urlscan.io logo urlscan.io
SecurityTrails logo

upfiles.io Open in urlscan Pro
172.67.187.10  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://upfiles.com/Y6lP
Effective URL: https://upfiles.io/Y6lP
Submission: On October 17 via manual from MX — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 14 domains to perform 34 HTTP transactions. The main IP is 172.67.187.10, located in United States and belongs to CLOUDFLARENET, US. The main domain is upfiles.io.
TLS certificate: Issued by R3 on September 2nd 2021. Valid for: 3 months.
This is the only time upfiles.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 172.67.173.106 13335 (CLOUDFLAR...)
9 172.67.187.10 13335 (CLOUDFLAR...)
1 146.59.188.42 16276 (OVH)
4 18.66.137.28 16509 (AMAZON-02)
1 142.250.186.104 15169 (GOOGLE)
1 142.250.185.106 15169 (GOOGLE)
3 142.250.185.227 15169 (GOOGLE)
5 13.225.87.62 16509 (AMAZON-02)
1 157.240.20.35 32934 (FACEBOOK)
2 142.250.185.205 15169 (GOOGLE)
1 142.250.185.67 15169 (GOOGLE)
2 172.217.18.110 15169 (GOOGLE)
1 104.21.45.207 13335 (CLOUDFLAR...)
1 142.250.186.67 15169 (GOOGLE)
2 13.224.193.33 16509 (AMAZON-02)
34 14
1    172.67.173.106 (United States)

ASN13335 (CLOUDFLARENET, US)
upfiles.com
9    172.67.187.10 (United States)

ASN13335 (CLOUDFLARENET, US)
upfiles.io
1    146.59.188.42 (France)

ASN16276 (OVH, FR)
PTR: ip42.ip-146-59-188.eu
anamaembush.com
4    18.66.137.28 (United States)

ASN16509 (AMAZON-02, US)
d2fbvay81k4ji3.cloudfront.net
1    142.250.186.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f8.1e100.net
www.googletagmanager.com
1    142.250.185.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f10.1e100.net
fonts.googleapis.com
3    142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net
fonts.gstatic.com
5    13.225.87.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-62.fra2.r.cloudfront.net
loptyinterva.xyz
1    157.240.20.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-frt3.facebook.com
www.facebook.com
2    142.250.185.205 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f13.1e100.net
accounts.google.com
1    142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net
www.recaptcha.net
2    172.217.18.110 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f110.1e100.net
www.google-analytics.com
1    104.21.45.207 (None, )

ASN13335 (CLOUDFLARENET, US)
freychang.fun
1    142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net
www.gstatic.com
2    13.224.193.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-33.fra2.r.cloudfront.net
getinclinarss.xyz
Domain Requested by
9 upfiles.io upfiles.io
5 loptyinterva.xyz d2fbvay81k4ji3.cloudfront.net
4 d2fbvay81k4ji3.cloudfront.net upfiles.io
loptyinterva.xyz
3 fonts.gstatic.com fonts.googleapis.com
2 getinclinarss.xyz upfiles.io
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 accounts.google.com upfiles.io
1 www.gstatic.com www.recaptcha.net
1 freychang.fun d2fbvay81k4ji3.cloudfront.net
1 www.recaptcha.net upfiles.io
1 www.facebook.com upfiles.io
1 fonts.googleapis.com upfiles.io
1 www.googletagmanager.com upfiles.io
1 anamaembush.com upfiles.io
1 upfiles.com 1 redirects
34 15

This site contains links to these domains. Also see Links.

Domain
upfiles.com
Subject Issuer Validity Valid
*.upfiles.io
R3		 2021-09-02 -
2021-12-01		 3 months crt.sh
anamaembush.com
R3		 2021-10-04 -
2022-01-02		 3 months crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
loptyinterva.xyz
Amazon		 2021-09-01 -
2022-09-30		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-07-27 -
2021-10-25		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
misc.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-10-16 -
2022-10-15		 a year crt.sh
getinclinarss.xyz
Amazon		 2021-09-01 -
2022-09-30		 a year crt.sh

This page contains 4 frames:

Primary Page: https://upfiles.io/Y6lP
Frame ID: F3859784C7C6F4E0702110944EB17E63
Requests: 28 HTTP requests in this frame

Frame: https://loptyinterva.xyz/bnFINlIPEytbbQ9MKhAnHB11E2AoVHpwNlwXKkAzF0l5XWYEGHsYMQIePVI0HB4mQnwAFDwTYCg6LFgiBRUlYwQoICdnBQk4HHcXGhIacyoNIyR4AyszK2wRGSsAfxM8JgR0NjszMXAaOkEBdRoWOwBgFC87Dk4DKiJ4ewYoMCx6BCgwKncQPCgZWiU/My9ZNjwGO1QaFjgqdAAFJg9RIi0wP2QeKAY7exYsHh90BCApBXNrJSMjdBc9Gj90FiwWLXUlKyYdBjo7NgpwBj03Gn4EOBkDZwc7Hx0GOjswGUELOjcKYgQEIy5gOTcVGXNnICR5UhUpCWVnFS0jBXgTPCAHfiVbMxp1HCoiHngLOBoKUAQFKwZ+ACcgD0E+OiILUgY4QRFhFjxBCWNiBiQNZxM4NBlCND80Gn0QFkUQcQANMx0HMRkgeVILOCcgeQc7NxthFxYpHQc2KTIZYwMsMBliAzsgImdiAiUfcAgvKQpwHkgbO1k8HkwMRGE0HHhHFl9E
Frame ID: 836AB56F91458903B3ACBE05E871C87E
Requests: 2 HTTP requests in this frame

Frame: https://loptyinterva.xyz/ekhrY24bKggOURt1CUUbCCRWRlw8bVklCkguCRUPA3BaCFoQIVhNDRYnHgcICCcFF0AULR9GXDweOA5WSBpbKh47DgwLCC58LDYACn8OJQU1LAUhHTgdPgwiPjg4OhQrGyQaIBQOOCYYMw8+NSk4fSEyBEolD1JWKwMSLgU5CR8LJAMZJiBdICMgFBovLQU5HT0kD1UiAx09OxcJPSBTAT8JMwcFIjAlUg0XATI7FxElITEGPBEFIVg7HSEKDTI4DiEDFjEJUhZKEQUhWD0OUxMKMn0gIT8sJg4lVzUrMzkEKS85UCcAJw00BzN5JxRfHgQBORgiEEYhFxkQWiEsIg4FBihCLScgAV96KSICCiEIIgIxCiMAGzM/OTc3FApdICg3IyAwOD0NWDUXMRkPJiU5cB0wCSsKDlACOAoGD1wceQwhDyIaXjAJKHsmMB0wHhE2HBh5WhQNFA5SMj8sMDEnVyluARABFDhWNh0qOScyPBktJDA8IBw
Frame ID: A6C1A2AE95DB0E2C690E0928E39B0CDE
Requests: 2 HTTP requests in this frame

Frame: https://loptyinterva.xyz/V2ZnNEw2BARZczZbBRI5JQpaEX4RQ1VyKGUABUItLl5WX3g9D1QaLzsJElAqJQkJQGI5AxMRfhFUMwZ9GQUgYT8WDypjGz0VIn8ZZgUBcnVjNDFMPBUcU1IPLV82ZHwaMwFiGnJUIXV9ZlM0TiccJz9+KDYeEHEFBhYQYisWDiNaDhU3HgAGG1ZWZi0FDV58O2IfJl0NHCc0AAEeASp+HGcVU3EaMA8mXi8NJTR5ATYjLl4pPCheYhozQ1VyHgMJPXc1JCUoUwIWADEEJhUjJQ0UDx4mZ39uLwFeBhYAMQR6EDcTARsADiN+ficAAWUkAwNXZiMGCjJBBANLV1cNEwEueDQkKygEJHJUIXogFV4wWQITM1VEKjEwAHsGLw0AfAkVXytZJBQwNHkJHQ4xdSoBVhZyHQ4NJlkeATBUDAMdNy5/BTAOCGUlGVQ/WQIWNVRAFTINA3gpAVMIZSACXiN3PwUgHm4FMRw9ZSoRFg1lfRkWIHwNcQwUWyInWxUHPWVeVUd0YQ
Frame ID: A162D1F184D7A1D2340E519F4E29B52B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ebook-gratis.pdf

Page URL History Show full URLs

  1. https://upfiles.com/Y6lP HTTP 301
    https://upfiles.io/Y6lP Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

34
Requests

100 %
HTTPS

0 %
IPv6

14
Domains

15
Subdomains

14
IPs

4
Countries

594 kB
Transfer

1694 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://upfiles.com/Y6lP HTTP 301
    https://upfiles.io/Y6lP Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Y6lP
upfiles.io/
Redirect Chain
  • https://upfiles.com/Y6lP
  • https://upfiles.io/Y6lP
10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://upfiles.io/Y6lP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.187.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78acc1b5e409fb4a03ed370ee50c12c9537b3af9f177ae62e9eb438e9f8fa198
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN

Request headers

:method
GET
:authority
upfiles.io
:scheme
https
:path
/Y6lP
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 17 Oct 2021 07:01:31 GMT
content-type
text/html; charset=UTF-8
set-cookie
refY6lP=eyJpdiI6Ik1XRzA1Wm4zU1JzTXF1SVVuMGVlaGc9PSIsInZhbHVlIjoidGFldVNCK2FyQTVxWTZZejNTUFpuUT09IiwibWFjIjoiMDlmMTlhZjM2YTMwYzgzNzZjNjRmOTg2YWQzNWEwODEwMjNhNmE2MzY0OGMxOTVlZmVlNDFjYjZkZDdhMzllYyJ9; expires=Sun, 17-Oct-2021 07:06:31 GMT; Max-Age=300; path=/; HttpOnly XSRF-TOKEN=eyJpdiI6IkluZFNpY09VU2JIUjN3MzhSbXNzY3c9PSIsInZhbHVlIjoiNUgrUGdJSGZZVDRqeUNZeWlQSGNlcDVHKzNnUSthcmtxRk5uaUJFK21XV1lCdDRLK2t2Vm52NG9nMXp3elQvTjJxT0N5NzExOVI0d3BsTXhhaktnYXg4clVpT2JORm94RGhtRHFhbk1ZSDBST3krQ3FBLzExUmlldmdIZEZibGIiLCJtYWMiOiJkNzdkNmJmOGFlY2E1NGYzZGNjMzU4NzE4MjBlMjU4NWE4MmExZDNiNzdkZGRhYjUxZjdmNmY0ZGI3MmYwYTU3In0%3D; expires=Sun, 17-Oct-2021 09:01:31 GMT; Max-Age=7200; path=/; samesite=lax upfiles_session=eyJpdiI6IkE4WEpKSUh4bHVwMG9EN3cwUW44enc9PSIsInZhbHVlIjoiMTBLdEFnTy9RUVNoSjBMVU5RamR4UVFRVlRjY1NsUmhvb0o1ekFFY0ZSd1dWNGk0aDNSOEJGQlM2YTdreThqN1MzR2FLcVpkRnlwRGtVWkVjVXJMSUtsZkFrd1Z6WkoySlBHMUozK3ZvV3o1TnQ2VHhYV3dDa1JoZEtUNFVNY2UiLCJtYWMiOiJjMWFmZjlkNTc4ZTJjMjg3YWNlMDQ4NWQzYzhhZGY5NzE1N2RkZDhkYmJmYjZkZDE1ZGExMjQ0NTE2ZDdmMDBjIn0%3D; expires=Sun, 17-Oct-2021 09:01:31 GMT; Max-Age=7200; path=/; httponly; samesite=lax
cache-control
no-cache, private
x-frame-options
SAMEORIGIN SAMEORIGIN
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A73IzRZ5MXgOeWDQGZs4RqyN%2B1HnoibAHueIpGJH91VPDeeStEtlTf1Sol8hccrF3Homr8s3xq08hNBM0vo%2FP%2Ft0rNxQ1r%2Fm4I9VOWVuDMUnsmbmfRVWP%2FCj8BOG"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
69f7a7f6dff62b16-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Sun, 17 Oct 2021 07:01:31 GMT
content-type
text/html; charset=UTF-8
location
https://upfiles.io/Y6lP
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2FTOntFmf8MTl7Gzxb7piuEiW5qzgpiPhLtKY6N6yl6agW%2F8EMmmH20tPqw94Gfkp2N2PHqk9CgPkzh8xJVd%2F0GMUaNE5s4K2sA5a7nSk6xVVPzpK6WHAGj1wpz9WQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
69f7a7f64e2927a0-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
frontend.css
upfiles.io/css/ 		256 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://upfiles.io/css/frontend.css?id=b7f59d23b8b28a78299d
Requested by
Host: upfiles.io
URL: https://upfiles.io/Y6lP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.187.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
598cb3cb0a9900c562337f15bc247ae4a0cb57150a94d0de45ebad77dd078117
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/css/frontend.css?id=b7f59d23b8b28a78299d
pragma
no-cache
cookie
refY6lP=eyJpdiI6Ik1XRzA1Wm4zU1JzTXF1SVVuMGVlaGc9PSIsInZhbHVlIjoidGFldVNCK2FyQTVxWTZZejNTUFpuUT09IiwibWFjIjoiMDlmMTlhZjM2YTMwYzgzNzZjNjRmOTg2YWQzNWEwODEwMjNhNmE2MzY0OGMxOTVlZmVlNDFjYjZkZDdhMzllYyJ9; XSRF-TOKEN=eyJpdiI6IkluZFNpY09VU2JIUjN3MzhSbXNzY3c9PSIsInZhbHVlIjoiNUgrUGdJSGZZVDRqeUNZeWlQSGNlcDVHKzNnUSthcmtxRk5uaUJFK21XV1lCdDRLK2t2Vm52NG9nMXp3elQvTjJxT0N5NzExOVI0d3BsTXhhaktnYXg4clVpT2JORm94RGhtRHFhbk1ZSDBST3krQ3FBLzExUmlldmdIZEZibGIiLCJtYWMiOiJkNzdkNmJmOGFlY2E1NGYzZGNjMzU4NzE4MjBlMjU4NWE4MmExZDNiNzdkZGRhYjUxZjdmNmY0ZGI3MmYwYTU3In0%3D; upfiles_session=eyJpdiI6IkE4WEpKSUh4bHVwMG9EN3cwUW44enc9PSIsInZhbHVlIjoiMTBLdEFnTy9RUVNoSjBMVU5RamR4UVFRVlRjY1NsUmhvb0o1ekFFY0ZSd1dWNGk0aDNSOEJGQlM2YTdreThqN1MzR2FLcVpkRnlwRGtVWkVjVXJMSUtsZkFrd1Z6WkoySlBHMUozK3ZvV3o1TnQ2VHhYV3dDa1JoZEtUNFVNY2UiLCJtYWMiOiJjMWFmZjlkNTc4ZTJjMjg3YWNlMDQ4NWQzYzhhZGY5NzE1N2RkZDhkYmJmYjZkZDE1ZGExMjQ0NTE2ZDdmMDBjIn0%3D
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
upfiles.io
referer
https://upfiles.io/Y6lP
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://upfiles.io/Y6lP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 07:01:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5128
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sun, 01 Aug 2021 13:41:29 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"6106a489-3fae7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q8ME%2BLmxa6%2BnyVUX%2Fa24GK7xLWstNkMWmImqrrH9CPZmH55HYTALlIaY7tNZ5fw3R1IhbcuFdUTaEZzfe8jun6vCLbPfITZNgwj8kihtoPPjktEV%2BZFvv%2F8%2Fa3nQ"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
69f7a7f748892b16-FRA
cf-bgj
minify
logo.svg
upfiles.io/img/ 		22 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upfiles.io/img/logo.svg
Requested by
Host: upfiles.io
URL: https://upfiles.io/Y6lP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.187.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d526da1f4d4af45cefd2a0d140abec2beddc3150d13c47d3de893eaa278a369d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/img/logo.svg
pragma
no-cache
cookie
refY6lP=eyJpdiI6Ik1XRzA1Wm4zU1JzTXF1SVVuMGVlaGc9PSIsInZhbHVlIjoidGFldVNCK2FyQTVxWTZZejNTUFpuUT09IiwibWFjIjoiMDlmMTlhZjM2YTMwYzgzNzZjNjRmOTg2YWQzNWEwODEwMjNhNmE2MzY0OGMxOTVlZmVlNDFjYjZkZDdhMzllYyJ9; XSRF-TOKEN=eyJpdiI6IkluZFNpY09VU2JIUjN3MzhSbXNzY3c9PSIsInZhbHVlIjoiNUgrUGdJSGZZVDRqeUNZeWlQSGNlcDVHKzNnUSthcmtxRk5uaUJFK21XV1lCdDRLK2t2Vm52NG9nMXp3elQvTjJxT0N5NzExOVI0d3BsTXhhaktnYXg4clVpT2JORm94RGhtRHFhbk1ZSDBST3krQ3FBLzExUmlldmdIZEZibGIiLCJtYWMiOiJkNzdkNmJmOGFlY2E1NGYzZGNjMzU4NzE4MjBlMjU4NWE4MmExZDNiNzdkZGRhYjUxZjdmNmY0ZGI3MmYwYTU3In0%3D; upfiles_session=eyJpdiI6IkE4WEpKSUh4bHVwMG9EN3cwUW44enc9PSIsInZhbHVlIjoiMTBLdEFnTy9RUVNoSjBMVU5RamR4UVFRVlRjY1NsUmhvb0o1ekFFY0ZSd1dWNGk0aDNSOEJGQlM2YTdreThqN1MzR2FLcVpkRnlwRGtVWkVjVXJMSUtsZkFrd1Z6WkoySlBHMUozK3ZvV3o1TnQ2VHhYV3dDa1JoZEtUNFVNY2UiLCJtYWMiOiJjMWFmZjlkNTc4ZTJjMjg3YWNlMDQ4NWQzYzhhZGY5NzE1N2RkZDhkYmJmYjZkZDE1ZGExMjQ0NTE2ZDdmMDBjIn0%3D
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
upfiles.io
referer
https://upfiles.io/Y6lP
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://upfiles.io/Y6lP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 07:01:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5268
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sat, 22 May 2021 16:02:15 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"60a92b07-56e8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BMubR3zgU61cEunTBATzFMP8M3aO9sYGPb8f%2BLB5PeAzLyOQs%2Bz8Uab8w1lG2eCrTSw%2BgFpeJReqtb6pUMRNBmh2GZiuybf49%2Fl8jwDbifnNa6JB7XP4kDdW7630"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
69f7a7f7488b2b16-FRA
menu.svg
upfiles.io/img/ 		2 KB
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upfiles.io/img/menu.svg
Requested by
Host: upfiles.io
URL: https://upfiles.io/Y6lP
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.187.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6b9d20ecf27a000695abf5cbd0a96763f1b7d508f533a32311be9c2d6f05795
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/img/menu.svg
pragma
no-cache
cookie
refY6lP=eyJpdiI6Ik1XRzA1Wm4zU1JzTXF1SVVuMGVlaGc9PSIsInZhbHVlIjoidGFldVNCK2FyQTVxWTZZejNTUFpuUT09IiwibWFjIjoiMDlmMTlhZjM2YTMwYzgzNzZjNjRmOTg2YWQzNWEwODEwMjNhNmE2MzY0OGMxOTVlZmVlNDFjYjZkZDdhMzllYyJ9; XSRF-TOKEN=eyJpdiI6IkluZFNpY09VU2JIUjN3MzhSbXNzY3c9PSIsInZhbHVlIjoiNUgrUGdJSGZZVDRqeUNZeWlQSGNlcDVHKzNnUSthcmtxRk5uaUJFK21XV1lCdDRLK2t2Vm52NG9nMXp3elQvTjJxT0N5NzExOVI0d3BsTXhhaktnYXg4clVpT2JORm94RGhtRHFhbk1ZSDBST3krQ3FBLzExUmlldmdIZEZibGIiLCJtYWMiOiJkNzdkNmJmOGFlY2E1NGYzZGNjMzU4NzE4MjBlMjU4NWE4MmExZDNiNzdkZGRhYjUxZjdmNmY0ZGI3MmYwYTU3In0%3D; upfiles_session=eyJpdiI6IkE4WEpKSUh4bHVwMG9EN3cwUW44enc9PSIsInZhbHVlIjoiMTBLdEFnTy9RUVNoSjBMVU5RamR4UVFRVlRjY1NsUmhvb0o1ekFFY0ZSd1dWNGk0aDNSOEJGQlM2YTdreThqN1MzR2FLcVpkRnlwRGtVWkVjVXJMSUtsZkFrd1Z6WkoySlBHMUozK3ZvV3o1TnQ2VHhYV3dDa1JoZEtUNFVNY2UiLCJtYWMiOiJjMWFmZjlkNTc4ZTJjMjg3YWNlMDQ4NWQzYzhhZGY5NzE1N2RkZDhkYmJmYjZkZDE1ZGExMjQ0NTE2ZDdmMDBjIn0%3D
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
upfiles.io
referer
https://upfiles.io/Y6lP
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://upfiles.io/Y6lP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 07:01:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3549
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sat, 22 May 2021 16:02:15 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"60a92b07-713"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hwkkmDO9MKzmijbaaJ%2BzlwTVtiqpwho3VYgtfdUYP3xkjmjeaBpiXNQS1qMW3%2FV3b4VKcLgMxZ1i3JfRKMJZchvBDtR8kX7WKA8x%2Fhzz5Oy1Y2bRHSuLD9uex74O"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
69f7a7f7bee6c28b-FRA
34742
anamaembush.com/1clkn/ 		6 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://anamaembush.com/1clkn/34742
Requested by
Host: upfiles.io
URL: https://upfiles.io/Y6lP
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
146.59.188.42 , France, ASN16276 (OVH, FR),
Reverse DNS
ip42.ip-146-59-188.eu
Software
nginx /
Resource Hash
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://upfiles.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 17 Oct 2021 07:01:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=1
Keep-Alive
timeout=20
/
d2fbvay81k4ji3.cloudfront.net/ 		344 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2fbvay81k4ji3.cloudfront.net/?avbfd=926806
Requested by
Host: upfiles.io
URL: https://upfiles.io/Y6lP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.137.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4a76796416e096e38bce8c5e23583cba3e3557700b79c08d9aa0b92fc0dec3e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://upfiles.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Oct 2021 07:01:31 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length
113837
via
1.1 8b360b28aeb67c1982fcc466a05eef03.cloudfront.net (CloudFront)
x-amz-cf-id
FuzSDerWsAEgk_Dip0YbYHu_JamWietXFtfIxf5TMmWz46Nnu7U_OQ==
faqs-image.svg
upfiles.io/img/ 		37 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upfiles.io/img/faqs-image.svg
Requested by
Host: upfiles.io
URL: https://upfiles.io/Y6lP
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.187.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a717285429d468fadc4d25179fc6feb49e6335f3af1675fb6be1cb50e7e8322
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/img/faqs-image.svg
pragma
no-cache
cookie
refY6lP=eyJpdiI6Ik1XRzA1Wm4zU1JzTXF1SVVuMGVlaGc9PSIsInZhbHVlIjoidGFldVNCK2FyQTVxWTZZejNTUFpuUT09IiwibWFjIjoiMDlmMTlhZjM2YTMwYzgzNzZjNjRmOTg2YWQzNWEwODEwMjNhNmE2MzY0OGMxOTVlZmVlNDFjYjZkZDdhMzllYyJ9; XSRF-TOKEN=eyJpdiI6IkluZFNpY09VU2JIUjN3MzhSbXNzY3c9PSIsInZhbHVlIjoiNUgrUGdJSGZZVDRqeUNZeWlQSGNlcDVHKzNnUSthcmtxRk5uaUJFK21XV1lCdDRLK2t2Vm52NG9nMXp3elQvTjJxT0N5NzExOVI0d3BsTXhhaktnYXg4clVpT2JORm94RGhtRHFhbk1ZSDBST3krQ3FBLzExUmlldmdIZEZibGIiLCJtYWMiOiJkNzdkNmJmOGFlY2E1NGYzZGNjMzU4NzE4MjBlMjU4NWE4MmExZDNiNzdkZGRhYjUxZjdmNmY0ZGI3MmYwYTU3In0%3D; upfiles_session=eyJpdiI6IkE4WEpKSUh4bHVwMG9EN3cwUW44enc9PSIsInZhbHVlIjoiMTBLdEFnTy9RUVNoSjBMVU5RamR4UVFRVlRjY1NsUmhvb0o1ekFFY0ZSd1dWNGk0aDNSOEJGQlM2YTdreThqN1MzR2FLcVpkRnlwRGtVWkVjVXJMSUtsZkFrd1Z6WkoySlBHMUozK3ZvV3o1TnQ2VHhYV3dDa1JoZEtUNFVNY2UiLCJtYWMiOiJjMWFmZjlkNTc4ZTJjMjg3YWNlMDQ4NWQzYzhhZGY5NzE1N2RkZDhkYmJmYjZkZDE1ZGExMjQ0NTE2ZDdmMDBjIn0%3D
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
upfiles.io
referer
https://upfiles.io/Y6lP
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://upfiles.io/Y6lP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 07:01:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4869
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sat, 22 May 2021 16:02:15 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"60a92b07-95fb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AfwUWRYAa7PWSyvmqJMPoSSDwJUBPI17KD85G2FvvDtZHBEbmjn6%2B2eI60V9A%2BnmYnSD7EXaOSyoMpjT9nbm%2BHCRLiBNl5LAmxkVlJw5VqD3TSdNdMAWCMzxDAe6"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
69f7a7f7bee7c28b-FRA
plane.svg
upfiles.io/img/ 		684 B
1002 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upfiles.io/img/plane.svg
Requested by
Host: upfiles.io
URL: https://upfiles.io/Y6lP
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.187.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d454583aa343d4c8aa4e42c0876b20e60c20c0b89284e4ef0c662d0426c18254
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/img/plane.svg
pragma
no-cache
cookie
refY6lP=eyJpdiI6Ik1XRzA1Wm4zU1JzTXF1SVVuMGVlaGc9PSIsInZhbHVlIjoidGFldVNCK2FyQTVxWTZZejNTUFpuUT09IiwibWFjIjoiMDlmMTlhZjM2YTMwYzgzNzZjNjRmOTg2YWQzNWEwODEwMjNhNmE2MzY0OGMxOTVlZmVlNDFjYjZkZDdhMzllYyJ9; XSRF-TOKEN=eyJpdiI6IkluZFNpY09VU2JIUjN3MzhSbXNzY3c9PSIsInZhbHVlIjoiNUgrUGdJSGZZVDRqeUNZeWlQSGNlcDVHKzNnUSthcmtxRk5uaUJFK21XV1lCdDRLK2t2Vm52NG9nMXp3elQvTjJxT0N5NzExOVI0d3BsTXhhaktnYXg4clVpT2JORm94RGhtRHFhbk1ZSDBST3krQ3FBLzExUmlldmdIZEZibGIiLCJtYWMiOiJkNzdkNmJmOGFlY2E1NGYzZGNjMzU4NzE4MjBlMjU4NWE4MmExZDNiNzdkZGRhYjUxZjdmNmY0ZGI3MmYwYTU3In0%3D; upfiles_session=eyJpdiI6IkE4WEpKSUh4bHVwMG9EN3cwUW44enc9PSIsInZhbHVlIjoiMTBLdEFnTy9RUVNoSjBMVU5RamR4UVFRVlRjY1NsUmhvb0o1ekFFY0ZSd1dWNGk0aDNSOEJGQlM2YTdreThqN1MzR2FLcVpkRnlwRGtVWkVjVXJMSUtsZkFrd1Z6WkoySlBHMUozK3ZvV3o1TnQ2VHhYV3dDa1JoZEtUNFVNY2UiLCJtYWMiOiJjMWFmZjlkNTc4ZTJjMjg3YWNlMDQ4NWQzYzhhZGY5NzE1N2RkZDhkYmJmYjZkZDE1ZGExMjQ0NTE2ZDdmMDBjIn0%3D
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
upfiles.io
referer
https://upfiles.io/Y6lP
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://upfiles.io/Y6lP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 07:01:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4869
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sat, 22 May 2021 16:02:15 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"60a92b07-2ac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FWJZVr7beCfckdg4GZjhc1%2FLaR2phi5UeN4ueOVQflNfxDEv%2FKD5bawowDvtXmuoV5KY3UnkFv0jleHVf6w4r4cnWUY%2FuL2%2Bc7PUSr%2FEf5DvVTg0S26%2FW21hpOhd"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
69f7a7f7bee9c28b-FRA
ads.js
upfiles.io/js/ 		190 B
781 B 		Script
General
Check archive.org
Download Go to
Full URL
https://upfiles.io/js/ads.js
Requested by
Host: upfiles.io
URL: https://upfiles.io/Y6lP
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.187.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d807c16e2160c2660ffd43bf8b8bc54eb39ecd044e823209c0ade70db965d5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/js/ads.js
pragma
no-cache
cookie
refY6lP=eyJpdiI6Ik1XRzA1Wm4zU1JzTXF1SVVuMGVlaGc9PSIsInZhbHVlIjoidGFldVNCK2FyQTVxWTZZejNTUFpuUT09IiwibWFjIjoiMDlmMTlhZjM2YTMwYzgzNzZjNjRmOTg2YWQzNWEwODEwMjNhNmE2MzY0OGMxOTVlZmVlNDFjYjZkZDdhMzllYyJ9; XSRF-TOKEN=eyJpdiI6IkluZFNpY09VU2JIUjN3MzhSbXNzY3c9PSIsInZhbHVlIjoiNUgrUGdJSGZZVDRqeUNZeWlQSGNlcDVHKzNnUSthcmtxRk5uaUJFK21XV1lCdDRLK2t2Vm52NG9nMXp3elQvTjJxT0N5NzExOVI0d3BsTXhhaktnYXg4clVpT2JORm94RGhtRHFhbk1ZSDBST3krQ3FBLzExUmlldmdIZEZibGIiLCJtYWMiOiJkNzdkNmJmOGFlY2E1NGYzZGNjMzU4NzE4MjBlMjU4NWE4MmExZDNiNzdkZGRhYjUxZjdmNmY0ZGI3MmYwYTU3In0%3D; upfiles_session=eyJpdiI6IkE4WEpKSUh4bHVwMG9EN3cwUW44enc9PSIsInZhbHVlIjoiMTBLdEFnTy9RUVNoSjBMVU5RamR4UVFRVlRjY1NsUmhvb0o1ekFFY0ZSd1dWNGk0aDNSOEJGQlM2YTdreThqN1MzR2FLcVpkRnlwRGtVWkVjVXJMSUtsZkFrd1Z6WkoySlBHMUozK3ZvV3o1TnQ2VHhYV3dDa1JoZEtUNFVNY2UiLCJtYWMiOiJjMWFmZjlkNTc4ZTJjMjg3YWNlMDQ4NWQzYzhhZGY5NzE1N2RkZDhkYmJmYjZkZDE1ZGExMjQ0NTE2ZDdmMDBjIn0%3D
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
upfiles.io
referer
https://upfiles.io/Y6lP
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://upfiles.io/Y6lP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 07:01:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5462
cf-polished
origSize=191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sat, 22 May 2021 16:02:15 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"60a92b07-bf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ouOsI%2F33C6LAb%2FbDuBLnnxpMmu9VaRmMzPol38fUYx%2FhMVSlnMYwJmoHo2JmP3IdAPAXsWoEjdLwCf2LAYv3h4dTkr1wP33xmucvwfRDkeDDZjWs64F3QHwKbbjQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
69f7a7f76e84c28b-FRA
cf-bgj
minify
frontend.js
upfiles.io/js/ 		438 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://upfiles.io/js/frontend.js?id=28cb7d0aaaf973146b14
Requested by
Host: upfiles.io
URL: https://upfiles.io/Y6lP
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.187.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
579141e4773c9f1cc56d7d778459aede76d95e6db5665411bf7f824690dc7fdd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/js/frontend.js?id=28cb7d0aaaf973146b14
pragma
no-cache
cookie
refY6lP=eyJpdiI6Ik1XRzA1Wm4zU1JzTXF1SVVuMGVlaGc9PSIsInZhbHVlIjoidGFldVNCK2FyQTVxWTZZejNTUFpuUT09IiwibWFjIjoiMDlmMTlhZjM2YTMwYzgzNzZjNjRmOTg2YWQzNWEwODEwMjNhNmE2MzY0OGMxOTVlZmVlNDFjYjZkZDdhMzllYyJ9; XSRF-TOKEN=eyJpdiI6IkluZFNpY09VU2JIUjN3MzhSbXNzY3c9PSIsInZhbHVlIjoiNUgrUGdJSGZZVDRqeUNZeWlQSGNlcDVHKzNnUSthcmtxRk5uaUJFK21XV1lCdDRLK2t2Vm52NG9nMXp3elQvTjJxT0N5NzExOVI0d3BsTXhhaktnYXg4clVpT2JORm94RGhtRHFhbk1ZSDBST3krQ3FBLzExUmlldmdIZEZibGIiLCJtYWMiOiJkNzdkNmJmOGFlY2E1NGYzZGNjMzU4NzE4MjBlMjU4NWE4MmExZDNiNzdkZGRhYjUxZjdmNmY0ZGI3MmYwYTU3In0%3D; upfiles_session=eyJpdiI6IkE4WEpKSUh4bHVwMG9EN3cwUW44enc9PSIsInZhbHVlIjoiMTBLdEFnTy9RUVNoSjBMVU5RamR4UVFRVlRjY1NsUmhvb0o1ekFFY0ZSd1dWNGk0aDNSOEJGQlM2YTdreThqN1MzR2FLcVpkRnlwRGtVWkVjVXJMSUtsZkFrd1Z6WkoySlBHMUozK3ZvV3o1TnQ2VHhYV3dDa1JoZEtUNFVNY2UiLCJtYWMiOiJjMWFmZjlkNTc4ZTJjMjg3YWNlMDQ4NWQzYzhhZGY5NzE1N2RkZDhkYmJmYjZkZDE1ZGExMjQ0NTE2ZDdmMDBjIn0%3D
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
upfiles.io
referer
https://upfiles.io/Y6lP
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://upfiles.io/Y6lP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 07:01:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5522
cf-polished
origSize=448388
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sun, 01 Aug 2021 13:41:29 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"6106a489-6d784"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OEyFHoTlmZsuhEMfE1hPGdVL752bftx4lw%2FhYu0lY%2BNdIV2DgQhk9zplSHPbJfq6Gj1L0G6AnNkd26ZNJQNI8V8%2FAmjtls4pgbGFsZT3OK3iPEyl%2B3M%2FWDgsxV4z"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
69f7a7f7aee5c28b-FRA
cf-bgj
minify
js
www.googletagmanager.com/gtag/ 		95 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-197252557-1
Requested by
Host: upfiles.io
URL: https://upfiles.io/Y6lP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
d6286b356c665a8d2eccbbf46770275f607eb510332bf3c5fceb31574b332562
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://upfiles.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 07:01:31 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38545
x-xss-protection
0
last-modified
Sun, 17 Oct 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 17 Oct 2021 07:01:31 GMT
css2
fonts.googleapis.com/ 		17 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap
Requested by
Host: upfiles.io
URL: https://upfiles.io/css/frontend.css?id=b7f59d23b8b28a78299d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f10.1e100.net
Software
ESF /
Resource Hash
638a326578c21f3b73ce20d8c9f7e13b3659cddc0e43f0a6c11cfe0c076295a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://upfiles.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 17 Oct 2021 07:01:31 GMT
server
ESF
date
Sun, 17 Oct 2021 07:01:31 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sun, 17 Oct 2021 07:01:31 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v3/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v3/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
f6789b1579e3915acc50ce2f56d956c05dc3186238eb4d1a0d4ad1e403a625ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://upfiles.io
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 08:58:29 GMT
x-content-type-options
nosniff
age
424982
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37056
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 22:48:53 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Oct 2022 08:58:29 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://upfiles.io
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 16:31:40 GMT
x-content-type-options
nosniff
age
311391
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 13 Oct 2022 16:31:40 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://upfiles.io
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 17:27:37 GMT
x-content-type-options
nosniff
age
480834
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 11 Oct 2022 17:27:37 GMT
utx
loptyinterva.xyz/ 		0
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://loptyinterva.xyz/utx?cb=PJUzyheVoIET&top=upfiles.io&tid=926806
Requested by
Host: d2fbvay81k4ji3.cloudfront.net
URL: https://d2fbvay81k4ji3.cloudfront.net/?avbfd=926806
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-62.fra2.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://upfiles.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Oct 2021 07:01:31 GMT
via
1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://upfiles.io
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
35yPN59jnxwSeNTmEkfVmlc9SdHPcQ9v4aYApfdCQkhGpK4dz1cG5g==
My9ZNjwGO1QaFjgqdAAFJg9RIi0wP2QeKAY7exYsHh90BCApBXNrJSMjdBc9Gj90FiwWLXUlKyYdBjo7NgpwBj03Gn4EOBkDZwc7Hx0GOjswGUELOjcKYgQEIy5gOTcVGXNnICR5UhUpCWVnFS0jBXgTPCAHfiVbMxp1HCoiHngLOBoKUAQFKwZ+ACcgD0E+OiILU...
loptyinterva.xyz/bnFINlIPEytbbQ9MKhAnHB11E2AoVHpwNlwXKkAzF0l5XWYEGHsYMQIePVI0HB4mQnwAFDwTYCg6LFgiBRUlYwQoICdnBQk4HHcXGhIacyoNIyR4AyszK2wRGSsAfxM8JgR0NjszMXAaOkEBdRoWOwBgFC87Dk4DKiJ4ewYoMCx6BCgwKncQ... Frame 836A 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://loptyinterva.xyz/bnFINlIPEytbbQ9MKhAnHB11E2AoVHpwNlwXKkAzF0l5XWYEGHsYMQIePVI0HB4mQnwAFDwTYCg6LFgiBRUlYwQoICdnBQk4HHcXGhIacyoNIyR4AyszK2wRGSsAfxM8JgR0NjszMXAaOkEBdRoWOwBgFC87Dk4DKiJ4ewYoMCx6BCgwKncQPCgZWiU/My9ZNjwGO1QaFjgqdAAFJg9RIi0wP2QeKAY7exYsHh90BCApBXNrJSMjdBc9Gj90FiwWLXUlKyYdBjo7NgpwBj03Gn4EOBkDZwc7Hx0GOjswGUELOjcKYgQEIy5gOTcVGXNnICR5UhUpCWVnFS0jBXgTPCAHfiVbMxp1HCoiHngLOBoKUAQFKwZ+ACcgD0E+OiILUgY4QRFhFjxBCWNiBiQNZxM4NBlCND80Gn0QFkUQcQANMx0HMRkgeVILOCcgeQc7NxthFxYpHQc2KTIZYwMsMBliAzsgImdiAiUfcAgvKQpwHkgbO1k8HkwMRGE0HHhHFl9E
Requested by
Host: d2fbvay81k4ji3.cloudfront.net
URL: https://d2fbvay81k4ji3.cloudfront.net/?avbfd=926806
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-62.fra2.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
416d4142bc1a87a025a2d61b459ead0265d21f50e51d0b0243cb818ef878e169

Request headers

:method
GET
:authority
loptyinterva.xyz
:scheme
https
:path
/bnFINlIPEytbbQ9MKhAnHB11E2AoVHpwNlwXKkAzF0l5XWYEGHsYMQIePVI0HB4mQnwAFDwTYCg6LFgiBRUlYwQoICdnBQk4HHcXGhIacyoNIyR4AyszK2wRGSsAfxM8JgR0NjszMXAaOkEBdRoWOwBgFC87Dk4DKiJ4ewYoMCx6BCgwKncQPCgZWiU/My9ZNjwGO1QaFjgqdAAFJg9RIi0wP2QeKAY7exYsHh90BCApBXNrJSMjdBc9Gj90FiwWLXUlKyYdBjo7NgpwBj03Gn4EOBkDZwc7Hx0GOjswGUELOjcKYgQEIy5gOTcVGXNnICR5UhUpCWVnFS0jBXgTPCAHfiVbMxp1HCoiHngLOBoKUAQFKwZ+ACcgD0E+OiILUgY4QRFhFjxBCWNiBiQNZxM4NBlCND80Gn0QFkUQcQANMx0HMRkgeVILOCcgeQc7NxthFxYpHQc2KTIZYwMsMBliAzsgImdiAiUfcAgvKQpwHkgbO1k8HkwMRGE0HHhHFl9E
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://upfiles.io/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://upfiles.io/

Response headers

content-type
text/html
content-length
1225
date
Sun, 17 Oct 2021 07:01:31 GMT
server
openresty/1.17.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
pragma
no-cache
p3p
CP="NID DSP ALL COR"
content-encoding
gzip
x-cache
Miss from cloudfront
via
1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
ZOPsnOJAd728tqGvINkPDJnhZQdy-ZU_PDPmzqs2TXBm342HAZcV0Q==
OTc3FApdICg3IyAwOD0NWDUXMRkPJiU5cB0wCSsKDlACOAoGD1wceQwhDyIaXjAJKHsmMB0wHhE2HBh5WhQNFA5SMj8sMDEnVyluARABFDhWNh0qOScyPBktJDA8IBw
loptyinterva.xyz/ekhrY24bKggOURt1CUUbCCRWRlw8bVklCkguCRUPA3BaCFoQIVhNDRYnHgcICCcFF0AULR9GXDweOA5WSBpbKh47DgwLCC58LDYACn8OJQU1LAUhHTgdPgwiPjg4OhQrGyQaIBQOOCYYMw8+NSk4fSEyBEolD1JWKwMSLgU5CR8LJAMZJiBd... Frame A6C1 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://loptyinterva.xyz/ekhrY24bKggOURt1CUUbCCRWRlw8bVklCkguCRUPA3BaCFoQIVhNDRYnHgcICCcFF0AULR9GXDweOA5WSBpbKh47DgwLCC58LDYACn8OJQU1LAUhHTgdPgwiPjg4OhQrGyQaIBQOOCYYMw8+NSk4fSEyBEolD1JWKwMSLgU5CR8LJAMZJiBdICMgFBovLQU5HT0kD1UiAx09OxcJPSBTAT8JMwcFIjAlUg0XATI7FxElITEGPBEFIVg7HSEKDTI4DiEDFjEJUhZKEQUhWD0OUxMKMn0gIT8sJg4lVzUrMzkEKS85UCcAJw00BzN5JxRfHgQBORgiEEYhFxkQWiEsIg4FBihCLScgAV96KSICCiEIIgIxCiMAGzM/OTc3FApdICg3IyAwOD0NWDUXMRkPJiU5cB0wCSsKDlACOAoGD1wceQwhDyIaXjAJKHsmMB0wHhE2HBh5WhQNFA5SMj8sMDEnVyluARABFDhWNh0qOScyPBktJDA8IBw
Requested by
Host: d2fbvay81k4ji3.cloudfront.net
URL: https://d2fbvay81k4ji3.cloudfront.net/?avbfd=926806
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-62.fra2.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
31affe2f18265d002a98802368256ed3ca803eb39c272467c4ad2c31f4e8c711

Request headers

:method
GET
:authority
loptyinterva.xyz
:scheme
https
:path
/ekhrY24bKggOURt1CUUbCCRWRlw8bVklCkguCRUPA3BaCFoQIVhNDRYnHgcICCcFF0AULR9GXDweOA5WSBpbKh47DgwLCC58LDYACn8OJQU1LAUhHTgdPgwiPjg4OhQrGyQaIBQOOCYYMw8+NSk4fSEyBEolD1JWKwMSLgU5CR8LJAMZJiBdICMgFBovLQU5HT0kD1UiAx09OxcJPSBTAT8JMwcFIjAlUg0XATI7FxElITEGPBEFIVg7HSEKDTI4DiEDFjEJUhZKEQUhWD0OUxMKMn0gIT8sJg4lVzUrMzkEKS85UCcAJw00BzN5JxRfHgQBORgiEEYhFxkQWiEsIg4FBihCLScgAV96KSICCiEIIgIxCiMAGzM/OTc3FApdICg3IyAwOD0NWDUXMRkPJiU5cB0wCSsKDlACOAoGD1wceQwhDyIaXjAJKHsmMB0wHhE2HBh5WhQNFA5SMj8sMDEnVyluARABFDhWNh0qOScyPBktJDA8IBw
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://upfiles.io/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://upfiles.io/

Response headers

content-type
text/html
content-length
1222
date
Sun, 17 Oct 2021 07:01:31 GMT
server
openresty/1.17.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
pragma
no-cache
p3p
CP="NID DSP ALL COR"
content-encoding
gzip
x-cache
Miss from cloudfront
via
1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
Y99SXnh-4qODEqPlMa9uNDLrHWiahhNxjmXgUVcpFx6ZBkslca38Pw==
utx
loptyinterva.xyz/ 		0
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://loptyinterva.xyz/utx?cb=2nTvDOQf5sAd&top=upfiles.io&tid=932559
Requested by
Host: d2fbvay81k4ji3.cloudfront.net
URL: https://d2fbvay81k4ji3.cloudfront.net/?avbfd=926806
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-62.fra2.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://upfiles.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Oct 2021 07:01:31 GMT
via
1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://upfiles.io
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
4Aa-YtisASKK24C8hidzaoA1bMz1dWGZI8wuQPoM8sPZLsFCO6VI-A==
WQIWNVRAFTINA3gpAVMIZSACXiN3PwUgHm4FMRw9ZSoRFg1lfRkWIHwNcQwUWyInWxUHPWVeVUd0YQ
loptyinterva.xyz/V2ZnNEw2BARZczZbBRI5JQpaEX4RQ1VyKGUABUItLl5WX3g9D1QaLzsJElAqJQkJQGI5AxMRfhFUMwZ9GQUgYT8WDypjGz0VIn8ZZgUBcnVjNDFMPBUcU1IPLV82ZHwaMwFiGnJUIXV9ZlM0TiccJz9+KDYeEHEFBhYQYisWDiNaDhU3HgAG... Frame A162 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://loptyinterva.xyz/V2ZnNEw2BARZczZbBRI5JQpaEX4RQ1VyKGUABUItLl5WX3g9D1QaLzsJElAqJQkJQGI5AxMRfhFUMwZ9GQUgYT8WDypjGz0VIn8ZZgUBcnVjNDFMPBUcU1IPLV82ZHwaMwFiGnJUIXV9ZlM0TiccJz9+KDYeEHEFBhYQYisWDiNaDhU3HgAGG1ZWZi0FDV58O2IfJl0NHCc0AAEeASp+HGcVU3EaMA8mXi8NJTR5ATYjLl4pPCheYhozQ1VyHgMJPXc1JCUoUwIWADEEJhUjJQ0UDx4mZ39uLwFeBhYAMQR6EDcTARsADiN+ficAAWUkAwNXZiMGCjJBBANLV1cNEwEueDQkKygEJHJUIXogFV4wWQITM1VEKjEwAHsGLw0AfAkVXytZJBQwNHkJHQ4xdSoBVhZyHQ4NJlkeATBUDAMdNy5/BTAOCGUlGVQ/WQIWNVRAFTINA3gpAVMIZSACXiN3PwUgHm4FMRw9ZSoRFg1lfRkWIHwNcQwUWyInWxUHPWVeVUd0YQ
Requested by
Host: d2fbvay81k4ji3.cloudfront.net
URL: https://d2fbvay81k4ji3.cloudfront.net/?avbfd=926806
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-62.fra2.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
4ac10b71d41bd2cbc9f4a2f3796cfc93859b87f3b88c087ac78c1106e2736765

Request headers

:method
GET
:authority
loptyinterva.xyz
:scheme
https
:path
/V2ZnNEw2BARZczZbBRI5JQpaEX4RQ1VyKGUABUItLl5WX3g9D1QaLzsJElAqJQkJQGI5AxMRfhFUMwZ9GQUgYT8WDypjGz0VIn8ZZgUBcnVjNDFMPBUcU1IPLV82ZHwaMwFiGnJUIXV9ZlM0TiccJz9+KDYeEHEFBhYQYisWDiNaDhU3HgAGG1ZWZi0FDV58O2IfJl0NHCc0AAEeASp+HGcVU3EaMA8mXi8NJTR5ATYjLl4pPCheYhozQ1VyHgMJPXc1JCUoUwIWADEEJhUjJQ0UDx4mZ39uLwFeBhYAMQR6EDcTARsADiN+ficAAWUkAwNXZiMGCjJBBANLV1cNEwEueDQkKygEJHJUIXogFV4wWQITM1VEKjEwAHsGLw0AfAkVXytZJBQwNHkJHQ4xdSoBVhZyHQ4NJlkeATBUDAMdNy5/BTAOCGUlGVQ/WQIWNVRAFTINA3gpAVMIZSACXiN3PwUgHm4FMRw9ZSoRFg1lfRkWIHwNcQwUWyInWxUHPWVeVUd0YQ
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://upfiles.io/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://upfiles.io/

Response headers

content-type
text/html
content-length
1228
date
Sun, 17 Oct 2021 07:01:31 GMT
server
openresty/1.17.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
pragma
no-cache
p3p
CP="NID DSP ALL COR"
content-encoding
gzip
x-cache
Miss from cloudfront
via
1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
cgNiMrjKyr_f98j8Fmpogl9bEAvDfxvY2dVwGCJLMxBHYz1IdBZlNw==
login.php
www.facebook.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by
Host: upfiles.io
URL: https://upfiles.io/Y6lP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.20.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frt3.facebook.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://upfiles.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
ServiceLogin
accounts.google.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
Requested by
Host: upfiles.io
URL: https://upfiles.io/Y6lP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.205 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f13.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://upfiles.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
ServiceLogin
accounts.google.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
Requested by
Host: upfiles.io
URL: https://upfiles.io/Y6lP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.205 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f13.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://upfiles.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
arrow-down.png
upfiles.io/images/ 		208 B
785 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upfiles.io/images/arrow-down.png?c98e5283a69cb508d054d30256af43c6
Requested by
Host: upfiles.io
URL: https://upfiles.io/css/frontend.css?id=b7f59d23b8b28a78299d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.187.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59b7ad6d6f457b624e25d22959edc7c83af2ac52edba32fd6648c97af0d1780c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/images/arrow-down.png?c98e5283a69cb508d054d30256af43c6
pragma
no-cache
cookie
refY6lP=eyJpdiI6Ik1XRzA1Wm4zU1JzTXF1SVVuMGVlaGc9PSIsInZhbHVlIjoidGFldVNCK2FyQTVxWTZZejNTUFpuUT09IiwibWFjIjoiMDlmMTlhZjM2YTMwYzgzNzZjNjRmOTg2YWQzNWEwODEwMjNhNmE2MzY0OGMxOTVlZmVlNDFjYjZkZDdhMzllYyJ9; XSRF-TOKEN=eyJpdiI6IkluZFNpY09VU2JIUjN3MzhSbXNzY3c9PSIsInZhbHVlIjoiNUgrUGdJSGZZVDRqeUNZeWlQSGNlcDVHKzNnUSthcmtxRk5uaUJFK21XV1lCdDRLK2t2Vm52NG9nMXp3elQvTjJxT0N5NzExOVI0d3BsTXhhaktnYXg4clVpT2JORm94RGhtRHFhbk1ZSDBST3krQ3FBLzExUmlldmdIZEZibGIiLCJtYWMiOiJkNzdkNmJmOGFlY2E1NGYzZGNjMzU4NzE4MjBlMjU4NWE4MmExZDNiNzdkZGRhYjUxZjdmNmY0ZGI3MmYwYTU3In0%3D; upfiles_session=eyJpdiI6IkE4WEpKSUh4bHVwMG9EN3cwUW44enc9PSIsInZhbHVlIjoiMTBLdEFnTy9RUVNoSjBMVU5RamR4UVFRVlRjY1NsUmhvb0o1ekFFY0ZSd1dWNGk0aDNSOEJGQlM2YTdreThqN1MzR2FLcVpkRnlwRGtVWkVjVXJMSUtsZkFrd1Z6WkoySlBHMUozK3ZvV3o1TnQ2VHhYV3dDa1JoZEtUNFVNY2UiLCJtYWMiOiJjMWFmZjlkNTc4ZTJjMjg3YWNlMDQ4NWQzYzhhZGY5NzE1N2RkZDhkYmJmYjZkZDE1ZGExMjQ0NTE2ZDdmMDBjIn0%3D
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
upfiles.io
referer
https://upfiles.io/css/frontend.css?id=b7f59d23b8b28a78299d
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://upfiles.io/css/frontend.css?id=b7f59d23b8b28a78299d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 07:01:31 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
277
vary
Accept-Encoding
content-length
208
last-modified
Sat, 22 May 2021 16:02:15 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"60a92b07-d0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9b5idyleGR6U1kBgjXkubdbbBGr9SEjLdgIGEjbKe%2Ft35j8EZ6O8qasoeK5tvOHFsjLZO0iIZ4xJjz1Qver6ITioxS%2FE%2F0lRJeTGk1GO2mA1nSXBZh1BoE2Wc0gr"}],"group":"cf-nel","max_age":604800}
content-type
image/png
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
69f7a7f92880c28b-FRA
api.js
www.recaptcha.net/recaptcha/ 		921 B
1019 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
Requested by
Host: upfiles.io
URL: https://upfiles.io/js/frontend.js?id=28cb7d0aaaf973146b14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
GSE /
Resource Hash
493d651d2192d795c3dc666c3186a3214923e182024be4b0d378ef30fe6aec69
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://upfiles.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 07:01:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
585
x-xss-protection
1; mode=block
expires
Sun, 17 Oct 2021 07:01:31 GMT
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-197252557-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f110.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://upfiles.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Oct 2021 16:38:54 GMT
server
Golfe2
age
874
date
Sun, 17 Oct 2021 06:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Sun, 17 Oct 2021 08:46:57 GMT
/
freychang.fun/ 		15 B
709 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://freychang.fun/?f=b0174682fa63789a3402a7f7bc361b31
Requested by
Host: d2fbvay81k4ji3.cloudfront.net
URL: https://d2fbvay81k4ji3.cloudfront.net/?avbfd=926806
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.45.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59bb84ddf4531b6db558fb05ffe6edc2ea852e1c1fdd49da17847d64b2ec90ab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://upfiles.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 07:01:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
https://upfiles.io
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=azyDl%2Fy1D0H8UJuRHBShldncA2L5Dbd89ik%2FLzjtbXziUgpafcOpXPfe4bMphHguIU%2Br%2FCQ4LB28DeWlnFfsmr4510ZGplQplNRH3SM2aRkBdepVYuGH6W68P5uU8EzK"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
69f7a7faae33410d-PRG
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
recaptcha__de.js
www.gstatic.com/recaptcha/releases/qljbK_DTcvY1PzbR7IG69z1r/ 		346 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/qljbK_DTcvY1PzbR7IG69z1r/recaptcha__de.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
24888ff57c1714336f283a67e22f1207ef9826694a9078e1cda9d581ff148407
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://upfiles.io/
Origin
https://upfiles.io
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 16 Oct 2021 18:41:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44426
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
137921
x-xss-protection
0
last-modified
Mon, 04 Oct 2021 04:21:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="recaptcha"
expires
Sun, 16 Oct 2022 18:41:05 GMT
VSm82R0IpAFghfT4GUnp7eFkOdnBsBUUoLDpSYzQSOyNnFSEvIGUVGB5JQj0md18QKyMkCAthJyQMC3ZkKwtUenZsGld6LyUVXysuK0oEAXdkXxN1cmIYXykmJRhFYnB6AUJicHpeBmlyb1x0YnB6GF8pdH5KBQVneF9OcXZjSgR3IzofWiI1Lw1dLjZvXX-BycX1...
d2fbvay81k4ji3.cloudfront.net/ Frame A6C1 		190 B
467 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d2fbvay81k4ji3.cloudfront.net/VSm82R0IpAFghfT4GUnp7eFkOdnBsBUUoLDpSYzQSOyNnFSEvIGUVGB5JQj0md18QKyMkCAthJyQMC3ZkKwtUenZsGld6LyUVXysuK0oEAXdkXxN1cmIYXykmJRhFYnB6AUJicHpeBmlyb1x0YnB6GF8pdH5KBQVneF9OcXZjSgR3IzofWiI1Lw1dLjZvXX-BycX1BBXFneF8eLCo+AlpicAlKBHcuIwRTYnB6CFMkKSVGE3VyKQdEKC8vSgQBe3lBBml2f1gBaXR5SgR3MSsJVzUrb11wcnF9QQVxZD9S
Requested by
Host: loptyinterva.xyz
URL: https://loptyinterva.xyz/ekhrY24bKggOURt1CUUbCCRWRlw8bVklCkguCRUPA3BaCFoQIVhNDRYnHgcICCcFF0AULR9GXDweOA5WSBpbKh47DgwLCC58LDYACn8OJQU1LAUhHTgdPgwiPjg4OhQrGyQaIBQOOCYYMw8+NSk4fSEyBEolD1JWKwMSLgU5CR8LJAMZJiBdICMgFBovLQU5HT0kD1UiAx09OxcJPSBTAT8JMwcFIjAlUg0XATI7FxElITEGPBEFIVg7HSEKDTI4DiEDFjEJUhZKEQUhWD0OUxMKMn0gIT8sJg4lVzUrMzkEKS85UCcAJw00BzN5JxRfHgQBORgiEEYhFxkQWiEsIg4FBihCLScgAV96KSICCiEIIgIxCiMAGzM/OTc3FApdICg3IyAwOD0NWDUXMRkPJiU5cB0wCSsKDlACOAoGD1wceQwhDyIaXjAJKHsmMB0wHhE2HBh5WhQNFA5SMj8sMDEnVyluARABFDhWNh0qOScyPBktJDA8IBw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.137.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d4a2064ec573c9f84594a313b9c5e0e8202d0b4ff482ce81b30e63202d94ee32

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://loptyinterva.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 07:01:32 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
190
via
1.1 8b360b28aeb67c1982fcc466a05eef03.cloudfront.net (CloudFront)
x-amz-cf-id
fFsDp9C9DTz-f9w_aJ_G0Q_z_R8RCLtLcY0oGGULWZ22DAVZR1YgTQ==
KdnpkdmUVFQoQWgITAEtcRExcRlNQEBcZCwZHIARWLBdUByFHT0ICHxJHVFAJFxQDS0MTFAdLVFAbABRYQlwQBgodRwsbHxIbBRkWGgpCAwRLFwsMDBoWBVNXME9KRkBESkwBDBgeCwEWU0hUGBFTSFRHVVhKQUUnU0hUAQwYTFBTVjRfVkYdQE5NU1dGGx-QGCRM...
d2fbvay81k4ji3.cloudfront.net/ Frame 836A 		798 B
844 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d2fbvay81k4ji3.cloudfront.net/KdnpkdmUVFQoQWgITAEtcRExcRlNQEBcZCwZHIARWLBdUByFHT0ICHxJHVFAJFxQDS0MTFAdLVFAbABRYQlwQBgodRwsbHxIbBRkWGgpCAwRLFwsMDBoWBVNXME9KRkBESkwBDBgeCwEWU0hUGBFTSFRHVVhKQUUnU0hUAQwYTFBTVjRfVkYdQE5NU1dGGx-QGCRMNARQOHw5BRCNDSVNYVkBfVkZNHRIQGwlTSCdTV0YWDR0AU0hUEQAVEQtfQERKBx4XGRcBU1cwQ1dYVVhOUUFSWExXU1dGCQUQBAQTQUQjQ0lTWFZAXBFL
Requested by
Host: loptyinterva.xyz
URL: https://loptyinterva.xyz/bnFINlIPEytbbQ9MKhAnHB11E2AoVHpwNlwXKkAzF0l5XWYEGHsYMQIePVI0HB4mQnwAFDwTYCg6LFgiBRUlYwQoICdnBQk4HHcXGhIacyoNIyR4AyszK2wRGSsAfxM8JgR0NjszMXAaOkEBdRoWOwBgFC87Dk4DKiJ4ewYoMCx6BCgwKncQPCgZWiU/My9ZNjwGO1QaFjgqdAAFJg9RIi0wP2QeKAY7exYsHh90BCApBXNrJSMjdBc9Gj90FiwWLXUlKyYdBjo7NgpwBj03Gn4EOBkDZwc7Hx0GOjswGUELOjcKYgQEIy5gOTcVGXNnICR5UhUpCWVnFS0jBXgTPCAHfiVbMxp1HCoiHngLOBoKUAQFKwZ+ACcgD0E+OiILUgY4QRFhFjxBCWNiBiQNZxM4NBlCND80Gn0QFkUQcQANMx0HMRkgeVILOCcgeQc7NxthFxYpHQc2KTIZYwMsMBliAzsgImdiAiUfcAgvKQpwHkgbO1k8HkwMRGE0HHhHFl9E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.137.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2ab106965eb6b7595313198ddc5708fc472537623bd22f2070d4f07bfe9212fa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://loptyinterva.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 07:01:32 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
565
via
1.1 8b360b28aeb67c1982fcc466a05eef03.cloudfront.net (CloudFront)
x-amz-cf-id
P4Gqx8MjrXaVpvb35PQrfk6TTZ5r25vbIwKhKG0U7kCZPXuMXlPU4A==
NlB8WmNDU2pffVgOJxkgHEB9LmhCVSMEJhVAfV0qFQYkAmRVV38OJQIKIghoQiN2XmNAS3tYekdLeV5oQlU8DCsRFyZIfzZQfFpjQ1NpGHA
d2fbvay81k4ji3.cloudfront.net/2T21NcGUsAiMWWjsEKU1cfF94RVxpBz4fCz9QP0MUfVV/A115SzkKAXJdaxwEIQpwVgAhDnBBQy4JL01RaRk9Hw5yAiAKAS4MIgMJP0s4EVgiAjcZCSMMaEIjekN9VVd/RToZCysCOgNAfV0jBEB9XXxAS39IfjJAfV06GQ... Frame A162 		777 B
835 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d2fbvay81k4ji3.cloudfront.net/2T21NcGUsAiMWWjsEKU1cfF94RVxpBz4fCz9QP0MUfVV/A115SzkKAXJdaxwEIQpwVgAhDnBBQy4JL01RaRk9Hw5yAiAKAS4MIgMJP0s4EVgiAjcZCSMMaEIjekN9VVd/RToZCysCOgNAfV0jBEB9XXxAS39IfjJAfV06GQt5WWhDJ2pffQhTe0RoQlUuHT-0cADgILxsMO0h/NlB8WmNDU2pffVgOJxkgHEB9LmhCVSMEJhVAfV0qFQYkAmRVV38OJQIKIghoQiN2XmNAS3tYekdLeV5oQlU8DCsRFyZIfzZQfFpjQ1NpGHA
Requested by
Host: loptyinterva.xyz
URL: https://loptyinterva.xyz/V2ZnNEw2BARZczZbBRI5JQpaEX4RQ1VyKGUABUItLl5WX3g9D1QaLzsJElAqJQkJQGI5AxMRfhFUMwZ9GQUgYT8WDypjGz0VIn8ZZgUBcnVjNDFMPBUcU1IPLV82ZHwaMwFiGnJUIXV9ZlM0TiccJz9+KDYeEHEFBhYQYisWDiNaDhU3HgAGG1ZWZi0FDV58O2IfJl0NHCc0AAEeASp+HGcVU3EaMA8mXi8NJTR5ATYjLl4pPCheYhozQ1VyHgMJPXc1JCUoUwIWADEEJhUjJQ0UDx4mZ39uLwFeBhYAMQR6EDcTARsADiN+ficAAWUkAwNXZiMGCjJBBANLV1cNEwEueDQkKygEJHJUIXogFV4wWQITM1VEKjEwAHsGLw0AfAkVXytZJBQwNHkJHQ4xdSoBVhZyHQ4NJlkeATBUDAMdNy5/BTAOCGUlGVQ/WQIWNVRAFTINA3gpAVMIZSACXiN3PwUgHm4FMRw9ZSoRFg1lfRkWIHwNcQwUWyInWxUHPWVeVUd0YQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.137.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8ab86bb65ab166a65309709ff8cdcf64b875afa8bee3504ac835c144306736e1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://loptyinterva.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 07:01:32 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
558
via
1.1 8b360b28aeb67c1982fcc466a05eef03.cloudfront.net (CloudFront)
x-amz-cf-id
Ag7LfGC4SQG4DoyKZDV0cRbPs3owm6bW1s-Eq0faEAzyfRnROW347w==
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1259652782&t=pageview&_s=1&dl=https%3A%2F%2Fupfiles.io%2FY6lP&ul=en-us&de=UTF-8&dt=ebook-gratis.pdf&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=52461593&gjid=1396696885&cid=1481093038.1634454092&tid=UA-197252557-1&_gid=1154989326.1634454092&_r=1&gtm=2ouad0&z=1428149950
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f110.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://upfiles.io/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 17 Oct 2021 07:01:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://upfiles.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
SWB4TiUXNiZVfElgeE46RGFnW3hXYnpGeV8kOQkrRGFvGDgNPHRZekpkfV14SWl4UXpO
getinclinarss.xyz/THlQSWhjRjM6VS4sP3snGyszLy4oGhIuHGlLFggpPzsIIAAfIRYbDGoNOS1VdUtmcVh6XyAgDHFIdjocLQ0lOlV/ 		0
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://getinclinarss.xyz/THlQSWhjRjM6VS4sP3snGyszLy4oGhIuHGlLFggpPzsIIAAfIRYbDGoNOS1VdUtmcVh6XyAgDHFIdjocLQ0lOlV/SWB4TiUXNiZVfElgeE46RGFnW3hXYnpGeV8kOQkrRGFvGDgNPHRZekpkfV14SWl4UXpO
Requested by
Host: upfiles.io
URL: https://upfiles.io/Y6lP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-33.fra2.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://upfiles.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 17 Oct 2021 07:01:32 GMT
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
xGfWU7EVlYDPoNVC0ytnif7AkaHzANNtJb_H_iqyeKlk-3N-zuRaew==
x-cache
Miss from cloudfront
popunder.gif
getinclinarss.xyz/ 		35 B
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://getinclinarss.xyz/popunder.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-33.fra2.r.cloudfront.net
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://upfiles.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
public
date
Sun, 17 Oct 2021 07:01:32 GMT
content-encoding
gzip
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
content-length
58
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
x-amz-cf-id
KMQmcNx_pRp0bU2TdfB69jE7gfMydTW5LmCl73WGOH7rdFVriH9LIw==

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster number| LAST_CORRECT_EVENT_TIME number| _3793154468 number| _3036952004 object| app_vars object| e object| webpackChunk function| jQuery function| $ number| uidEvent function| Dropzone function| onloadRecaptchaCallback function| onloadHCaptchaCallback function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| gaplugins object| gaGlobal object| gaData number| iinf object| recaptcha

9 Cookies

Domain/Path Name / Value
upfiles.io/ Name: refY6lP
Value: eyJpdiI6Ik1XRzA1Wm4zU1JzTXF1SVVuMGVlaGc9PSIsInZhbHVlIjoidGFldVNCK2FyQTVxWTZZejNTUFpuUT09IiwibWFjIjoiMDlmMTlhZjM2YTMwYzgzNzZjNjRmOTg2YWQzNWEwODEwMjNhNmE2MzY0OGMxOTVlZmVlNDFjYjZkZDdhMzllYyJ9
upfiles.io/ Name: XSRF-TOKEN
Value: eyJpdiI6IkluZFNpY09VU2JIUjN3MzhSbXNzY3c9PSIsInZhbHVlIjoiNUgrUGdJSGZZVDRqeUNZeWlQSGNlcDVHKzNnUSthcmtxRk5uaUJFK21XV1lCdDRLK2t2Vm52NG9nMXp3elQvTjJxT0N5NzExOVI0d3BsTXhhaktnYXg4clVpT2JORm94RGhtRHFhbk1ZSDBST3krQ3FBLzExUmlldmdIZEZibGIiLCJtYWMiOiJkNzdkNmJmOGFlY2E1NGYzZGNjMzU4NzE4MjBlMjU4NWE4MmExZDNiNzdkZGRhYjUxZjdmNmY0ZGI3MmYwYTU3In0%3D
upfiles.io/ Name: upfiles_session
Value: eyJpdiI6IkE4WEpKSUh4bHVwMG9EN3cwUW44enc9PSIsInZhbHVlIjoiMTBLdEFnTy9RUVNoSjBMVU5RamR4UVFRVlRjY1NsUmhvb0o1ekFFY0ZSd1dWNGk0aDNSOEJGQlM2YTdreThqN1MzR2FLcVpkRnlwRGtVWkVjVXJMSUtsZkFrd1Z6WkoySlBHMUozK3ZvV3o1TnQ2VHhYV3dDa1JoZEtUNFVNY2UiLCJtYWMiOiJjMWFmZjlkNTc4ZTJjMjg3YWNlMDQ4NWQzYzhhZGY5NzE1N2RkZDhkYmJmYjZkZDE1ZGExMjQ0NTE2ZDdmMDBjIn0%3D
anamaembush.com/ Name: GL_UI4
Value: eJw9jUtOwzAYhPMOVUnESDkAR4hJi9sl4hAsI8f%2Bk5omduWYRtweCwlW82kemiiKkqZGfC9SpF%2FiiGfJiTP%2BIjk%2FsaHtDufXjsYj46eRHfhZKez02nsxzOQzPE5kyGnZS6uowlOI%2FpyrsZvJkA9OGFUhX0JjrlAOzm4ruSZFZsRCKN4vzgbNF%2FFpHZJzF1CbgHGLxK5NWu9Qfmijwq7eI2FtXRUR9rdZ%2BNG6pdeqiJFPTihC%2FIYHKTxN1n2jVLRevb0Bdlb9f%2F%2F3Nt1Yi0LRXcvwbf2F3A%2Fx6Uoh
anamaembush.com/ Name: GL_GI10
Value: eJxNjkFuwjAURIMDAasUNBIH4AJENUU9QLvvJmRtRckn8oL%2FLdvQpqdvClLb3eiN3miyLFObFZTzWO%2FNS2meTWnModw%2FHZD3JFB1hWUrF05hsNycCY81u0TdtkpNoogiUO%2BEoY7veLhn20pHmNXV7h%2B7ufpIzBQjEaatSwP0ayBOHyId9A%2B4q8tR%2FStyFz10dembEAduoZmSjZ5odN4keAnjEax%2B6W2jyLFw0fogn0MxwTq5M30Jk5XTKVKazzC5FuobsY9Nqw%3D%3D
upfiles.io/ Name: ab
Value: 2
.upfiles.io/ Name: _ga
Value: GA1.2.1481093038.1634454092
.upfiles.io/ Name: _gid
Value: GA1.2.1154989326.1634454092
.upfiles.io/ Name: _gat_gtag_UA_197252557_1
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
anamaembush.com
d2fbvay81k4ji3.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
freychang.fun
getinclinarss.xyz
loptyinterva.xyz
upfiles.com
upfiles.io
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
www.recaptcha.net
104.21.45.207
13.224.193.33
13.225.87.62
142.250.185.106
142.250.185.205
142.250.185.227
142.250.185.67
142.250.186.104
142.250.186.67
146.59.188.42
157.240.20.35
172.217.18.110
172.67.173.106
172.67.187.10
18.66.137.28
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
24888ff57c1714336f283a67e22f1207ef9826694a9078e1cda9d581ff148407
2ab106965eb6b7595313198ddc5708fc472537623bd22f2070d4f07bfe9212fa
31affe2f18265d002a98802368256ed3ca803eb39c272467c4ad2c31f4e8c711
416d4142bc1a87a025a2d61b459ead0265d21f50e51d0b0243cb818ef878e169
493d651d2192d795c3dc666c3186a3214923e182024be4b0d378ef30fe6aec69
4a76796416e096e38bce8c5e23583cba3e3557700b79c08d9aa0b92fc0dec3e5
4ac10b71d41bd2cbc9f4a2f3796cfc93859b87f3b88c087ac78c1106e2736765
579141e4773c9f1cc56d7d778459aede76d95e6db5665411bf7f824690dc7fdd
598cb3cb0a9900c562337f15bc247ae4a0cb57150a94d0de45ebad77dd078117
59b7ad6d6f457b624e25d22959edc7c83af2ac52edba32fd6648c97af0d1780c
59bb84ddf4531b6db558fb05ffe6edc2ea852e1c1fdd49da17847d64b2ec90ab
638a326578c21f3b73ce20d8c9f7e13b3659cddc0e43f0a6c11cfe0c076295a8
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
78acc1b5e409fb4a03ed370ee50c12c9537b3af9f177ae62e9eb438e9f8fa198
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8ab86bb65ab166a65309709ff8cdcf64b875afa8bee3504ac835c144306736e1
9a717285429d468fadc4d25179fc6feb49e6335f3af1675fb6be1cb50e7e8322
9d807c16e2160c2660ffd43bf8b8bc54eb39ecd044e823209c0ade70db965d5a
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
c6b9d20ecf27a000695abf5cbd0a96763f1b7d508f533a32311be9c2d6f05795
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d454583aa343d4c8aa4e42c0876b20e60c20c0b89284e4ef0c662d0426c18254
d4a2064ec573c9f84594a313b9c5e0e8202d0b4ff482ce81b30e63202d94ee32
d526da1f4d4af45cefd2a0d140abec2beddc3150d13c47d3de893eaa278a369d
d6286b356c665a8d2eccbbf46770275f607eb510332bf3c5fceb31574b332562
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6789b1579e3915acc50ce2f56d956c05dc3186238eb4d1a0d4ad1e403a625ac
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62