c36f1489aca46de25aa7e5d5b43c49ba088ae530ce7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcurrentlysea.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:56:00 GMT
content-encoding
gzip
via
1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
545
x-amz-cf-id
ZWsUISLaYtBgeKHcqdMQaxAIpP9tIf7s0lwz3SVxjs365eYUzcjG-w==
846b5289f8ba774c
upfilesurls.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame A34A 		0
602 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://upfilesurls.com/cdn-cgi/challenge-platform/h/b/jsd/r/846b5289f8ba774c
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3788 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 17 Jan 2024 02:56:00 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3NxEsSq%2BcwZLt2B%2BTNHvaE9nUx2rZHY6er%2BgY9ZO9z5RucOptc7CX%2BblAkCxCYz1uZykvC6iI8adOIjpd33vTqKskhgV2sjn1URZnXIqO863m7Bnzm07NKE8tclVryxuSsWDG5IxGYbk93qg%2FfQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
846b5292ebc3774c-AMS
alt-svc
h3=":443"; ma=86400
dVhgITIzBSRvaARNeno2LgMtb2h3Dy0pMShBbXhqJAA6JTciTXoMa3VYZnp0cVhxc3R1WX5vaHcbKSw7NQFteBxyW39kaXFOPXdr
dv663fc06d35i.cloudfront.net/wSlpHaEgpNSkOdz4zI1Vxc2xxWHlsMDQHJjpnMAQ5ew42HzAAEmEcMi5ndk4kKzQgVW4vNCRVeWw7Iwp1fnwzGCchZyMSMj03LRIrODJhHSl3NygSISY2Jk16DG9pWG14am8fISQ+KB87b2h3BjxvaHdZeGRqYlsKb2h3HyE... Frame BFDA 		822 B
867 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dv663fc06d35i.cloudfront.net/wSlpHaEgpNSkOdz4zI1Vxc2xxWHlsMDQHJjpnMAQ5ew42HzAAEmEcMi5ndk4kKzQgVW4vNCRVeWw7Iwp1fnwzGCchZyMSMj03LRIrODJhHSl3NygSISY2Jk16DG9pWG14am8fISQ+KB87b2h3BjxvaHdZeGRqYlsKb2h3HyEkbHNNewh/dVgwfG5uTXp6Oz-cYJC8tIgojIy5iWg5/aXBGe3x/dVhgITIzBSRvaARNeno2LgMtb2h3Dy0pMShBbXhqJAA6JTciTXoMa3VYZnp0cVhxc3R1WX5vaHcbKSw7NQFteBxyW39kaXFOPXdr
Requested by
Host: mcurrentlysea.info
URL: https://mcurrentlysea.info/SEYzM28pJFBeUCl7URUaOioOFl0OYwF1Cz5wBQAJK3YFV1x9Lx1QAyczV1UdJyhHHQEtMhYBKT8VX0MnKQNUQyEbLXxXFXw8egI5MCUBSxcfDl9AIgwXe3kFOCh+cj59I0QHXQA8cnIqJQNQfgZ9KFdYWyMNSWIIHhEHRSELFGVWOD9xekQfeSBdRBUPBVBbNTELYH4FeHV/YSY6CXd5BwAVXwAhMSFgejwRdHlYXn4CdAofHwECBw4lflV6PBljAXEkCn4EUV0gdXFZFz4ne1c1LQFhQjYkNXhRXSB1e0oqIyR7fSEtMVsWXQ4iZVQYLgEGRjsQNgV8FWUlankscDJ6VAAiD0oGBh8hBhZdDidrcSgtdUsWXQ4iZVsIARJ6SS0bFEVSLhoIVl0AegpUfhsqdFsAKzF2Q348IARRawc5DHJyWQISUFo7ECl+UlweH2ldH3glZVsXK3VhAjgQc0VSJyskeGAYfwhidRstBEtKOHt/WFI3Dgljaws6YFlAACY2DkQDOXdnQhgwDHs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:5400:0:5625:cd80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
927c1178a8d77b8443a4e412cdba0550e59048692e5dcfdf57eeb00ff0404811

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcurrentlysea.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:56:00 GMT
content-encoding
gzip
via
1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
591
x-amz-cf-id
yavm7ttwzGr1dMohWY9i0RA_0dRabtQwDkOGdhIsm9c9b1NJmhfKSQ==
js
www.googletagmanager.com/gtag/ 		226 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-75C4L64NEB&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-197252557-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b9216e867f5645225a72f65f64b5268b1742cbfbeffd2ca2c84a2e2fa95292ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:56:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81648
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 17 Jan 2024 02:56:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-197252557-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 17 Jan 2024 01:48:10 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4070
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 17 Jan 2024 03:48:10 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/ 		438 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f689a26dae9b3d64d05a61dafe9a94f7e05e9a949dfe2330b879d532b441843
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 21:32:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
19385
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140824
x-xss-protection
0
server
cafe
etag
1760809391848743662
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 15 Jan 2025 21:32:55 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ 		506 KB
204 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91088a015cd36dabb6639d0b6d08fadc57be7f1b85011f5f882d4e7a8611df31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://upfilesurls.com/
Origin
https://upfilesurls.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 23:33:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12161
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
207845
x-xss-protection
0
last-modified
Mon, 08 Jan 2024 05:00:33 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Jan 2025 23:33:19 GMT
collect
region1.google-analytics.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-75C4L64NEB&gtm=45je41a0v9123751369&_p=1705460160347&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1560422684.1705460161&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1705460160&sct=1&seg=0&dl=https%3A%2F%2Fupfilesurls.com%2F5Lvw5K&dt=HeuZ%20OS%20Debloater%20%26%20Optimizer.rar&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2943
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-75C4L64NEB&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 02:56:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://upfilesurls.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
VERYaEZ7ezsbexoDOxISAXAbPgcacz4PDAEGNj5wFhIVLiMMI34cLzB5YVFwYnRpTjY9IGVZYCcwORwzJ3lrWHZlYjEGIDt5aFh2ZWIuVXd6d2xGdWBqaE4zaXVrXX5ic29dcmdwa151Ynd+HDY1I2VZYCQwLAR7ZXNoXXJidGledmJ0aA
esmyinteuk.info/ 		0
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://esmyinteuk.info/VERYaEZ7ezsbexoDOxISAXAbPgcacz4PDAEGNj5wFhIVLiMMI34cLzB5YVFwYnRpTjY9IGVZYCcwORwzJ3lrWHZlYjEGIDt5aFh2ZWIuVXd6d2xGdWBqaE4zaXVrXX5ic29dcmdwa151Ynd+HDY1I2VZYCQwLAR7ZXNoXXJidGledmJ0aA
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/5Lvw5K
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.218.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:56:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tY%2Fs%2FWGMKteaXT4O75pnPwIn4DyZPAV2MWbD48OzOnlGrFmRf%2Fx7v1Ar%2B9f%2Bwd6XB0bjkYH9yhQRZgweULrNqzEeHvIDEJnE8gmJziUN%2Ft%2Fuct%2F4AXdAXQWbXg43arkio%2B4%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
846b5293ce246684-AMS
alt-svc
h3=":443"; ma=86400
339263271
fundingchoicesmessages.google.com/i/ 		182 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/339263271?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4a410dec3d7deab4ad970d4c3c590a72e7612b1ea539082987f87b8cc8a8e7fa
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-O_c8j7WOOAZiBavZKUGLjQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:56:00 GMT
content-security-policy
script-src 'report-sample' 'nonce-O_c8j7WOOAZiBavZKUGLjQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1015603995&t=pageview&_s=1&dl=https%3A%2F%2Fupfilesurls.com%2F5Lvw5K&ul=en-us&de=UTF-8&dt=HeuZ%20OS%20Debloater%20%26%20Optimizer.rar&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=620350711&gjid=268537873&cid=1560422684.1705460161&tid=UA-197252557-1&_gid=1737404340.1705460161&_r=1&gtm=457e41a0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=921169656
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://upfilesurls.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 02:56:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://upfilesurls.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
popunder.gif
esmyinteuk.info/ 		35 B
533 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://esmyinteuk.info/popunder.gif
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/5Lvw5K
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.218.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
public
date
Wed, 17 Jan 2024 02:56:00 GMT
cf-cache-status
HIT
last-modified
Tue, 16 Jan 2024 15:14:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
42094
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1wgyvr1N8XbU67w3twV1e%2Fccu341ddex4JE57HqSn4sIsZLI%2B2c1Vi4z6cwgWXmL%2FSBaPjm5pyGwHKL1l%2F8sm%2BDPxicdmGoXmmoIW2CpTCz%2FdsI9mz2G8Av%2BIxKiTbkzg8o%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
cf-ray
846b5294cca063d8-LHR
alt-svc
h3=":443"; ma=86400
AGSKWxWRPtEmWJ0sIrtPB0cPNMLuJWy99hD_KhwE7Z--uugmaa-WVtzoSM3JUC4R5JIhAiOnnwL0XKbLKmBDiZXGPY0VcsbcXtDtNEbaTR-qnIq3iAbUO8Wof5SftR9USbsMlYa69WrVpA==
fundingchoicesmessages.google.com/f/ 		368 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWRPtEmWJ0sIrtPB0cPNMLuJWy99hD_KhwE7Z--uugmaa-WVtzoSM3JUC4R5JIhAiOnnwL0XKbLKmBDiZXGPY0VcsbcXtDtNEbaTR-qnIq3iAbUO8Wof5SftR9USbsMlYa69WrVpA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA1NDYwMTYwLDk1ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly91cGZpbGVzdXJscy5jb20vNUx2dzVLIixudWxsLFtbOCwiTElxYzQxQko1YTAiXSxbOSwiZGUiXSxbMTksIjEiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.LIqc41BJ5a0.es5.O/am=wA/d=1/rs=AJlcJMyuHDquIDjtBjzFOiABIt8N5YwY7Q/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f6a966db3d57466db80ef5929b991af28be17f80124fc89f7b644e62b5378546
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-vvay25wQMGVc5vrpJmWEmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:56:01 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-vvay25wQMGVc5vrpJmWEmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		100 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.LIqc41BJ5a0.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMx-Hs0eiopJhgDZxv-jwMMm8fYViw/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8354d043bdebec71c66c058e88ecc6f032f98e2dad2c9efe882a39e01619f101
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 17 Jan 2024 02:56:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 02:56:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 17 Jan 2024 02:56:01 GMT
aYydj3w2hcN83wurCEoGXW4Um6doCQY3anHmX39Fr6D9D7tsTZ8FWpBhou1cJaKL3V7zzJaE6cw8xgiPA_z546jSKruD1XIEUNL_vs8Fao5yrValoGw=h60
lh3.googleusercontent.com/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/aYydj3w2hcN83wurCEoGXW4Um6doCQY3anHmX39Fr6D9D7tsTZ8FWpBhou1cJaKL3V7zzJaE6cw8xgiPA_z546jSKruD1XIEUNL_vs8Fao5yrValoGw=h60
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/5Lvw5K
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
ec9383fda23f20c2e34b9aad928d68fe6e391dd24e3c52a8cc796ad27365453c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:04:23 GMT
x-content-type-options
nosniff
age
3098
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3299
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 18 Jan 2024 02:04:23 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/5Lvw5K
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://upfilesurls.com/
Origin
https://upfilesurls.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 06:07:43 GMT
x-content-type-options
nosniff
age
506898
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Jan 2025 06:07:43 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/5Lvw5K
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://upfilesurls.com/
Origin
https://upfilesurls.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 00:59:33 GMT
x-content-type-options
nosniff
age
93388
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 19:51:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Jan 2025 00:59:33 GMT
AGSKWxXMIm6LLrqE-8GvYE288UxSntfKuEriEL-FwnJVBD1yzlSEr5rLBF14gPPvMsMIj3XRsE5wzxiqU76OIawtUCyWzz87Bd9m7QVQnAR2yJyZwOhpgW2t5ipJLd6CQ5qETlu6acAyWA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXMIm6LLrqE-8GvYE288UxSntfKuEriEL-FwnJVBD1yzlSEr5rLBF14gPPvMsMIj3XRsE5wzxiqU76OIawtUCyWzz87Bd9m7QVQnAR2yJyZwOhpgW2t5ipJLd6CQ5qETlu6acAyWA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.LIqc41BJ5a0.es5.O/am=wA/d=1/rs=AJlcJMyuHDquIDjtBjzFOiABIt8N5YwY7Q/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-c9v_1T2e3Z7A7IPpkyRRJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://upfilesurls.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 17 Jan 2024 02:56:01 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-c9v_1T2e3Z7A7IPpkyRRJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://upfilesurls.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: upfilesurls.com
URL: https://upfilesurls.com/js/frontend.js?id=88f283c744d8a6e43cfb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upfilesurls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:56:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51279
x-xss-protection
0
server
cafe
etag
17636139395066013049
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 02:56:01 GMT

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 function| _0x3609 function| _0x22ec92 function| _0x2d6c number| LAST_CORRECT_EVENT_TIME object| utr_1010617 number| userTrackingInterval number| _4187605604 object| utr_996601 number| _20740124 function| s3ii function| P7Q boolean| DEBUG_MODE boolean| ENABLE_LOGS boolean| ENABLE_ONLINE_DEBUGGER boolean| SUPPORT_IE8 boolean| MOBILE_VERSION boolean| EXTERNAL_POLYFILL boolean| SEND_PIXELS boolean| IS_POP_COIN boolean| PIXEL_LOG_LEVEL_INFO boolean| PIXEL_LOG_LEVEL_DEBUG boolean| PIXEL_LOG_LEVEL_WARNING boolean| PIXEL_LOG_LEVEL_ERROR boolean| PIXEL_LOG_LEVEL_METRICS function| G2tt object| googletag object| app_vars function| a3_0x145b function| a3_0x4fc8 function| a0_0x4928 function| a0_0x22f5 object| webpackChunk function| jQuery function| $ number| uidEvent function| Dropzone function| onloadRecaptchaCallback function| onloadHCaptchaCallback function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| ggeac object| google_js_reporting_queue object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| gaGlobal number| iinf undefined| google_measure_js_timing object| gaplugins object| gaData object| recaptcha object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| Y2M3ZGIzMDFjN2ZlMDQwYWxvYWRlcl9qcw== string| Y2M3ZGIzMDFjN2ZlMDQwYWNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady

14 Cookies

Domain/Path Name / Value
upfiles.com/ Name: XSRF-TOKEN
Value: eyJpdiI6InlYdzB5UU52cUNaNS82WHYyb0hPVXc9PSIsInZhbHVlIjoiR1RFRUtjakFyRnlGNStzaHRwS0E0U0REc05VS3dPSU5zY2E5Nng4OGUrN0JzZ1J2YTBRdy9wVVJUREJTQ2U1aGx2bzRlNng1RnNONTJDM2RVYkZqVnhmL3NuSTFYUVJrSW41QVp1MGt2N3hUcGpvSkR1ZmNqM0R1dkJnMGc0NFQiLCJtYWMiOiI4MzRlNDFiNGNkYzM2ZDU3NjM2Nzc2MmJjMGVmYWE4ZThiYTBlZGRhZDE1ZTJlNzYyOGQ0YzBmNzUzZWQ4MDk5IiwidGFnIjoiIn0%3D
upfiles.com/ Name: upfiles_session
Value: eyJpdiI6IkhZdHpHYzBjc01idTBLcmFnZks3UFE9PSIsInZhbHVlIjoiSDQ5WXltcXlBaHdCTlQzNE10UHRzZW1kL1hoQ01LUitLYWFMUEVYSzA1Z1ozYXM1WjBmT0FPQTRENCsxSnhLSk1XN01vOGRZSnZxNVR1ZVNCOGIyNWlwcStSRkUvZWt1SjdBL0wvU1hicUgzcU9Rcys0cUJvaFY0TDBlaUptRHoiLCJtYWMiOiI1MGZhMzNhMDBjNDlkN2UwYTc0NWExNjVmMTM2Y2E1NThlZTJhYzI0OWQ3Nzk0MjZhM2YxNzg4OWZjNjY2ZWFjIiwidGFnIjoiIn0%3D
upfilesurls.com/ Name: XSRF-TOKEN
Value: eyJpdiI6InlnaGpDWHVkRnRGQmJza2pkenZwQVE9PSIsInZhbHVlIjoiWG1xUS8yWUhzWHhTVWtkcEdsSEt2ajZiTDdYWjdVcVMyeGFvdWd5MXd3Q3QvcCttK0tJS1RVZk9GaDJicVBNTXI4cTFwZ1hDOVZ4bDVNVGN0M3VvYWVEWW90ZnhDZi9OVWNsRWx0Q1ZyV1dscUNVY092c3A4bThPbXNYdjltcnUiLCJtYWMiOiI4ZjNjMTI5MmU5ZjhmYWNmMDg1NjFkOWVjNzQ1YzYzNDg0MDFiOWIwNmIyZTg4Yzg4MDgxOGUzOTk3MTEyYWMxIiwidGFnIjoiIn0%3D
upfilesurls.com/ Name: upfiles_session
Value: eyJpdiI6InUzQ3locUV3NWhubG40SDRGU08vR2c9PSIsInZhbHVlIjoiTjRDSGtDK2IrVXRGRTlsWldHaW9pTmRhOGtBRjhsNkZUR3lNN24xcmxaSXVObmRiNWNxZkpsQjJGSldIaEliQmN3RTZpSmJnWThpV0x3Y01DU01lazNWKzk1Q2J6c0xqaE92RjFhczZBem5rMlNabGNpZ0FLc1BlOGl2SHJpdmQiLCJtYWMiOiJmNDZhNzJhZmMyZjQ3YzdhNTc0NzA4NjA0N2EzNzk1ZjAzOWM5NjEzYWU5ZWQ5ODI2OThiMmQ3ZWY1YmQxNTgyIiwidGFnIjoiIn0%3D
.demand.supply/ Name: __cf_bm
Value: DYOaWM8GyO0_Y3INzqZoA9husal1IOW1mDA1q2pfIw0-1705460160-1-AV65jKwP29JkCkcAIeR6dUogpz3NQWOagD41RcPfS0FGoKYNv00ZNHz5uqH+VFTu0ZXk1ud48PPWGzu5rz848CY=
upfilesurls.com/ Name: ab
Value: 2
cschyogh.com/ Name: GL_UI4
Value: eJw9jd1OhDAYRPln1QWdhAfwEWBZgl4aH8LLprQfbF1oN6VCfHsbE72ak8mZTBAEUfWIcMtyxF%2B8wzMX4kVQ39Jrf26bbpSjEGcahm5sRXfqJe7UyhwfZnIJDuvCrWNuS3CcSJNVggkjqcCTt%2F6aqza7TpAOlmtZIF28MRfIB2v2lWwVI9F8IWTvF2t8pgv%2FNBZxc6o9K%2B05rBGZtYrLe%2BQfSks%2FLI%2BImrosswAPt5m70diFKZmFSCfLJSF8w0FwR5Ox38glrVdnboCZJfv3f3%2FjvamRSdqU8OfGXcj%2BACjvT08%3D
cschyogh.com/ Name: GL_GI10
Value: eJwVy0sKwjAURuHkghVBkB%2B7gKygEEupDn134sgVhBglSNNwEwvu3jo5gw%2BOEILKJchHrPS2qTa6rnTTVHrXQr5ApzPIBsyvjnsTvpAM6ibjgFnnUnKQFriwCe%2Fnh7MyvboZHyA9UGvd1uruePTWJbU%2FgELC4jhwHNjkaY2FBOXh3%2FQoBeRYrH8i4yGU
pogothere.xyz/ Name: csu
Value: 1358677543436363@1@1705460160
.upfilesurls.com/ Name: cf_clearance
Value: BGat5SA74VjHjzS1PBCpGHfXMjiDZcUgd3JUFh5GC50-1705460160-1-AUXhSoM+2jO2eg6ow4Z8sQnp+2affUllUqXHqux8LyPs36Il3dNSHo/ntTlviHgUgywa0D9lSNfeDXBJMrdStvY=
.upfilesurls.com/ Name: _ga_75C4L64NEB
Value: GS1.1.1705460160.1.0.1705460160.0.0.0
.upfilesurls.com/ Name: _ga
Value: GA1.2.1560422684.1705460161
.upfilesurls.com/ Name: _gid
Value: GA1.2.1737404340.1705460161
.upfilesurls.com/ Name: _gat_gtag_UA_197252557_1
Value: 1

3 Console Messages

Source Level URL
Text
network error URL: https://live.demand.supply/up.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp11H4JIJj5QOoXhpA9p4eU-UZnmHIL359y4HlTDR1brMdWN_uYsJbKWVngHDrlhcZiT4M3R9g&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1997410629%3A1705460160498966&theme=glif
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp1yFJuO7gmWXIOW9y8FhRp6JN1zFnFmegwRbFT12rvWbUsdvTBZSQeFfnfUnhN-cjWGyn0CeA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-250927193%3A1705460160500702&theme=glif
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
cschyogh.com
dv663fc06d35i.cloudfront.net
esmyinteuk.info
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
lh3.googleusercontent.com
live.demand.supply
mcurrentlysea.info
pagead2.googlesyndication.com
pogothere.xyz
region1.google-analytics.com
securepubads.g.doubleclick.net
upfiles.com
upfilesurls.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
www.recaptcha.net
143.204.215.17
172.64.201.15
172.67.218.105
2001:4860:4802:34::36
23.109.170.33
2600:9000:236e:5400:0:5625:cd80:21
2606:4700:3033::6815:3788
2606:4700::6810:8516
2a00:1450:4001:811::2008
2a00:1450:4001:813::2003
2a00:1450:4001:827::2002
2a00:1450:4001:829::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::200a
2a00:1450:4001:830::2002
2a00:1450:4001:831::200e
2a00:1450:4013:c00::54
2a03:2880:f176:181:face:b00c:0:25de
2a06:98c1:3120::3
0f9f9de833d585905809ec4e207ddc9b42190d5660f30c54b25a8c6deb3612df
125ec383eb5a6a47b7a57aa16c2660aa5328b9f9c8021b8cb9806aa77eeec2c8
16c88f847f4f2270540b113a1fffab128a240760a4d936229b40f2f0842e182b
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3d3e6705b468cecdd78fb9a1ee6688d60e1d2c1caa0db7baa88db460315dccea
4a410dec3d7deab4ad970d4c3c590a72e7612b1ea539082987f87b8cc8a8e7fa
59b7ad6d6f457b624e25d22959edc7c83af2ac52edba32fd6648c97af0d1780c
5f689a26dae9b3d64d05a61dafe9a94f7e05e9a949dfe2330b879d532b441843
60019d48ca437ba96d2654c66b934adc9463692248962dc04b16c2cc1effe25b
6af5a0e046a63159485826f4450db531d727847b00f8eb37ad17e129ce4683e9
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
80738b3cade33698500ff386fa301af3793968c0d25941dc494ff083f3949de0
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8354d043bdebec71c66c058e88ecc6f032f98e2dad2c9efe882a39e01619f101
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
91088a015cd36dabb6639d0b6d08fadc57be7f1b85011f5f882d4e7a8611df31
927c1178a8d77b8443a4e412cdba0550e59048692e5dcfdf57eeb00ff0404811
9a717285429d468fadc4d25179fc6feb49e6335f3af1675fb6be1cb50e7e8322
af0becd1ac07f50838cc0c83a78abb99ca0e77524c004bfa9b07bc14b188d474
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b59cbe66bb7e770243e76c36f1489aca46de25aa7e5d5b43c49ba088ae530ce7
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
b9216e867f5645225a72f65f64b5268b1742cbfbeffd2ca2c84a2e2fa95292ba
ba4689299e8a29627b02f9dd8bb5ecec1ca32122dab181724dee2313627d9d85
bc232405f21659a17a606606157a5d30f2587ea772ad6ff6e12a8f8c7093d589
bf742383dd3d2c6b04c7e8de260dad59d4e56c86cdbd60105099204ee08aae62
d454583aa343d4c8aa4e42c0876b20e60c20c0b89284e4ef0c662d0426c18254
d526da1f4d4af45cefd2a0d140abec2beddc3150d13c47d3de893eaa278a369d
da0f3f35aa071262de70a12b291999a7886e60bfbf0b57be8c9861c77d03937b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0599fd1252a1bdd15fcb772b3ebff56398b554abc88021bfc389fb38da26051
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51161fcc5b2c4b90c3381e517152eb275d52a6c288954e502479d7421386240
e87e0991dcfaa2c7b015d284d8b5d872363eb52af458b63c8449351b4b24612f
ebc06693ec3cbee73f581b9a138a151a17295659a9f41db9e8cf570f04cc0fbf
ec9383fda23f20c2e34b9aad928d68fe6e391dd24e3c52a8cc796ad27365453c
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6a966db3d57466db80ef5929b991af28be17f80124fc89f7b644e62b5378546