URL: https://www.file-upload.com/uj5q8vqoc578
Submission: On September 15 via manual — Scanned from DE

Summary

This website contacted 25 IPs in 4 countries across 25 domains to perform 74 HTTP transactions. The main IP is 172.67.146.80, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.file-upload.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 7th 2021. Valid for: a year.
This is the only time www.file-upload.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 172.67.146.80 13335 (CLOUDFLAR...)
3 139.45.197.239 9002 (RETN-AS)
2 139.45.197.236 9002 (RETN-AS)
5 13.226.156.200 16509 (AMAZON-02)
9 139.45.197.251 9002 (RETN-AS)
1 151.139.242.29 33438 (HIGHWINDS2)
7 65.9.73.127 16509 (AMAZON-02)
1 185.60.216.35 32934 (FACEBOOK)
2 142.250.27.84 15169 (GOOGLE)
3 139.45.197.237 9002 (RETN-AS)
1 104.21.45.207 13335 (CLOUDFLAR...)
5 139.45.195.8 9002 (RETN-AS)
1 65.9.73.105 16509 (AMAZON-02)
4 139.45.197.15 9002 (RETN-AS)
1 13.226.155.13 16509 (AMAZON-02)
1 2 216.58.208.104 15169 (GOOGLE)
2 185.60.216.19 32934 (FACEBOOK)
1 13.226.155.77 16509 (AMAZON-02)
1 3.142.157.144 16509 (AMAZON-02)
5 139.45.197.241 9002 (RETN-AS)
1 1 108.177.119.156 15169 (GOOGLE)
1 1 142.250.102.103 15169 (GOOGLE)
1 142.250.102.94 15169 (GOOGLE)
1 185.60.216.15 32934 (FACEBOOK)
1 139.45.197.188 9002 (RETN-AS)
1 139.45.197.238 ()
74 25
Domain Requested by
13 www.file-upload.com www.file-upload.com
9 glimtors.net www.file-upload.com
glimtors.net
7 liminances.xyz d2fbvay81k4ji3.cloudfront.net
5 cdn.itphanpytor.club in-page-push.com
cdn.itphanpytor.club
5 d2fbvay81k4ji3.cloudfront.net www.file-upload.com
liminances.xyz
4 in-page-push.com www.file-upload.com
in-page-push.com
4 my.rtmark.net ozongees.com
jeehathu.com
www.file-upload.com
dozubatan.com
3 dozubatan.com jeehathu.com
dozubatan.com
3 jeehathu.com www.file-upload.com
jeehathu.com
2 connect.facebook.net www.file-upload.com
connect.facebook.net
2 ssl.google-analytics.com 1 redirects www.file-upload.com
2 accounts.google.com www.file-upload.com
2 ozongees.com www.file-upload.com
ozongees.com
1 forflygonom.com
1 static.cdnativepush.com
1 web.facebook.com connect.facebook.net
1 www.google.de
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 cdn.betgorebysson.club in-page-push.com
1 redirect.prod.experiment.routing.cloudfront.aws.a2z.com
1 certify.alexametrics.com
1 certify-js.alexametrics.com www.file-upload.com
1 geealingsa.space www.file-upload.com
1 freychang.fun d2fbvay81k4ji3.cloudfront.net
1 www.facebook.com www.file-upload.com
1 images.dmca.com www.file-upload.com
0 static.lalaping.com Failed cdn.itphanpytor.club
74 28

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
www.youtube.com
www.file-up.org
www.dmca.com
safeweb.norton.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-07-07 -
2022-07-06
a year crt.sh
jeehathu.com
R3
2021-07-26 -
2021-10-24
3 months crt.sh
ozongees.com
R3
2021-09-12 -
2021-12-11
3 months crt.sh
*.cloudfront.net
Amazon
2021-03-19 -
2022-03-17
a year crt.sh
glimtors.net
R3
2021-09-12 -
2021-12-11
3 months crt.sh
images.dmca.com
Go Daddy Secure Certificate Authority - G2
2020-03-13 -
2022-04-04
2 years crt.sh
liminances.xyz
Amazon
2021-09-01 -
2022-09-30
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-07-20 -
2021-10-18
3 months crt.sh
accounts.google.com
GTS CA 1C3
2021-08-23 -
2021-11-15
3 months crt.sh
dozubatan.com
R3
2021-08-10 -
2021-11-08
3 months crt.sh
*.rtmark.net
Sectigo RSA Domain Validation Secure Server CA
2020-10-27 -
2021-11-26
a year crt.sh
geealingsa.space
Amazon
2020-10-22 -
2021-11-20
a year crt.sh
in-page-push.com
R3
2021-07-20 -
2021-10-18
3 months crt.sh
certify-js.alexametrics.com
Amazon
2021-06-14 -
2022-07-13
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2021-08-30 -
2021-11-22
3 months crt.sh
certify.alexametrics.com
Amazon
2021-06-14 -
2022-07-13
a year crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com
Amazon
2020-09-10 -
2021-10-10
a year crt.sh
betgorebysson.club
R3
2021-06-30 -
2021-09-28
3 months crt.sh
itphanpytor.club
R3
2021-06-30 -
2021-09-28
3 months crt.sh
www.google.de
GTS CA 1C3
2021-08-23 -
2021-11-15
3 months crt.sh
cdnativepush.com
R3
2021-07-14 -
2021-10-12
3 months crt.sh
forflygonom.com
R3
2021-08-10 -
2021-11-08
3 months crt.sh

This page contains 8 frames:

Primary Page: https://www.file-upload.com/uj5q8vqoc578
Frame ID: 4B31042DDFAB8E29DAAF24604881D374
Requests: 54 HTTP requests in this frame

Frame: https://ozongees.com/fac.php
Frame ID: 1D054BE2B05D397C014214C238AC330F
Requests: 2 HTTP requests in this frame

Frame: https://liminances.xyz/bkhKUXQPKik8Sw91KHcBHCR3dEYobXgXEFwuKCcVF3B7OkAEIXl/FwInPzUSHCckJVoALT50RigcKBkbFxkhPiQoHj06EDwvHgcaVzISOhMvLHk9PysNDyU+LDACMDw7DwkFGAMCLQgfOhkAOiQGES8VRyQ7CxMADQISNT8meT05EF95KQQNNycfBEA7BiA+MCsZcmE5GR0bBA4JOww2OjoSDmk6PHlyJTkvHR0JHSA+EjsDJioCIT49CQAgJD8dHwcdXnECYEwvKyMALTY/CCgRXzAfEBkKfQY9TC8rIGEyKAkYYxZfcH4XRyx+DBQDKSl4aBE9JGccDSEvCzcmPSslEwwgDxBiEx8cPRdFNA5zHDJdCnwDNigpBDgXLxA9EDYMeX8aLAc7IhIiVgkpOEQkDxw6ADd4Jhg1Bw0jGRw4LgBjTQsYCyFDNA4yBDYADjMHIj8OKRZNCxshFB4iCXoYI1wsfhofVgouBiYIHAgARwo/bDsHASY6bC5ZBC8SIAoEAmZE
Frame ID: 96FCB412FB3E8CCA8D0262904E1B822D
Requests: 2 HTTP requests in this frame

Frame: https://liminances.xyz/dlNxRXcXMRIoSBduE2MCBD9MYEUwdkMDE0Q1EzMWD2tALkMcOkJrFBo8BCERBDwfMVkYNgVgRTBqECg5RwBBMj0yEQIxFA5nOgAvLGImEz03NikxOjUCKC4+HiMUBx9GMDV0BC8XMxAnMBU8YEUwHRZwEiQEQSI0AWMiIRoZAzUXLUQ1JDI0MwAdPS8dBjAOGTMbNQRPHxowHDQjGxoOL0ZiNycZQzIiMj4fGhZxOjc5GTUgMB4TFUUaCiR1JUEKHTUwJDQdNSAwHjIMHjwwJ3Q1QhcafCUkBz9zLx0jICAvAR80MiIYGCN1MDAqMCk/HQk5AS8aCScDWgJnFC5OJAEmCBk3OxIcPUQ/KAwxNGYXBC49GxhwByEVPBY7H2szATEOJhcpGDcbJS4dNCQrFBInIyISGwJkKClCJwcpDx4uBTcUEi4kKwQfOyIhIjkxAQZ0QiEFIycSPiM8AxwRdRs2GBgjTDYhJjZJKDAvNgY
Frame ID: 433B337DE3101F9445AEFD5D5E2965D7
Requests: 2 HTTP requests in this frame

Frame: https://liminances.xyz/OUxiVHhYLgE5R1hxAHINSyBfcUp/aVASHAsqACIZQHRTP0xTJVF6G1UjFzAeSyMMIFZXKRZxSn9/OC4pDC00Pz1ufQEEIlECBgwuayQ6I0h2FFBtOmEnDRM2QS8oBQFoACABNkAZI20pbRkRYzNqdQEcAAkmIyMTcxgYAT9uIFcBHk4GAwMUayMzAi5dD1AGLHwnUg42XjsoAAB4OyYCLn0IGxkdbx5aNzd/PDgCEHQ7IWUQYBglJxB4HgYOHn8ZJxEqDTshAjpuBAskO3srCRw0bAUlFy5RPDEFKVobCiA7eysJMTV4JyEQLUE9KAY9dRsxEip4Dk8WNVh9BgIraydTFRN3LyEuMXYdICwacX0rHDxSKBMBKnwANQw9dBQnZD13GSsTHVI0EAJJUR0jPgB6DgU/N2kNMDIuUg5aAilrLSMHC3AbNCw1WDUnGTl8KBIHKXgHNwM6cw0VIDVYfQYcL3h0VhIuCS81LEFqDhVhMFggJwcsfx1EPgtWIhJpAnQeACMzABpVLQprPCo8
Frame ID: FE9DBD679EA6D736AAC8F0E26B674DA6
Requests: 2 HTTP requests in this frame

Frame: https://liminances.xyz/R3hBZzQmGiIKCyZFI0FBNRR8QgYBXXMhUHUeIxFVPkBwDAAtEXJJVysXNANSNRcvExopHTVCBgEJEAx9dBwFBFwLLio0dwMhMzIELCgkCVsCLBBeXww9EAVjEzJkVXIWKnQgUS0iKCFTcykFMAQCInM2BhMqACxXKiojIWIsFCcfcRUvEiERdT4DC34QMigmfxY6BFV5Kx8nJF4WTxkPARA3AjV6Ay4bDHp2IgswXXdMGQ9cJTFzBHIKHwsUVy8yBiUGKEkZD0QTNBUxcRIpFx54AjYTJWwNAgNWWw8iciEFEikXHnoRTCAmbB0WAyNtFBsJLWQWHw8VbjBVFyJiLTE4MEwBOQsediQwFClaJDAHJXYPLjIlcQ4rIi99ITBwXwYLSTU1dhY+LyVhFRoKHlgULRAxTQ0uCD9sBEkzIl8eMAg0RAE/cAhaHQ8UHnB0DDIlBSg8Ij9bCC8mJUMdDxciZgQ1KjFTHR0bVHY/KRA1BSU5EyRxExxkVXJhEjIIWjdFNw1FfwwUBQ0VNxsXZA
Frame ID: 29BF417435E9A8B2F45E4BCF9E6E0BEB
Requests: 2 HTTP requests in this frame

Frame: https://jeehathu.com/fac.php
Frame ID: 3D204EB1A05E76382A4FF4471BD68284
Requests: 2 HTTP requests in this frame

Frame: https://web.facebook.com/v2.7/plugins/like.php?action=like&app_id=1643518039205368&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df5e50377e400cc%26domain%3Dwww.file-upload.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.file-upload.com%252Ff2907aae3e588d8%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Ffileuploadcom%2F&layout=box_count&locale=en_US&sdk=joey&share=true&show_faces=true&size=large
Frame ID: D648A1436BF507192418CBEE169451CB
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Download Male Enhancement Strategieszhako pdf

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

74
Requests

97 %
HTTPS

0 %
IPv6

25
Domains

28
Subdomains

25
IPs

4
Countries

814 kB
Transfer

2201 kB
Size

19
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1152703616&utmhn=www.file-upload.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Download%20Male%20Enhancement%20Strategieszhako%20pdf&utmhid=1013137565&utmr=-&utmp=%2Fuj5q8vqoc578&utmht=1631735464079&utmac=UA-42931250-7&utmcc=__utma%3D184767038.1422913114.1631735464.1631735464.1631735464.1%3B%2B__utmz%3D184767038.1631735464.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=949675173&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-42931250-7&cid=1422913114.1631735464&jid=949675173&_v=5.7.2&z=1152703616 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42931250-7&cid=1422913114.1631735464&jid=949675173&_v=5.7.2&z=1152703616 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42931250-7&cid=1422913114.1631735464&jid=949675173&_v=5.7.2&z=1152703616&slf_rd=1&random=3463267957

74 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request uj5q8vqoc578
www.file-upload.com/
18 KB
6 KB
Document
General
Full URL
https://www.file-upload.com/uj5q8vqoc578
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.146.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1970ee67b74ae577374926a6b93c7532f6cefd19f4c269700bd45a8ae13d6011
Security Headers
Name Value
Strict-Transport-Security max-age=0;includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.file-upload.com
:scheme
https
:path
/uj5q8vqoc578
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 15 Sep 2021 19:51:02 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=0;includeSubDomains;
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
expires
Tue, 14 Sep 2021 19:51:02 GMT
set-cookie
lang=german; domain=.file-upload.com; path=/
x-cache
HIT from Backend
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fO9R5y78XxY%2B%2F34SzHwwM9jYGpYEHRMkXT59WTQTlJBXBNko1lEbgaRd0EFlDpcNzLWvob6Sp%2Fo4pFyor8UV7Y0B5qt7dQCNK2diIMwraHaO41R7mHCUYzrVKrSiGwhayoswCAvF"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68f4633159c40818-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
app.css
www.file-upload.com/mngez/css/
247 KB
42 KB
Stylesheet
General
Full URL
https://www.file-upload.com/mngez/css/app.css?v=1
Requested by
Host: www.file-upload.com
URL: https://www.file-upload.com/uj5q8vqoc578
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.146.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8300148a65246e0d11c5d2c03cd7456fa0d968eb02c914676c01353d23cd71c7

Request headers

:path
/mngez/css/app.css?v=1
pragma
no-cache
cookie
lang=german
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.file-upload.com
referer
https://www.file-upload.com/uj5q8vqoc578
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.file-upload.com/uj5q8vqoc578
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 19:51:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5056724
cf-polished
origSize=253169
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 08 May 2019 07:43:34 GMT
server
cloudflare
etag
W/"5cd288a6-3dcf1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YIZ03W25arJX9XGDHUJf5F8CUWD6cxrsGJyWLbCrjb9wVLt6dAdanW8kIkbsAOSEE1LBVrh7aTILw9mez%2FS8nGPNNYZINhlZcc%2FIw2pKGWzRdzDjVmNDp6CeBoqSU%2BI6QRYPc%2FbL"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
68f46331ead40818-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo_new.png
www.file-upload.com/assets/images/
3 KB
3 KB
Image
General
Full URL
https://www.file-upload.com/assets/images/logo_new.png
Requested by
Host: www.file-upload.com
URL: https://www.file-upload.com/uj5q8vqoc578
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.146.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab3b4928cd56c0165c0492340c2bd5e77405f7a485107039c765e4a9f587a205

Request headers

:path
/assets/images/logo_new.png
pragma
no-cache
cookie
lang=german
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.file-upload.com
referer
https://www.file-upload.com/uj5q8vqoc578
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.file-upload.com/uj5q8vqoc578
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 19:51:02 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11488857
cf-bgj
csam-hash
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 09 Nov 2018 12:00:31 GMT
server
cloudflare
etag
W/"5be576df-c8f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cqEpfTZRuPBR4LQKGdYkebjAZFXmrX%2BcajycXDvHYl6Ys4h%2F6kJgRr1X1QxD6oy2bSqZTEgnIg0A4k07ONYoQ1NYY1KS%2FPZbQAOaDanfZ%2F94dQwgmCE%2BlFTE8P0%2B7%2BgaOr9QBO2j"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
cf-ray
68f46331ead70818-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
4244463
jeehathu.com/5/
53 KB
21 KB
Script
General
Full URL
https://jeehathu.com/5/4244463
Requested by
Host: www.file-upload.com
URL: https://www.file-upload.com/uj5q8vqoc578
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ec278cce49e8ca5a66fa3b2f2b56510c8e9239753a50e704a504491253dc3288

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.file-upload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id
5e1a00746a9b79604bab3a8916eb4b8f
pragma
no-cache, no-cache
date
Wed, 15 Sep 2021 19:51:02 GMT
content-encoding
gzip
server
nginx
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://lilureem.com>; rel="preconnect dns-prefetch"
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
4244563
ozongees.com/5/
53 KB
21 KB
Script
General
Full URL
https://ozongees.com/5/4244563
Requested by
Host: www.file-upload.com
URL: https://www.file-upload.com/uj5q8vqoc578
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e72c4420acf6fb4b2361a123217672946b8a0c5085e1395db0aeea7a38e871a0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.file-upload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id
f6f4cbf07877dabdea42893ac8f5cc93
pragma
no-cache, no-cache
date
Wed, 15 Sep 2021 19:51:02 GMT
content-encoding
gzip
server
nginx
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://lilureem.com>; rel="preconnect dns-prefetch"
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
/
d2fbvay81k4ji3.cloudfront.net/
488 KB
157 KB
Script
General
Full URL
https://d2fbvay81k4ji3.cloudfront.net/?avbfd=922253
Requested by
Host: www.file-upload.com
URL: https://www.file-upload.com/uj5q8vqoc578
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.156.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-200.dus51.r.cloudfront.net
Software
/
Resource Hash
4398479d3d062ac1fb8d56ed429bea1ae4d6d21dce9dc14d88962b8cea0f65b7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.file-upload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Sep 2021 18:34:07 GMT
content-encoding
gzip
age
4615
x-cache
Hit from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
x-amz-cf-pop
DUS51-C1
content-length
159863
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
x-amz-cf-id
sUHNGT1vI1BHhztnNskzER7S2U5pgdWWslQXWmwCiXWB-TW4E4lkTQ==
tag.min.js
glimtors.net/pfe/current/
15 KB
6 KB
Script
General
Full URL
https://glimtors.net/pfe/current/tag.min.js?z=4244474
Requested by
Host: www.file-upload.com
URL: https://www.file-upload.com/uj5q8vqoc578
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
fc6b00b39c6831d32690a5f33fe637ecfee459123b835d461428e16ea7157842

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.file-upload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Sep 2021 19:51:02 GMT
content-encoding
gzip
last-modified
Wed, 01 Sep 2021 09:06:02 GMT
server
nginx
etag
W/"612f427a-3bfd"
content-type
application/javascript
cache-control
no-cache
access-control-allow-credentials
true
anti1.png
www.file-upload.com/mngez/images/
19 KB
19 KB
Image
General
Full URL
https://www.file-upload.com/mngez/images/anti1.png
Requested by
Host: www.file-upload.com
URL: https://www.file-upload.com/uj5q8vqoc578
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.146.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27c5969dc8d515e42b01193ec6ff64e2ff6b74ee39af199445978bb8afa25810

Request headers

:path
/mngez/images/anti1.png
pragma
no-cache
cookie
lang=german
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.file-upload.com
referer
https://www.file-upload.com/uj5q8vqoc578
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.file-upload.com/uj5q8vqoc578
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 19:51:02 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11488856
cf-bgj
csam-hash
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 28 Dec 2018 22:57:30 GMT
server
cloudflare
etag
W/"5c26aa5a-4aae"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0CWfKBEK8I1hEhFVLu3dtJwCSkKW3FLMmGp4WWCtwQy5UENbDoPFwvYdHRBIxwHRG61MyAJ4lsMqLshMxK5VpbsdjkDRYVk013JqyiO%2BbkT3lek5ol7W%2FfR3sgs0DG2GaeeMeYrF"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
cf-ray
68f46331eae10818-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
anti2.png
www.file-upload.com/mngez/images/
641 B
975 B
Image
General
Full URL
https://www.file-upload.com/mngez/images/anti2.png
Requested by
Host: www.file-upload.com
URL: https://www.file-upload.com/uj5q8vqoc578
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.146.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe894077580a26a7bb0005cc423f8c9b22041593ec03bce3e9061dca7d7b5f1f

Request headers

:path
/mngez/images/anti2.png
pragma
no-cache
cookie
lang=german
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.file-upload.com
referer
https://www.file-upload.com/uj5q8vqoc578
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.file-upload.com/uj5q8vqoc578
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 19:51:02 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11488856
cf-bgj
csam-hash
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
641
last-modified
Fri, 28 Dec 2018 22:56:11 GMT
server
cloudflare
etag
"5c26aa0b-281"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rqdS7NQ%2FASkkPWg4PiWS%2FEUlE2qdPBkav2ajhbkZBJNQ1mRyCC34UVcZ%2B%2BVyV8B09JFvam4MXkskLyDO%2FDXSnK%2BcC%2Fu3Hv3QLuSjKD4Ebhf9LnnOdfSHTcSpJQj3WnrYtFx87lAr"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
68f46331eae20818-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
_dmca_premi_badge_4.png
images.dmca.com/Badges/
4 KB
5 KB
Image
General
Full URL
https://images.dmca.com/Badges/_dmca_premi_badge_4.png?ID=ff6622a1-89c3-492e-8fab-02994910b766
Requested by
Host: www.file-upload.com
URL: https://www.file-upload.com/uj5q8vqoc578
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.29 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
0186abebc0f1ba6689a8f534f796843fb1f96c07402cebeb9f171a1eaba89994

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.file-upload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 19:51:02 GMT
last-modified
Thu, 02 Jun 2011 03:26:26 GMT
server
nginx
x-powered-by
ASP.NET
etag
"0abbdbd420cc1:0"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
link
<http://dmca-images.azurewebsites.net/Badges/_dmca_premi_badge_4.png>; rel="canonical"
content-length
4535
expires
Fri, 15 Oct 2021 19:50:23 GMT
norton.png
www.file-upload.com/assets/images/
5 KB
5 KB
Image
General
Full URL
https://www.file-upload.com/assets/images/norton.png
Requested by
Host: www.file-upload.com
URL: https://www.file-upload.com/uj5q8vqoc578
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.146.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5673d5c33ae061335d136a7c0a95fabaff555eb5946e71758837bf735d06ae1b

Request headers

:path
/assets/images/norton.png
pragma
no-cache
cookie
lang=german
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.file-upload.com
referer
https://www.file-upload.com/uj5q8vqoc578
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.file-upload.com/uj5q8vqoc578
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 19:51:02 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11488852
cf-bgj
csam-hash
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 09 Nov 2018 12:00:31 GMT
server
cloudflare
etag
W/"5be576df-1363"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uBT8plbhmCTH%2B9X3oBGNKFfpOpk4FlzySptzKOXRdHWhIJ4bQtsf5dL5iy2lyTqSYDQY%2BgGec8yNKP6Dfwv81ZVSBHBrIbFQVEZ4z59QAoslMLGup9EXm4KjkWskwj54yH948pAT"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
cf-ray
68f46331eae50818-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
rocket-loader.min.js
www.file-upload.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/
12 KB
4 KB
Script
General
Full URL
https://www.file-upload.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.file-upload.com
URL: https://www.file-upload.com/uj5q8vqoc578
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.146.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
pragma
no-cache
cookie
lang=german
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.file-upload.com
referer
https://www.file-upload.com/uj5q8vqoc578
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.file-upload.com/uj5q8vqoc578
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 19:51:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 07 Sep 2021 12:26:08 GMT
server
cloudflare
etag
W/"61375a60-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pfQnliaVrRP%2FM4RMhTpikgbMFJujh6d0X01U8SoA4AQ3h4e9HzTEFvQ4QCF0COY%2F86ehFFxdcOZdzCzkXKLRZU7RLDjg64cJfP20l5zhM55HW%2BmIq5Gs%2FI24k7ENPh5bZWxVUuxw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
68f46331eae70818-CDG
vary
Accept-Encoding
expires
Fri, 17 Sep 2021 19:51:02 GMT
flags.png
www.file-upload.com/mngez/images/
15 KB
15 KB
Image
General
Full URL
https://www.file-upload.com/mngez/images/flags.png?d4fb57708a39de8290622e0f24106367
Requested by
Host: www.file-upload.com
URL: https://www.file-upload.com/mngez/css/app.css?v=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.146.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e4dc309817221417205c20dceff2dc39d90c460fbfae740a4bd99cd27194ae9

Request headers

:path
/mngez/images/flags.png?d4fb57708a39de8290622e0f24106367
pragma
no-cache
cookie
lang=german
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.file-upload.com
referer
https://www.file-upload.com/mngez/css/app.css?v=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.file-upload.com/mngez/css/app.css?v=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 19:51:02 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5337254
cf-bgj
h2pri,csam-hash
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 09 Nov 2018 12:02:27 GMT
server
cloudflare
etag
W/"5be57753-3aae"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A2AzDDsaFNDLo7CvQSWTWopGdKBhyZsjbqNT17EemNNALSxrciPThDnHnB2OYKHXENYyz2CNxe47DLI6a8Nk%2BqSlDeqGB8D7CVc1aNMdRW8X2%2F3uQKAoyg0yP%2BZYT2jcryoYjfXu"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
cf-ray
68f4633248e33acb-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
fontawesome-webfont.woff2
www.file-upload.com/mngez/fonts/vendor/font-awesome/
75 KB
76 KB
Font
General
Full URL
https://www.file-upload.com/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e
Requested by
Host: www.file-upload.com
URL: https://www.file-upload.com/mngez/css/app.css?v=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.146.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

sec-fetch-mode
cors
origin
https://www.file-upload.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
lang=german
:path
/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.file-upload.com
referer
https://www.file-upload.com/mngez/css/app.css?v=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.file-upload.com/mngez/css/app.css?v=1
Origin
https://www.file-upload.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 19:51:02 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
197
x-cache
HIT from Backend
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
77160
last-modified
Fri, 09 Nov 2018 12:02:27 GMT
server
cloudflare
etag
"12d68-57a3a1ffe3ac0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=32Jgy74OTpXBp8bH7xZHWOS%2BRfDu7lMxc7bNjYwa6q%2BlBNng5YL%2FS3%2BqTj20SnOtiugukbkKhZH4o9%2BUBCD%2BoSYvt9EihxYH0UoVoNLBmaDe%2F0%2Bs6st5WtgLgIRhXA3PnnrALOQW"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.file-upload.com
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
68f4633248e63acb-CDG
poppins-v5-latin-regular.woff2
www.file-upload.com/mngez/fonts/
8 KB
8 KB
Font
General
Full URL
https://www.file-upload.com/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d
Requested by
Host: www.file-upload.com
URL: https://www.file-upload.com/mngez/css/app.css?v=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.146.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44bae3586c48283835d9e8155b181de3f59c660b72e3a2b3f2ccb1c0ee618487

Request headers

sec-fetch-mode
cors
origin
https://www.file-upload.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
lang=german
:path
/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.file-upload.com
referer
https://www.file-upload.com/mngez/css/app.css?v=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.file-upload.com/mngez/css/app.css?v=1
Origin
https://www.file-upload.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 19:51:02 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
189
x-cache
HIT from Backend
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
7904
last-modified
Fri, 09 Nov 2018 12:02:27 GMT
server
cloudflare
etag
"1ee0-57a3a1ffe3ac0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d3GGfOdkGu28D8Y7Bi7lLuutGg6QhZHSsDD910COWLlK%2FaVRZhCfLgu5AoLhAPWTyQ3Hh%2BT%2BdYq0Zwcv%2BKvIdB6%2BvHxZnlI6SQlbQ%2Bl3XKB6lase0jgAPVzyYv%2F9IvoQnnPvTcNB"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.file-upload.com
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
68f4633248ea3acb-CDG
poppins-v5-latin-500.woff2
www.file-upload.com/mngez/fonts/
8 KB
8 KB
Font
General
Full URL
https://www.file-upload.com/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a
Requested by
Host: www.file-upload.com
URL: https://www.file-upload.com/mngez/css/app.css?v=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.146.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c71d49cfc099563c205918a58497a420e4a3509becd7ae1782b6fda044fb43b3

Request headers

sec-fetch-mode
cors
origin
https://www.file-upload.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
lang=german
:path
/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.file-upload.com
referer
https://www.file-upload.com/mngez/css/app.css?v=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.file-upload.com/mngez/css/app.css?v=1
Origin
https://www.file-upload.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 19:51:02 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
178
x-cache
HIT from Backend
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
7884
last-modified
Fri, 09 Nov 2018 12:02:27 GMT
server
cloudflare
etag
"1ecc-57a3a1ffe3ac0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WUT%2B4PSGN%2FHiWdRtvNGMsZOZOai5%2BAfzz7is0xux2y0%2FQKUVNJMGMkL0g%2FRQXkM%2Bj%2BLOIEGwyVsCupsyxWlZldUDf3kMmfw5ZtaWceB8wr3WLTNiBx4azUelHZhp1d%2FpJeudtN63"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.file-upload.com
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
68f4633248ee3acb-CDG
fac.php
ozongees.com/ Frame 1D05
203 B
669 B
Document
General
Full URL
https://ozongees.com/fac.php
Requested by
Host: ozongees.com
URL: https://ozongees.com/5/4244563
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
c8061552964779eec60b1cde5f3c901e918ed0725566281fdb02a18d737f1a79
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
ozongees.com
:scheme
https
:path
/fac.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.file-upload.com/
accept-encoding
gzip, deflate, br
cookie
OAID=0adca502ab0c485e959935b1415a92cc; oaidts=1631735462
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.file-upload.com/

Response headers

server
nginx
date
Wed, 15 Sep 2021 19:51:02 GMT
content-type
text/html; charset=utf8
content-length
203
x-trace-id
1b4fe65490eed480690719ab39029ec9
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age
86400
pragma
no-cache
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
expires
Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin
* *
strict-transport-security
max-age=1
x-content-type-options
nosniff
utx
liminances.xyz/
0
418 B
XHR
General
Full URL
https://liminances.xyz/utx?cb=u07Qtgob2ot6&top=www.file-upload.com&tid=922253
Requested by
Host: d2fbvay81k4ji3.cloudfront.net
URL: https://d2fbvay81k4ji3.cloudfront.net/?avbfd=922253
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.file-upload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Sep 2021 19:51:03 GMT
via
1.1 d3d7cb5a7de36091f7284546b4190a33.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
x-amz-cf-pop
AMS1-C1
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://www.file-upload.com
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
qFa4B0i6wvKvGCfODyMaypep6Dq1PD_QY9tLcQ4yGEWZ3CLpYVJAhA==
bDsHASY6bC5ZBC8SIAoEAmZE
liminances.xyz/bkhKUXQPKik8Sw91KHcBHCR3dEYobXgXEFwuKCcVF3B7OkAEIXl/FwInPzUSHCckJVoALT50RigcKBkbFxkhPiQoHj06EDwvHgcaVzISOhMvLHk9PysNDyU+LDACMDw7DwkFGAMCLQgfOhkAOiQGES8VRyQ7CxMADQISNT8meT05EF95KQQNNy... Frame 96FC
3 KB
2 KB
Document
General
Full URL
https://liminances.xyz/bkhKUXQPKik8Sw91KHcBHCR3dEYobXgXEFwuKCcVF3B7OkAEIXl/FwInPzUSHCckJVoALT50RigcKBkbFxkhPiQoHj06EDwvHgcaVzISOhMvLHk9PysNDyU+LDACMDw7DwkFGAMCLQgfOhkAOiQGES8VRyQ7CxMADQISNT8meT05EF95KQQNNycfBEA7BiA+MCsZcmE5GR0bBA4JOww2OjoSDmk6PHlyJTkvHR0JHSA+EjsDJioCIT49CQAgJD8dHwcdXnECYEwvKyMALTY/CCgRXzAfEBkKfQY9TC8rIGEyKAkYYxZfcH4XRyx+DBQDKSl4aBE9JGccDSEvCzcmPSslEwwgDxBiEx8cPRdFNA5zHDJdCnwDNigpBDgXLxA9EDYMeX8aLAc7IhIiVgkpOEQkDxw6ADd4Jhg1Bw0jGRw4LgBjTQsYCyFDNA4yBDYADjMHIj8OKRZNCxshFB4iCXoYI1wsfhofVgouBiYIHAgARwo/bDsHASY6bC5ZBC8SIAoEAmZE
Requested by
Host: d2fbvay81k4ji3.cloudfront.net
URL: https://d2fbvay81k4ji3.cloudfront.net/?avbfd=922253
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.17.8.2 /
Resource Hash
ff8e6e4ea104bcb9ad3c7f53c8c88f47d7a21bf9131abf5c88dc5bea3373afe2

Request headers

:method
GET
:authority
liminances.xyz
:scheme
https
:path
/bkhKUXQPKik8Sw91KHcBHCR3dEYobXgXEFwuKCcVF3B7OkAEIXl/FwInPzUSHCckJVoALT50RigcKBkbFxkhPiQoHj06EDwvHgcaVzISOhMvLHk9PysNDyU+LDACMDw7DwkFGAMCLQgfOhkAOiQGES8VRyQ7CxMADQISNT8meT05EF95KQQNNycfBEA7BiA+MCsZcmE5GR0bBA4JOww2OjoSDmk6PHlyJTkvHR0JHSA+EjsDJioCIT49CQAgJD8dHwcdXnECYEwvKyMALTY/CCgRXzAfEBkKfQY9TC8rIGEyKAkYYxZfcH4XRyx+DBQDKSl4aBE9JGccDSEvCzcmPSslEwwgDxBiEx8cPRdFNA5zHDJdCnwDNigpBDgXLxA9EDYMeX8aLAc7IhIiVgkpOEQkDxw6ADd4Jhg1Bw0jGRw4LgBjTQsYCyFDNA4yBDYADjMHIj8OKRZNCxshFB4iCXoYI1wsfhofVgouBiYIHAgARwo/bDsHASY6bC5ZBC8SIAoEAmZE
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.file-upload.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.file-upload.com/

Response headers

content-type
text/html
content-length
1234
date
Wed, 15 Sep 2021 19:51:03 GMT
server
openresty/1.17.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
pragma
no-cache
p3p
CP="NID DSP ALL COR"
content-encoding
gzip
x-cache
Miss from cloudfront
via
1.1 d3d7cb5a7de36091f7284546b4190a33.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
y3GeOpo7fEAjK-_bcEtKE4yMk9bGiDdPRXA5t2QswxkqnP_kpbFOqg==
KAwxNGYXBC49GxhwByEVPBY7H2szATEOJhcpGDcbJS4dNCQrFBInIyISGwJkKClCJwcpDx4uBTcUEi4kKwQfOyIhIjkxAQZ0QiEFIycSPiM8AxwRdRs2GBgjTDYhJjZJKDAvNgY
liminances.xyz/dlNxRXcXMRIoSBduE2MCBD9MYEUwdkMDE0Q1EzMWD2tALkMcOkJrFBo8BCERBDwfMVkYNgVgRTBqECg5RwBBMj0yEQIxFA5nOgAvLGImEz03NikxOjUCKC4+HiMUBx9GMDV0BC8XMxAnMBU8YEUwHRZwEiQEQSI0AWMiIRoZAzUXLUQ1JDI0Mw... Frame 433B
3 KB
2 KB
Document
General
Full URL
https://liminances.xyz/dlNxRXcXMRIoSBduE2MCBD9MYEUwdkMDE0Q1EzMWD2tALkMcOkJrFBo8BCERBDwfMVkYNgVgRTBqECg5RwBBMj0yEQIxFA5nOgAvLGImEz03NikxOjUCKC4+HiMUBx9GMDV0BC8XMxAnMBU8YEUwHRZwEiQEQSI0AWMiIRoZAzUXLUQ1JDI0MwAdPS8dBjAOGTMbNQRPHxowHDQjGxoOL0ZiNycZQzIiMj4fGhZxOjc5GTUgMB4TFUUaCiR1JUEKHTUwJDQdNSAwHjIMHjwwJ3Q1QhcafCUkBz9zLx0jICAvAR80MiIYGCN1MDAqMCk/HQk5AS8aCScDWgJnFC5OJAEmCBk3OxIcPUQ/KAwxNGYXBC49GxhwByEVPBY7H2szATEOJhcpGDcbJS4dNCQrFBInIyISGwJkKClCJwcpDx4uBTcUEi4kKwQfOyIhIjkxAQZ0QiEFIycSPiM8AxwRdRs2GBgjTDYhJjZJKDAvNgY
Requested by
Host: d2fbvay81k4ji3.cloudfront.net
URL: https://d2fbvay81k4ji3.cloudfront.net/?avbfd=922253
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.17.8.2 /
Resource Hash
a358ae8b7b4b8458e53b3ea24b5390adcdc2b436a83d03fdbc09f38a22eab434

Request headers

:method
GET
:authority
liminances.xyz
:scheme
https
:path
/dlNxRXcXMRIoSBduE2MCBD9MYEUwdkMDE0Q1EzMWD2tALkMcOkJrFBo8BCERBDwfMVkYNgVgRTBqECg5RwBBMj0yEQIxFA5nOgAvLGImEz03NikxOjUCKC4+HiMUBx9GMDV0BC8XMxAnMBU8YEUwHRZwEiQEQSI0AWMiIRoZAzUXLUQ1JDI0MwAdPS8dBjAOGTMbNQRPHxowHDQjGxoOL0ZiNycZQzIiMj4fGhZxOjc5GTUgMB4TFUUaCiR1JUEKHTUwJDQdNSAwHjIMHjwwJ3Q1QhcafCUkBz9zLx0jICAvAR80MiIYGCN1MDAqMCk/HQk5AS8aCScDWgJnFC5OJAEmCBk3OxIcPUQ/KAwxNGYXBC49GxhwByEVPBY7H2szATEOJhcpGDcbJS4dNCQrFBInIyISGwJkKClCJwcpDx4uBTcUEi4kKwQfOyIhIjkxAQZ0QiEFIycSPiM8AxwRdRs2GBgjTDYhJjZJKDAvNgY
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.file-upload.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.file-upload.com/

Response headers

content-type
text/html
content-length
1212
date
Wed, 15 Sep 2021 19:51:03 GMT
server
openresty/1.17.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
pragma
no-cache
p3p
CP="NID DSP ALL COR"
content-encoding
gzip
x-cache
Miss from cloudfront
via
1.1 d3d7cb5a7de36091f7284546b4190a33.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
QI-bGLLy5ob4GQJVmCwy6N1Fp5WFHCLh8PYTGHT5vyrc_koumhZ0nw==
utx
liminances.xyz/
0
417 B
XHR
General
Full URL
https://liminances.xyz/utx?cb=990Lp94vokFG&top=www.file-upload.com&tid=889766
Requested by
Host: d2fbvay81k4ji3.cloudfront.net
URL: https://d2fbvay81k4ji3.cloudfront.net/?avbfd=922253
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.file-upload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Sep 2021 19:51:03 GMT
via
1.1 d3d7cb5a7de36091f7284546b4190a33.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
x-amz-cf-pop
AMS1-C1
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://www.file-upload.com
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
CeDPmBZkjLBK5Lbchn9ehwQuHB8j1Jj2H13i6ImdLV9xx1VKJJWHUA==
N2kNMDIuUg5aAilrLSMHC3AbNCw1WDUnGTl8KBIHKXgHNwM6cw0VIDVYfQYcL3h0VhIuCS81LEFqDhVhMFggJwcsfx1EPgtWIhJpAnQeACMzABpVLQprPCo8
liminances.xyz/OUxiVHhYLgE5R1hxAHINSyBfcUp/aVASHAsqACIZQHRTP0xTJVF6G1UjFzAeSyMMIFZXKRZxSn9/OC4pDC00Pz1ufQEEIlECBgwuayQ6I0h2FFBtOmEnDRM2QS8oBQFoACABNkAZI20pbRkRYzNqdQEcAAkmIyMTcxgYAT9uIFcBHk4GAwMUay... Frame FE9D
3 KB
2 KB
Document
General
Full URL
https://liminances.xyz/OUxiVHhYLgE5R1hxAHINSyBfcUp/aVASHAsqACIZQHRTP0xTJVF6G1UjFzAeSyMMIFZXKRZxSn9/OC4pDC00Pz1ufQEEIlECBgwuayQ6I0h2FFBtOmEnDRM2QS8oBQFoACABNkAZI20pbRkRYzNqdQEcAAkmIyMTcxgYAT9uIFcBHk4GAwMUayMzAi5dD1AGLHwnUg42XjsoAAB4OyYCLn0IGxkdbx5aNzd/PDgCEHQ7IWUQYBglJxB4HgYOHn8ZJxEqDTshAjpuBAskO3srCRw0bAUlFy5RPDEFKVobCiA7eysJMTV4JyEQLUE9KAY9dRsxEip4Dk8WNVh9BgIraydTFRN3LyEuMXYdICwacX0rHDxSKBMBKnwANQw9dBQnZD13GSsTHVI0EAJJUR0jPgB6DgU/N2kNMDIuUg5aAilrLSMHC3AbNCw1WDUnGTl8KBIHKXgHNwM6cw0VIDVYfQYcL3h0VhIuCS81LEFqDhVhMFggJwcsfx1EPgtWIhJpAnQeACMzABpVLQprPCo8
Requested by
Host: d2fbvay81k4ji3.cloudfront.net
URL: https://d2fbvay81k4ji3.cloudfront.net/?avbfd=922253
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.17.8.2 /
Resource Hash
906e3c8636b032636dc1f2b5d8ae069827f96b63327d557162435802f76c1e2c

Request headers

:method
GET
:authority
liminances.xyz
:scheme
https
:path
/OUxiVHhYLgE5R1hxAHINSyBfcUp/aVASHAsqACIZQHRTP0xTJVF6G1UjFzAeSyMMIFZXKRZxSn9/OC4pDC00Pz1ufQEEIlECBgwuayQ6I0h2FFBtOmEnDRM2QS8oBQFoACABNkAZI20pbRkRYzNqdQEcAAkmIyMTcxgYAT9uIFcBHk4GAwMUayMzAi5dD1AGLHwnUg42XjsoAAB4OyYCLn0IGxkdbx5aNzd/PDgCEHQ7IWUQYBglJxB4HgYOHn8ZJxEqDTshAjpuBAskO3srCRw0bAUlFy5RPDEFKVobCiA7eysJMTV4JyEQLUE9KAY9dRsxEip4Dk8WNVh9BgIraydTFRN3LyEuMXYdICwacX0rHDxSKBMBKnwANQw9dBQnZD13GSsTHVI0EAJJUR0jPgB6DgU/N2kNMDIuUg5aAilrLSMHC3AbNCw1WDUnGTl8KBIHKXgHNwM6cw0VIDVYfQYcL3h0VhIuCS81LEFqDhVhMFggJwcsfx1EPgtWIhJpAnQeACMzABpVLQprPCo8
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.file-upload.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.file-upload.com/

Response headers

content-type
text/html
content-length
1238
date
Wed, 15 Sep 2021 19:51:03 GMT
server
openresty/1.17.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
pragma
no-cache
p3p
CP="NID DSP ALL COR"
content-encoding
gzip
x-cache
Miss from cloudfront
via
1.1 d3d7cb5a7de36091f7284546b4190a33.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
k_x4ADHYb9-wYHfEU-o7UEA_nkFR7x4cCIWaqmEEusbWLcPTD0s-tQ==
utx
liminances.xyz/
0
417 B
XHR
General
Full URL
https://liminances.xyz/utx?cb=MSvZcP31Wnzh&top=www.file-upload.com&tid=888398
Requested by
Host: d2fbvay81k4ji3.cloudfront.net
URL: https://d2fbvay81k4ji3.cloudfront.net/?avbfd=922253
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.file-upload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Sep 2021 19:51:03 GMT
via
1.1 d3d7cb5a7de36091f7284546b4190a33.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
x-amz-cf-pop
AMS1-C1
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://www.file-upload.com
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
rqg8CfTUgRq92jiSfPMdHzWpdyo_6rUkXeoWlEOdsUb9Bg33_0WSzw==
KRA1BSU5EyRxExxkVXJhEjIIWjdFNw1FfwwUBQ0VNxsXZA
liminances.xyz/R3hBZzQmGiIKCyZFI0FBNRR8QgYBXXMhUHUeIxFVPkBwDAAtEXJJVysXNANSNRcvExopHTVCBgEJEAx9dBwFBFwLLio0dwMhMzIELCgkCVsCLBBeXww9EAVjEzJkVXIWKnQgUS0iKCFTcykFMAQCInM2BhMqACxXKiojIWIsFCcfcRUvEiERdT... Frame 29BF
3 KB
2 KB
Document
General
Full URL
https://liminances.xyz/R3hBZzQmGiIKCyZFI0FBNRR8QgYBXXMhUHUeIxFVPkBwDAAtEXJJVysXNANSNRcvExopHTVCBgEJEAx9dBwFBFwLLio0dwMhMzIELCgkCVsCLBBeXww9EAVjEzJkVXIWKnQgUS0iKCFTcykFMAQCInM2BhMqACxXKiojIWIsFCcfcRUvEiERdT4DC34QMigmfxY6BFV5Kx8nJF4WTxkPARA3AjV6Ay4bDHp2IgswXXdMGQ9cJTFzBHIKHwsUVy8yBiUGKEkZD0QTNBUxcRIpFx54AjYTJWwNAgNWWw8iciEFEikXHnoRTCAmbB0WAyNtFBsJLWQWHw8VbjBVFyJiLTE4MEwBOQsediQwFClaJDAHJXYPLjIlcQ4rIi99ITBwXwYLSTU1dhY+LyVhFRoKHlgULRAxTQ0uCD9sBEkzIl8eMAg0RAE/cAhaHQ8UHnB0DDIlBSg8Ij9bCC8mJUMdDxciZgQ1KjFTHR0bVHY/KRA1BSU5EyRxExxkVXJhEjIIWjdFNw1FfwwUBQ0VNxsXZA
Requested by
Host: d2fbvay81k4ji3.cloudfront.net
URL: https://d2fbvay81k4ji3.cloudfront.net/?avbfd=922253
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.17.8.2 /
Resource Hash
04f96e631c4498fd521f8b9f8ddcbcdeca4a224336487230bcad504acb2dd901

Request headers

:method
GET
:authority
liminances.xyz
:scheme
https
:path
/R3hBZzQmGiIKCyZFI0FBNRR8QgYBXXMhUHUeIxFVPkBwDAAtEXJJVysXNANSNRcvExopHTVCBgEJEAx9dBwFBFwLLio0dwMhMzIELCgkCVsCLBBeXww9EAVjEzJkVXIWKnQgUS0iKCFTcykFMAQCInM2BhMqACxXKiojIWIsFCcfcRUvEiERdT4DC34QMigmfxY6BFV5Kx8nJF4WTxkPARA3AjV6Ay4bDHp2IgswXXdMGQ9cJTFzBHIKHwsUVy8yBiUGKEkZD0QTNBUxcRIpFx54AjYTJWwNAgNWWw8iciEFEikXHnoRTCAmbB0WAyNtFBsJLWQWHw8VbjBVFyJiLTE4MEwBOQsediQwFClaJDAHJXYPLjIlcQ4rIi99ITBwXwYLSTU1dhY+LyVhFRoKHlgULRAxTQ0uCD9sBEkzIl8eMAg0RAE/cAhaHQ8UHnB0DDIlBSg8Ij9bCC8mJUMdDxciZgQ1KjFTHR0bVHY/KRA1BSU5EyRxExxkVXJhEjIIWjdFNw1FfwwUBQ0VNxsXZA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.file-upload.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.file-upload.com/

Response headers

content-type
text/html
content-length
1237
date
Wed, 15 Sep 2021 19:51:03 GMT
server
openresty/1.17.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
pragma
no-cache
p3p
CP="NID DSP ALL COR"
content-encoding
gzip
x-cache
Miss from cloudfront
via
1.1 d3d7cb5a7de36091f7284546b4190a33.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
tVOY6wRDGXyHnSSfRTv36BsTjTPGumS0xC4XQuSUnBrCnfWfoYK_VA==
login.php
www.facebook.com/
0
0
Image
General
Full URL
https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by
Host: www.file-upload.com
URL: https://www.file-upload.com/uj5q8vqoc578
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.60.216.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-frx5.facebook.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.file-upload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ServiceLogin
accounts.google.com/
0
0
Image
General
Full URL
https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
Requested by
Host: www.file-upload.com
URL: https://www.file-upload.com/uj5q8vqoc578
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.27.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ra-in-f84.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.file-upload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ServiceLogin
accounts.google.com/
0
0
Image
General
Full URL
https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
Requested by
Host: www.file-upload.com
URL: https://www.file-upload.com/uj5q8vqoc578
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.27.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ra-in-f84.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.file-upload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

4254716
dozubatan.com/400/
84 KB
30 KB
Script
General
Full URL
https://dozubatan.com/400/4254716
Requested by
Host: jeehathu.com
URL: https://jeehathu.com/5/4244463
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
59e9a218e74dc0143a4d3954e885cd851bf7b56e2e8becd2631d40d1210aca26
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.file-upload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id
5214e734cc5de12f2f53c95a53ab3bf2
pragma
no-cache
date
Wed, 15 Sep 2021 19:51:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Origin
content-type
application/javascript
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security
max-age=1
timing-allow-origin
*
expires
Wed, 31 Dec 1969 19:00:00 EST
fac.php
jeehathu.com/ Frame 3D20
203 B
669 B
Document
General
Full URL
https://jeehathu.com/fac.php
Requested by
Host: jeehathu.com
URL: https://jeehathu.com/5/4244463
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
83853c5a92f6fd1104612b324f0bba74a74ae60032c3d31f78d64d505e8934e4
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
jeehathu.com
:scheme
https
:path
/fac.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.file-upload.com/
accept-encoding
gzip, deflate, br
cookie
OAID=d79d200c5bf8476a8ff07cebd685818b; oaidts=1631735462
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.file-upload.com/

Response headers

server
nginx
date
Wed, 15 Sep 2021 19:51:03 GMT
content-type
text/html; charset=utf8
content-length
203
x-trace-id
ec9dfa9b2234824a157af5c7e1986eee
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age
86400
pragma
no-cache
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
expires
Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin
* *
strict-transport-security
max-age=1
x-content-type-options
nosniff
zone
glimtors.net/
710 B
1000 B
Fetch
General
Full URL
https://glimtors.net/zone?pub=0&zone_id=4244474&is_mobile=false&domain=www.file-upload.com&var=&ymid=&var_3=
Requested by
Host: glimtors.net
URL: https://glimtors.net/pfe/current/tag.min.js?z=4244474
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ed93bca7212bd9a6bf22e8819636f0d4a7e256f77afc4aa1333596c65a2ecd31
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.file-upload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id
22b92b45320372fb7cfb014f70c5a687
date
Wed, 15 Sep 2021 19:51:03 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file-upload.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
710
universal.min.js
glimtors.net/pfe/current/
101 KB
37 KB
Fetch
General
Full URL
https://glimtors.net/pfe/current/universal.min.js?v=3.1.323
Requested by
Host: glimtors.net
URL: https://glimtors.net/pfe/current/tag.min.js?z=4244474
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ea5b2f0ae6e51e58a4849658ff814852af1f2134408d0be55062dbcc1b5868fc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.file-upload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Sep 2021 19:51:03 GMT
content-encoding
gzip
last-modified
Wed, 01 Sep 2021 09:06:02 GMT
server
nginx
etag
W/"612f427a-192d7"
content-type
application/javascript
access-control-allow-origin
https://www.file-upload.com
cache-control
no-cache
access-control-allow-credentials
true
app.js
www.file-upload.com/mngez/js/
235 KB
80 KB
Script
General
Full URL
https://www.file-upload.com/mngez/js/app.js?v=20
Requested by
Host: www.file-upload.com
URL: https://www.file-upload.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.146.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a89893d166d647ef4b835f100216d84d7e0fc9b6ba57d90716019ffd866a0c13

Request headers

:path
/mngez/js/app.js?v=20
pragma
no-cache
cookie
lang=german
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.file-upload.com
referer
https://www.file-upload.com/uj5q8vqoc578
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.file-upload.com/uj5q8vqoc578
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 19:51:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11488858
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 27 Jan 2021 00:19:59 GMT
server
cloudflare
etag
W/"6010b1af-3aa0d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xmd1%2BEvUhP2dDAAK7Wm7USyW8%2FiHtOC01GbwGxItaXJkbOQnlRFF2z33vATp1tGoEWcVRZJv9kJa%2FeJNwV1i5gd%2B536ot1SGsFOhr1E3D8BUdG6R8eBqo16NP3NpRlNS3fXlkgBb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
68f46333bb1b3acb-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
freychang.fun/
16 B
725 B
Fetch
General
Full URL
https://freychang.fun/?f=b0174682fa63789a3402a7f7bc361b31
Requested by
Host: d2fbvay81k4ji3.cloudfront.net
URL: https://d2fbvay81k4ji3.cloudfront.net/?avbfd=922253
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.45.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09bfbfa713c03228c328f9134824466c20eb7278b7b8d227a8863dda8f1ae978

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.file-upload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 19:51:03 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
https://www.file-upload.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BynP%2BRlhFelAd6%2B8GAQyXlfrV9GFNO%2BNJ6EyCC86fbMTyBKaCwzsK6SBmFkKPkDl%2BXhdeg6s%2FufVksfkKAB6qKlZRFlpMWS227rf3ZznmK46M%2FIMcNLtZWBdCiP6rkMX"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
68f46335e8593a3b-CDG
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
img.gif
my.rtmark.net/ Frame 1D05
43 B
490 B
Image
General
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=0adca502ab0c485e959935b1415a92cc
Requested by
Host: ozongees.com
URL: https://ozongees.com/fac.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ozongees.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 19:51:03 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
img.gif
my.rtmark.net/ Frame 3D20
43 B
492 B
Image
General
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=d79d200c5bf8476a8ff07cebd685818b
Requested by
Host: jeehathu.com
URL: https://jeehathu.com/fac.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jeehathu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 19:51:03 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
/
jeehathu.com/
2 KB
2 KB
Fetch
General
Full URL
https://jeehathu.com/?rb=_JS30nMB3qOgSXOv7REJ2lh6iPG90_-YoiitbVSqAs_lUn6d3OK4P0HjPtVzq-F9TE90_gj4T9p2e6TXzVFoSQT7hiIm0IAbrNtFFND4nlKu8d75EyV6BBrkNhBwYd5btY9Rt0KReHyLe26D11xVvUeFvxRJiYgJIEcPeNb7hQgdaNY0Lo2yC_aaNm9LgT0u8mUDH1UONmDs9dNM5VOiZJFwBFLlnd929RrAoEGCY9AXA5N6uprPY6h8NmRYpt-OUKaIJorsfuFQ6aiVqKMiT7Bm6x1lpPr-&zoneid=4244463&request_ab2=0&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=5&pl=https%3A%2F%2Fwww.file-upload.com%2Fuj5q8vqoc578&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=2&bs=b67a14d2-accb-4958-9349-6412e940e3ae&m=link
Requested by
Host: jeehathu.com
URL: https://jeehathu.com/5/4244463
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
154209918f54c20828384432e6c201839be4608ba4412019e71a6b699c1243fe
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.file-upload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Sep 2021 19:51:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.file-upload.com
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
strict-transport-security
max-age=1
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Tue, 11 Jan 1994 10:00:00 GMT
Ng5eRW0gCw0SdmoPDRZ2fUwCESlxXkUAKnEHDA8iIAYCUHkKX01Fbn5aSwIiIg4MAjhpWFMbP2lYU0R7YlpGRglpWFMCIiJcV1B4Dk9RRTN6XkpQeXwLEwUnKR0GFyAlHkZHDXlZVF-t4ek9RRWMnAhcYJ2lYIFB5fAYKHi5pWFMSLi8BDFxufloAHTkjBwZQeQpS...
d2fbvay81k4ji3.cloudfront.net/9amN1S0wJDBstcx4KEXZ1WVJAeXtMCQYkIhpeBh0cD1sYDBUPFFM/ Frame 433B
178 B
459 B
Script
General
Full URL
https://d2fbvay81k4ji3.cloudfront.net/9amN1S0wJDBstcx4KEXZ1WVJAeXtMCQYkIhpeBh0cD1sYDBUPFFM/Ng5eRW0gCw0SdmoPDRZ2fUwCESlxXkUAKnEHDA8iIAYCUHkKX01Fbn5aSwIiIg4MAjhpWFMbP2lYU0R7YlpGRglpWFMCIiJcV1B4Dk9RRTN6XkpQeXwLEwUnKR0GFyAlHkZHDXlZVF-t4ek9RRWMnAhcYJ2lYIFB5fAYKHi5pWFMSLi8BDFxufloAHTkjBwZQeQpSWlt7Yl5QTXJiXVFQeXwZAhMqPgNGRw15WVRbeHpMFkg
Requested by
Host: liminances.xyz
URL: https://liminances.xyz/dlNxRXcXMRIoSBduE2MCBD9MYEUwdkMDE0Q1EzMWD2tALkMcOkJrFBo8BCERBDwfMVkYNgVgRTBqECg5RwBBMj0yEQIxFA5nOgAvLGImEz03NikxOjUCKC4+HiMUBx9GMDV0BC8XMxAnMBU8YEUwHRZwEiQEQSI0AWMiIRoZAzUXLUQ1JDI0MwAdPS8dBjAOGTMbNQRPHxowHDQjGxoOL0ZiNycZQzIiMj4fGhZxOjc5GTUgMB4TFUUaCiR1JUEKHTUwJDQdNSAwHjIMHjwwJ3Q1QhcafCUkBz9zLx0jICAvAR80MiIYGCN1MDAqMCk/HQk5AS8aCScDWgJnFC5OJAEmCBk3OxIcPUQ/KAwxNGYXBC49GxhwByEVPBY7H2szATEOJhcpGDcbJS4dNCQrFBInIyISGwJkKClCJwcpDx4uBTcUEi4kKwQfOyIhIjkxAQZ0QiEFIycSPiM8AxwRdRs2GBgjTDYhJjZJKDAvNgY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.156.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-200.dus51.r.cloudfront.net
Software
/
Resource Hash
b95d388639377c2a8369196883c985eba7f1e86544b384abdda7140904b6e3b0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://liminances.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 19:51:03 GMT
content-encoding
gzip
x-amz-cf-pop
DUS51-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
182
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
x-amz-cf-id
aTo_O8Df_uOM2EOxk4Sh6dYmRnqecZIyYtb8Yp8J2dI0PK44AqdmMg==
3ZzQ5aVkEW1cPZhNdXVRhXw0OX29BXkoGNxcJQyQLBUNyUA9QTUs7KS9cHx0jAwkJTzUGWl5UfwJaWlRoQVVdC2RTEk0ZNgwJTxAwDVVDDyMeVR8cOFpZVhMwC1hYTGshARdZfFUEER4wCVBWHipCBgkHLUIGCVhpSQQcWhtCBgkeMAkCDUxqJRELWSFRAB-BMa1d...
d2fbvay81k4ji3.cloudfront.net/ Frame FE9D
855 B
903 B
Script
General
Full URL
https://d2fbvay81k4ji3.cloudfront.net/3ZzQ5aVkEW1cPZhNdXVRhXw0OX29BXkoGNxcJQyQLBUNyUA9QTUs7KS9cHx0jAwkJTzUGWl5UfwJaWlRoQVVdC2RTEk0ZNgwJTxAwDVVDDyMeVR8cOFpZVhMwC1hYTGshARdZfFUEER4wCVBWHipCBgkHLUIGCVhpSQQcWhtCBgkeMAkCDUxqJRELWSFRAB-BMa1dVSRk1AkNcCzIOQBxbH1IHDkdqURELWXEMXE0ENUIGekxrV1hQAjxCBgkOPARfVkB8VQRaASsIWVxMayEMAEdpSQAKUWBJAwtMa1dHWA84FV0cWx9SBw5HalESTFQ
Requested by
Host: liminances.xyz
URL: https://liminances.xyz/OUxiVHhYLgE5R1hxAHINSyBfcUp/aVASHAsqACIZQHRTP0xTJVF6G1UjFzAeSyMMIFZXKRZxSn9/OC4pDC00Pz1ufQEEIlECBgwuayQ6I0h2FFBtOmEnDRM2QS8oBQFoACABNkAZI20pbRkRYzNqdQEcAAkmIyMTcxgYAT9uIFcBHk4GAwMUayMzAi5dD1AGLHwnUg42XjsoAAB4OyYCLn0IGxkdbx5aNzd/PDgCEHQ7IWUQYBglJxB4HgYOHn8ZJxEqDTshAjpuBAskO3srCRw0bAUlFy5RPDEFKVobCiA7eysJMTV4JyEQLUE9KAY9dRsxEip4Dk8WNVh9BgIraydTFRN3LyEuMXYdICwacX0rHDxSKBMBKnwANQw9dBQnZD13GSsTHVI0EAJJUR0jPgB6DgU/N2kNMDIuUg5aAilrLSMHC3AbNCw1WDUnGTl8KBIHKXgHNwM6cw0VIDVYfQYcL3h0VhIuCS81LEFqDhVhMFggJwcsfx1EPgtWIhJpAnQeACMzABpVLQprPCo8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.156.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-200.dus51.r.cloudfront.net
Software
/
Resource Hash
8643bcd8cd9c0cc9c17e62a900f64cd72d4fe746018576247622781a2ffccef7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://liminances.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 19:51:03 GMT
content-encoding
gzip
x-amz-cf-pop
DUS51-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
625
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
x-amz-cf-id
2yagZyU1UcVRa3Icbk4HvyyBz1UCEWyTvx6Du1R6tTvmYqiZj6vrQg==
TbHoyQkoPFVwkdRgTVn9zXkgAd3lKEEEtJBxHaHUGCTlmJgYkTQJkPhYeD3JsABtcJXdKH1whd11cUyYoUU4UNjoDEQ80MwUQUzgsFgNTZD8NR18tMAUWXiNvXjwHbHpJSAJqPQUUVi09H18AciQYXwBye1xUAmd5Ll8Acj0FFAR2b184F3B6FEwGa29eSl-MyOgA...
d2fbvay81k4ji3.cloudfront.net/ Frame 96FC
651 B
745 B
Script
General
Full URL
https://d2fbvay81k4ji3.cloudfront.net/TbHoyQkoPFVwkdRgTVn9zXkgAd3lKEEEtJBxHaHUGCTlmJgYkTQJkPhYeD3JsABtcJXdKH1whd11cUyYoUU4UNjoDEQ80MwUQUzgsFgNTZD8NR18tMAUWXiNvXjwHbHpJSAJqPQUUVi09H18AciQYXwBye1xUAmd5Ll8Acj0FFAR2b184F3B6FEwGa29eSl-MyOgAfRScoBxNGZ3gqTwF1ZF9MF3B6RBFaNicAXwABb15KXishCV8Aci0JGVktY0lIAiEiHhVfJ29ePAp7ZFxUBnFyVVQFcG9eSkEjLA0IW2d4Kk8BdWRfTBQ3dw
Requested by
Host: liminances.xyz
URL: https://liminances.xyz/bkhKUXQPKik8Sw91KHcBHCR3dEYobXgXEFwuKCcVF3B7OkAEIXl/FwInPzUSHCckJVoALT50RigcKBkbFxkhPiQoHj06EDwvHgcaVzISOhMvLHk9PysNDyU+LDACMDw7DwkFGAMCLQgfOhkAOiQGES8VRyQ7CxMADQISNT8meT05EF95KQQNNycfBEA7BiA+MCsZcmE5GR0bBA4JOww2OjoSDmk6PHlyJTkvHR0JHSA+EjsDJioCIT49CQAgJD8dHwcdXnECYEwvKyMALTY/CCgRXzAfEBkKfQY9TC8rIGEyKAkYYxZfcH4XRyx+DBQDKSl4aBE9JGccDSEvCzcmPSslEwwgDxBiEx8cPRdFNA5zHDJdCnwDNigpBDgXLxA9EDYMeX8aLAc7IhIiVgkpOEQkDxw6ADd4Jhg1Bw0jGRw4LgBjTQsYCyFDNA4yBDYADjMHIj8OKRZNCxshFB4iCXoYI1wsfhofVgouBiYIHAgARwo/bDsHASY6bC5ZBC8SIAoEAmZE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.156.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-200.dus51.r.cloudfront.net
Software
/
Resource Hash
24a49b89733697e7ae1aeaf626d3fe6840cfad6eac17a39aadb6cfab89a9510c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://liminances.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 19:51:03 GMT
content-encoding
gzip
x-amz-cf-pop
DUS51-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
468
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
x-amz-cf-id
voJGJyausblrtxPJoNzR8Xj_0If7NgNzuAuZTbOuwPf0jgFtv5llmw==
custom
glimtors.net/ Frame
0
0
Preflight
General
Full URL
https://glimtors.net/custom
Protocol
H2
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.file-upload.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 15 Sep 2021 19:51:03 GMT
content-type
text/plain; charset=utf-8
content-length
0
access-control-allow-origin
https://www.file-upload.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age
86400
custom
glimtors.net/
39 B
328 B
Fetch
General
Full URL
https://glimtors.net/custom
Requested by
Host: www.file-upload.com
URL: https://www.file-upload.com/uj5q8vqoc578
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://www.file-upload.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
6f0feba13fda937e1f926408f0d278be
date
Wed, 15 Sep 2021 19:51:03 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file-upload.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
39
sw_may.js
www.file-upload.com/
3 KB
2 KB
Fetch
General
Full URL
https://www.file-upload.com/sw_may.js
Requested by
Host: www.file-upload.com
URL: https://www.file-upload.com/uj5q8vqoc578
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.146.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c29e2d68b8d2b99093f317022e3561fa9bbe6e323cd83f8e8cfadd24dab71972

Request headers

:path
/sw_may.js
pragma
no-cache
cookie
lang=german; prefetchAd_4244463=true
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
www.file-upload.com
referer
https://www.file-upload.com/uj5q8vqoc578
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.file-upload.com/uj5q8vqoc578
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 19:51:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10483541
cf-polished
origSize=2735
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 17 May 2021 11:43:11 GMT
server
cloudflare
etag
W/"60a256cf-aaf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ukbTH7HB3ROai9IXj5B0DfzRV%2BIZbSIFE4T90OQ0vUjFynwDEZzGgFn85nl3irmA3PPD%2FT6%2BEdQT%2FVVMs%2FsbTUabZAKgNxIlu2sGDGY%2F8q22IE63Y7jAbjf10zFLQuiO0u%2FS91k%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
68f463357e233acb-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
custom
glimtors.net/ Frame
0
0
Preflight
General
Full URL
https://glimtors.net/custom
Protocol
H2
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.file-upload.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 15 Sep 2021 19:51:03 GMT
content-type
text/plain; charset=utf-8
content-length
0
access-control-allow-origin
https://www.file-upload.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age
86400
custom
glimtors.net/
39 B
328 B
Fetch
General
Full URL
https://glimtors.net/custom
Requested by
Host: www.file-upload.com
URL: https://www.file-upload.com/uj5q8vqoc578
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://www.file-upload.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
bc7195c066823428d42320ba8988c14c
date
Wed, 15 Sep 2021 19:51:03 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file-upload.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
39
gid.js
my.rtmark.net/
65 B
546 B
Fetch
General
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=30135b2538a5491e8b547bbdc93c85c3&zoneId=4244474&checkDuplicate=true&ymid=&var=
Requested by
Host: www.file-upload.com
URL: https://www.file-upload.com/uj5q8vqoc578
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
9f0a1319b8f30451d3058273c80cadf1b33c07c9a7165eb6e7600a1334b00672
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.file-upload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 19:51:03 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file-upload.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
/
d2fbvay81k4ji3.cloudfront.net/qQkI3dDchLVkSCDYrU0kPenoETQ9kKEQbWTJ/QR5GejZiFg4QDW0EZ2Q2TRAKcmRbFVklfxERWSF/BlJWJiAKQBE2MlgfCjQ7Xh5WOCRNDVZkN1ZJWi04XhhbI2cFMgJschJGB2o1XhpTLTVEUQVyLENRBXJzB1oHZ3F1UQ... Frame 29BF
849 B
895 B
Script
General
Full URL
https://d2fbvay81k4ji3.cloudfront.net/qQkI3dDchLVkSCDYrU0kPenoETQ9kKEQbWTJ/QR5GejZiFg4QDW0EZ2Q2TRAKcmRbFVklfxERWSF/BlJWJiAKQBE2MlgfCjQ7Xh5WOCRNDVZkN1ZJWi04XhhbI2cFMgJschJGB2o1XhpTLTVEUQVyLENRBXJzB1oHZ3F1UQVyNV4aAXZnBDYScHJPQgNrZw-VEVjIyWxFAJyBcHUNncHFBBHVsBEIScHIfH182L1tRBQFnBURbKylSUQVyJVIXXC1rEkYHISpFG1onZwUyD3tsB1oDcXoOWgBwZwVERCMkVgZeZ3BxQQR1bARCETd/
Requested by
Host: liminances.xyz
URL: https://liminances.xyz/R3hBZzQmGiIKCyZFI0FBNRR8QgYBXXMhUHUeIxFVPkBwDAAtEXJJVysXNANSNRcvExopHTVCBgEJEAx9dBwFBFwLLio0dwMhMzIELCgkCVsCLBBeXww9EAVjEzJkVXIWKnQgUS0iKCFTcykFMAQCInM2BhMqACxXKiojIWIsFCcfcRUvEiERdT4DC34QMigmfxY6BFV5Kx8nJF4WTxkPARA3AjV6Ay4bDHp2IgswXXdMGQ9cJTFzBHIKHwsUVy8yBiUGKEkZD0QTNBUxcRIpFx54AjYTJWwNAgNWWw8iciEFEikXHnoRTCAmbB0WAyNtFBsJLWQWHw8VbjBVFyJiLTE4MEwBOQsediQwFClaJDAHJXYPLjIlcQ4rIi99ITBwXwYLSTU1dhY+LyVhFRoKHlgULRAxTQ0uCD9sBEkzIl8eMAg0RAE/cAhaHQ8UHnB0DDIlBSg8Ij9bCC8mJUMdDxciZgQ1KjFTHR0bVHY/KRA1BSU5EyRxExxkVXJhEjIIWjdFNw1FfwwUBQ0VNxsXZA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.156.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-200.dus51.r.cloudfront.net
Software
/
Resource Hash
ba725767941bb782ef38d6a30d987298ec540dd468aec27e62c2b3f3817bbc69

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://liminances.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 19:51:03 GMT
content-encoding
gzip
x-amz-cf-pop
DUS51-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
616
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
x-amz-cf-id
nmDbzd65xvXlpqVaPHLvXKEyyLDInYZQ0MTDVTPRN2qyc58NLyhV3w==
gid.js
my.rtmark.net/
65 B
546 B
XHR
General
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: dozubatan.com
URL: https://dozubatan.com/400/4254716
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
9f0a1319b8f30451d3058273c80cadf1b33c07c9a7165eb6e7600a1334b00672
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.file-upload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 19:51:03 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file-upload.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
4254716
dozubatan.com/500/
0
446 B
XHR
General
Full URL
https://dozubatan.com/500/4254716?excludes=&oaid=0adca502ab0c485e959935b1415a92cc&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=5&pl=https%3A%2F%2Fwww.file-upload.com%2Fuj5q8vqoc578&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Requested by
Host: dozubatan.com
URL: https://dozubatan.com/400/4254716
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://www.file-upload.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
f2506050081bbbbf6c03f1065ab9e064
pragma
no-cache
date
Wed, 15 Sep 2021 19:51:03 GMT
x-content-type-options
nosniff
server
nginx
vary
Origin
access-control-allow-origin
https://www.file-upload.com
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
strict-transport-security
max-age=1
timing-allow-origin
*
expires
Wed, 31 Dec 1969 19:00:00 EST
4254716
dozubatan.com/500/ Frame
0
0
Preflight
General
Full URL
https://dozubatan.com/500/4254716?excludes=&oaid=0adca502ab0c485e959935b1415a92cc&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=5&pl=https%3A%2F%2Fwww.file-upload.com%2Fuj5q8vqoc578&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Protocol
H2
Server
139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.file-upload.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 15 Sep 2021 19:51:03 GMT
content-length
0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET
access-control-allow-origin
https://www.file-upload.com
access-control-max-age
300
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
strict-transport-security
max-age=1
x-content-type-options
nosniff
timing-allow-origin
*
popunder.gif
geealingsa.space/
35 B
368 B
Image
General
Full URL
https://geealingsa.space/popunder.gif
Requested by
Host: www.file-upload.com
URL: https://www.file-upload.com/uj5q8vqoc578
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.file-upload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Wed, 15 Sep 2021 19:51:03 GMT
content-encoding
gzip
x-amz-cf-pop
AMS1-C1
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
content-length
58
via
1.1 a31e887359e681523a84a0d401a4fe7c.cloudfront.net (CloudFront)
x-amz-cf-id
Ya3s3XfPZRzGyRTVrWW_tOn68oXRFBHwGf6hrT5E5AMQsfh1ZfBldQ==
custom
glimtors.net/ Frame
0
0
Preflight
General
Full URL
https://glimtors.net/custom
Protocol
H2
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.file-upload.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 15 Sep 2021 19:51:03 GMT
content-type
text/plain; charset=utf-8
content-length
0
access-control-allow-origin
https://www.file-upload.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age
86400
4244467
in-page-push.com/400/
84 KB
30 KB
Script
General
Full URL
https://in-page-push.com/400/4244467
Requested by
Host: www.file-upload.com
URL: https://www.file-upload.com/uj5q8vqoc578
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.15 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
455ade4f2af76701a548d53f6838ed6f1c40a74b9612580e905044112a6276fe
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.file-upload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id
c779ce7d2c0563cfa60dd7f19d8c4745
pragma
no-cache
date
Wed, 15 Sep 2021 19:50:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Origin
content-type
application/javascript
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security
max-age=1
timing-allow-origin
*
expires
Wed, 31 Dec 1969 19:00:00 EST
atrk.js
certify-js.alexametrics.com/
4 KB
2 KB
Script
General
Full URL
https://certify-js.alexametrics.com/atrk.js
Requested by
Host: www.file-upload.com
URL: https://www.file-upload.com/uj5q8vqoc578
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.155.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-13.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.file-upload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 27 Apr 2021 18:03:54 GMT
Server
AmazonS3
Age
12188617
ETag
W/"d89453438fbf10dcf4c13265c40d5160"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 414a05dee9c365a2a2079013f9d53671.cloudfront.net (CloudFront)
Cache-Control
max-age=26920000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
DUS51-C1
X-Amz-Cf-Id
V7QEvl6qM-Q3tNBh6VdiAWp5c65rXLHqj6_HHYpi672A-xIM0pj7eg==
ga.js
ssl.google-analytics.com/
45 KB
17 KB
Script
General
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.file-upload.com
URL: https://www.file-upload.com/uj5q8vqoc578
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.208.104 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sof01s11-in-f104.1e100.net
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.file-upload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
5819
date
Wed, 15 Sep 2021 18:14:05 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Wed, 15 Sep 2021 20:14:05 GMT
sdk.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.file-upload.com
URL: https://www.file-upload.com/uj5q8vqoc578
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.60.216.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frx5.fbcdn.net
Software
/
Resource Hash
26e16f5710cb56732061e8025733dd384b41d823d359806f9c697a74ed209fe3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.file-upload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
iF7ZDu/kcDFmv9LiqwkDEQ==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1686
x-fb-rlafr
0
x-fb-debug
fcbzHETtPJBaYZbDlaxLIXOrU3T6ZA/WolcOnmN8kxifzdIhfXP5vKr6YpJkX21qGpGzZJT0YbQ5ElZ+kAMf7Q==
x-fb-trip-id
917726464
x-fb-content-md5
1122f24e5bf960d439b9894b1b564165
x-frame-options
DENY
date
Wed, 15 Sep 2021 19:51:03 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"c1f88a2debcf99199a5fd7463f0195ce"
timing-allow-origin
*
expires
Wed, 15 Sep 2021 20:10:24 GMT
custom
glimtors.net/
39 B
329 B
Fetch
General
Full URL
https://glimtors.net/custom
Requested by
Host: www.file-upload.com
URL: https://www.file-upload.com/uj5q8vqoc578
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://www.file-upload.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
77c68f495440888e7488e6097b3fa354
date
Wed, 15 Sep 2021 19:51:03 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file-upload.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
39
sdk.js
connect.facebook.net/en_US/
228 KB
67 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=1aa91526ba5de897edb123f91cb40b13
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.216.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frx5.fbcdn.net
Software
/
Resource Hash
8d6b04b1ce9f35138eb1dc0371105278087a2fe0fb3611e11da0df9427cf2da4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.file-upload.com/
Origin
https://www.file-upload.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
eqSNmA5BQ5ztBwvxD044KQ==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
68415
x-fb-rlafr
0
x-fb-debug
T0i1aqFipXzs5gLrltOsRRE9jMbnZ9qQ5kl3cMFT5/JCwlhIKbv3U/iNSq0MZqhGToqXaQ1HF2o+2bQ3LvtF1g==
x-fb-content-md5
d8a3e656da75a9553f5527884de6f473
x-frame-options
DENY
date
Wed, 15 Sep 2021 19:51:03 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"f0f92501dce7313eda67e309d62337f0"
timing-allow-origin
*
priority
u=3,i
expires
Thu, 15 Sep 2022 19:38:46 GMT
atrk.gif
certify.alexametrics.com/
43 B
552 B
Image
General
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Download%20Male%20Enhancement%20Strategieszhako%20pdf&time=1631735463980&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.file-upload.com%2Fuj5q8vqoc578&random_number=18757150116&sess_cookie=b5450a9f17beb03402cf4b68764&sess_cookie_flag=1&user_cookie=b5450a9f17beb03402cf4b68764&user_cookie_flag=1&dynamic=true&domain=file-up.org&account=dracm1a47E80em&jsv=20130128&user_lang=en-US
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.155.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-77.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.file-upload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 03:30:15 GMT
Via
1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
Age
58850
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Pop
DUS51-C1
x-amz-meta-alexa-last-modified
20110117123941
Content-Length
43
X-Amz-Cf-Id
Q-3uoR_cBgYiTHTHyeeyeIj7ZlkDzC4_f4pJzwHMTSPMD0_f1BMhBg==
x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/
0
48 B
Image
General
Full URL
https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.142.157.144 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-142-157-144.us-east-2.compute.amazonaws.com
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.file-upload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 19:51:04 GMT
server
Server
apu.php
cdn.betgorebysson.club/
0
0
Script
General
Full URL
https://cdn.betgorebysson.club/apu.php?zoneid=4250319
Requested by
Host: in-page-push.com
URL: https://in-page-push.com/400/4244467
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.file-upload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id
4665e432580b5ad258e2ded46e624b6f
pragma
no-cache
date
Wed, 15 Sep 2021 19:51:04 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
content-length
382
expires
Tue, 11 Jan 1994 10:00:00 GMT
1
cdn.itphanpytor.club/
7 KB
4 KB
Script
General
Full URL
https://cdn.itphanpytor.club/1?z=4271062
Requested by
Host: in-page-push.com
URL: https://in-page-push.com/400/4244467
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.241 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
b435982d9e74b3901a30b13f840a0184d6881a5fd52bf3d78cece7b4d8cda8d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.file-upload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Sep 2021 19:51:04 GMT
content-encoding
gzip
x-sc
hxFLlLMz9dYrIgELJkWqVZ6CvfziE673UlVkMCJQu8VjZVCsST9vxDS1fCma2Ydvk7SBno_G4xWY5bcuPzGYQVB1B0c=
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
text/javascript
access-control-allow-origin
access-control-expose-headers
X-Sc
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires
Mon, 26 Jul 1997 05:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1152703616&utmhn=www.file-upload.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-42931250-7&cid=1422913114.1631735464&jid=949675173&_v=5.7.2&z=1152703616
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42931250-7&cid=1422913114.1631735464&jid=949675173&_v=5.7.2&z=1152703616
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42931250-7&cid=1422913114.1631735464&jid=949675173&_v=5.7.2&z=1152703616&slf_rd=1&random=3463267957
42 B
522 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42931250-7&cid=1422913114.1631735464&jid=949675173&_v=5.7.2&z=1152703616&slf_rd=1&random=3463267957
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.102.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
rb-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.file-upload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Sep 2021 19:51:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 15 Sep 2021 19:51:04 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42931250-7&cid=1422913114.1631735464&jid=949675173&_v=5.7.2&z=1152703616&slf_rd=1&random=3463267957
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
like.php
web.facebook.com/v2.7/plugins/ Frame D648
0
2 KB
Document
General
Full URL
https://web.facebook.com/v2.7/plugins/like.php?action=like&app_id=1643518039205368&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df5e50377e400cc%26domain%3Dwww.file-upload.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.file-upload.com%252Ff2907aae3e588d8%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Ffileuploadcom%2F&layout=box_count&locale=en_US&sdk=joey&share=true&show_faces=true&size=large
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=1aa91526ba5de897edb123f91cb40b13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.60.216.15 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-shv-01-frx5.facebook.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
web.facebook.com
:scheme
https
:path
/v2.7/plugins/like.php?action=like&app_id=1643518039205368&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df5e50377e400cc%26domain%3Dwww.file-upload.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.file-upload.com%252Ff2907aae3e588d8%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Ffileuploadcom%2F&layout=box_count&locale=en_US&sdk=joey&share=true&show_faces=true&size=large
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.file-upload.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.file-upload.com/

Response headers

content-type
text/html;charset=utf-8
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster:;media-src *.cdninstagram.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://web.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/web.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-content-type-options
nosniff
x-xss-protection
0
x-fb-debug
povcSqKPAzCDJUHIeWWIm0z0lafRa34Z44L9dKOIXmGF5Z8EdH7Kkr1J7qzWScYbas1HiWeoOm9HYbOQMlioFA==
content-length
0
date
Wed, 15 Sep 2021 19:51:04 GMT
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
25ee747051666bd9f2160653f1eb4417
cdn.itphanpytor.club/27/
363 KB
119 KB
Script
General
Full URL
https://cdn.itphanpytor.club/27/25ee747051666bd9f2160653f1eb4417
Requested by
Host: cdn.itphanpytor.club
URL: https://cdn.itphanpytor.club/1?z=4271062
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.241 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
800b77de13058f70458365b0040ecef27e7a327167775e23133ca7af3b19a50d
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.file-upload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 19:51:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 13 Sep 2021 07:31:52 GMT
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
cache-control
max-age:290304000, public
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires
Mon, 13 Oct 2081 07:31:52 GMT
38
cdn.itphanpytor.club/42/
0
495 B
Script
General
Full URL
https://cdn.itphanpytor.club/42/38?z=4271062
Requested by
Host: cdn.itphanpytor.club
URL: https://cdn.itphanpytor.club/1?z=4271062
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.241 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.file-upload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Sep 2021 19:51:04 GMT
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
access-control-expose-headers
X-Sc
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
content-length
0
expires
Mon, 26 Jul 1997 05:00:00 GMT
9
cdn.itphanpytor.club/ Frame
0
0
Preflight
General
Full URL
https://cdn.itphanpytor.club/9?z=4271062&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fwww.file-upload.com%2Fuj5q8vqoc578&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=3&sah=1200&drf=&hil=1&ist=0
Protocol
H2
Server
139.45.197.241 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.file-upload.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 15 Sep 2021 19:50:55 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://www.file-upload.com
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma
no-cache
cache-control
no-store, no-cache, must-revalidate, max-age=0
expires
Mon, 26 Jul 1997 05:00:00 GMT
online.js
static.lalaping.com/
0
0

9
cdn.itphanpytor.club/
7 B
549 B
XHR
General
Full URL
https://cdn.itphanpytor.club/9?z=4271062&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fwww.file-upload.com%2Fuj5q8vqoc578&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=3&sah=1200&drf=&hil=1&ist=0
Requested by
Host: cdn.itphanpytor.club
URL: https://cdn.itphanpytor.club/27/25ee747051666bd9f2160653f1eb4417
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.241 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821

Request headers

Referer
https://www.file-upload.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 15 Sep 2021 19:51:04 GMT
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://www.file-upload.com
access-control-expose-headers
X-Sc
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
content-length
7
expires
Mon, 26 Jul 1997 05:00:00 GMT
4244467
in-page-push.com/500/
4 KB
2 KB
XHR
General
Full URL
https://in-page-push.com/500/4244467?excludes=&oaid=0adca502ab0c485e959935b1415a92cc&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=3&pl=https%3A%2F%2Fwww.file-upload.com%2Fuj5q8vqoc578&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Requested by
Host: in-page-push.com
URL: https://in-page-push.com/400/4244467
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.15 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
f074e8a49fe0c0dfae4601e2c9bc5d5fc2473f11da7001871e6d72cdf8b6c3f3
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://www.file-upload.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
3cc274f73bc0b7b685183fec9cd62182
pragma
no-cache
date
Wed, 15 Sep 2021 19:50:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://www.file-upload.com
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
strict-transport-security
max-age=1
timing-allow-origin
*
expires
Wed, 31 Dec 1969 19:00:00 EST
4244467
in-page-push.com/500/ Frame
0
0
Preflight
General
Full URL
https://in-page-push.com/500/4244467?excludes=&oaid=0adca502ab0c485e959935b1415a92cc&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=3&pl=https%3A%2F%2Fwww.file-upload.com%2Fuj5q8vqoc578&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Protocol
H2
Server
139.45.197.15 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.file-upload.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 15 Sep 2021 19:51:04 GMT
content-length
0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET
access-control-allow-origin
https://www.file-upload.com
access-control-max-age
300
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
strict-transport-security
max-age=1
x-content-type-options
nosniff
timing-allow-origin
*
0738745987824.png
static.cdnativepush.com/contents/s/27/37/a4/8fd12ad9d8597ca0ddca80c749/
577 B
1 KB
Image
General
Full URL
https://static.cdnativepush.com/contents/s/27/37/a4/8fd12ad9d8597ca0ddca80c749/0738745987824.png
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.197.188 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
b0e7fadc3bee4745eb7e38e7684dc1ab8ffb8639d16f1ebdc21cbca2f9dbcc0b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.file-upload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 19:51:04 GMT
Last-Modified
Thu, 21 Feb 2019 14:00:06 GMT
Server
nginx
ETag
"5c6eaee6-241"
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length
577
h-sJGl92qArkJ-ZPRUOPC_KGxAu5ipYhTYNgBh71Nnn8tWH6qRfMKOcHOGtF44H4n1Lip5SKIhoTbklKCBpDjJ0-xaHAkZ5092NLEMGDx93StpDPnY1ISdbyhSXJXj4S2voLMLYtDsGkjMtMaHieo6TB5AksxRFp6AMR1Pfmmj1Gfcxo5U6y7StPDwQ0d9N1Fu7UQ...
forflygonom.com/impression/
43 B
326 B
Image
General
Full URL
https://forflygonom.com/impression/h-sJGl92qArkJ-ZPRUOPC_KGxAu5ipYhTYNgBh71Nnn8tWH6qRfMKOcHOGtF44H4n1Lip5SKIhoTbklKCBpDjJ0-xaHAkZ5092NLEMGDx93StpDPnY1ISdbyhSXJXj4S2voLMLYtDsGkjMtMaHieo6TB5AksxRFp6AMR1Pfmmj1Gfcxo5U6y7StPDwQ0d9N1Fu7UQzlkceuaXL6e6od9ScyziuF33YFBWmFmO9g5aa385W1QWdgVozOY2lfMuhwLDYfrjz-M4MrOe58hPMELkZLjJAtRIMtpFcyNtZnEUDb822MPSnJvz-piTesla_S16Sol0DdzaT9QGd6ZhbEvRXxJ8nPX1o9pnz-oi1GVPea3Kmwevjoooqb17VuSvVLqHqc1Ag==?_z=4244467&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=3&pl=https%3A%2F%2Fwww.file-upload.com%2Fuj5q8vqoc578&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.238 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.file-upload.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id
e0328accbae5bd65bf26e733a87c5938
pragma
no-cache
date
Wed, 15 Sep 2021 19:51:02 GMT
x-content-type-options
nosniff
server
nginx
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security
max-age=1
timing-allow-origin
*
content-length
43
expires
Wed, 31 Dec 1969 19:00:00 EST
4244467
in-page-push.com/500/
0
0

4244467
in-page-push.com/500/ Frame
0
0
Preflight
General
Full URL
https://in-page-push.com/500/4244467?excludes=9625604&oaid=0adca502ab0c485e959935b1415a92cc&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=4&pl=https%3A%2F%2Fwww.file-upload.com%2Fuj5q8vqoc578&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Protocol
H2
Server
139.45.197.15 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.file-upload.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 15 Sep 2021 19:51:08 GMT
content-length
0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET
access-control-allow-origin
https://www.file-upload.com
access-control-max-age
300
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
strict-transport-security
max-age=1
x-content-type-options
nosniff
timing-allow-origin
*

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.lalaping.com
URL
https://static.lalaping.com/online.js?ver=2.0.0
Domain
in-page-push.com
URL
https://in-page-push.com/500/4244467?excludes=9625604&oaid=0adca502ab0c485e959935b1415a92cc&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=4&pl=https%3A%2F%2Fwww.file-upload.com%2Fuj5q8vqoc578&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforexrselect boolean| originAgentCluster object| 7m80fh8faud object| zfgformats function| onClickTrigger boolean| zfgloadedpopup number| LAST_CORRECT_EVENT_TIME number| _1845421039 number| _1721748045 number| _3104453692 object| __cfQR object| sdk object| webpushlogs boolean| installOnFly boolean| zfgloadedpush boolean| zfgloadedpushopt boolean| zfgloadedpushcode number| iinf object| html5 object| Modernizr function| yepnope object| jQuery112408499638548716109 function| CBPFWTabs function| $ function| jQuery function| setPagination function| WOW function| eve function| mina function| Snap object| _atrk_opts object| _gaq boolean| __cfRLUnblockHandlers object| FB function| atrk boolean| _atrk_fired object| _gat object| gaGlobal boolean| zfgloadednative boolean| _retranberw object| regeneratorRuntime function| _retranber number| wm string| oaid

19 Cookies

Domain/Path Name / Value
cdn.itphanpytor.club/42 Name: OAID
Value: 75807fe70f8b48868d8ad5d2f3200297
cdn.itphanpytor.club/42 Name: oaidts
Value: 1631735464
.file-upload.com/ Name: lang
Value: german
ozongees.com/ Name: OAID
Value: 0adca502ab0c485e959935b1415a92cc
ozongees.com/ Name: oaidts
Value: 1631735462
jeehathu.com/ Name: OAID
Value: d79d200c5bf8476a8ff07cebd685818b
jeehathu.com/ Name: oaidts
Value: 1631735462
my.rtmark.net/ Name: ID
Value: 0adca502ab0c485e959935b1415a92cc
www.file-upload.com/ Name: prefetchAd_4244463
Value: true
dozubatan.com/ Name: OAID
Value: 0adca502ab0c485e959935b1415a92cc
.file-upload.com/ Name: __utma
Value: 184767038.1422913114.1631735464.1631735464.1631735464.1
.file-upload.com/ Name: __utmc
Value: 184767038
.file-upload.com/ Name: __utmz
Value: 184767038.1631735464.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.file-upload.com/ Name: __utmt
Value: 1
.file-upload.com/ Name: __utmb
Value: 184767038.1.10.1631735464
cdn.itphanpytor.club/ Name: scm
Value: 1
cdn.itphanpytor.club/ Name: OAID
Value: 75807fe70f8b48868d8ad5d2f3200297
cdn.itphanpytor.club/ Name: oaidts
Value: 1631735464
in-page-push.com/ Name: OAID
Value: 0adca502ab0c485e959935b1415a92cc

1 Console Messages

Source Level URL
Text
network error URL: https://cdn.betgorebysson.club/apu.php?zoneid=4250319
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0;includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
cdn.betgorebysson.club
cdn.itphanpytor.club
certify-js.alexametrics.com
certify.alexametrics.com
connect.facebook.net
d2fbvay81k4ji3.cloudfront.net
dozubatan.com
forflygonom.com
freychang.fun
geealingsa.space
glimtors.net
images.dmca.com
in-page-push.com
jeehathu.com
liminances.xyz
my.rtmark.net
ozongees.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
ssl.google-analytics.com
static.cdnativepush.com
static.lalaping.com
stats.g.doubleclick.net
web.facebook.com
www.facebook.com
www.file-upload.com
www.google.com
www.google.de
in-page-push.com
static.lalaping.com
104.21.45.207
108.177.119.156
13.226.155.13
13.226.155.77
13.226.156.200
139.45.195.8
139.45.197.15
139.45.197.188
139.45.197.236
139.45.197.237
139.45.197.238
139.45.197.239
139.45.197.241
139.45.197.251
142.250.102.103
142.250.102.94
142.250.27.84
151.139.242.29
172.67.146.80
185.60.216.15
185.60.216.19
185.60.216.35
216.58.208.104
3.142.157.144
65.9.73.105
65.9.73.127
0186abebc0f1ba6689a8f534f796843fb1f96c07402cebeb9f171a1eaba89994
04f96e631c4498fd521f8b9f8ddcbcdeca4a224336487230bcad504acb2dd901
09bfbfa713c03228c328f9134824466c20eb7278b7b8d227a8863dda8f1ae978
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
154209918f54c20828384432e6c201839be4608ba4412019e71a6b699c1243fe
1970ee67b74ae577374926a6b93c7532f6cefd19f4c269700bd45a8ae13d6011
24a49b89733697e7ae1aeaf626d3fe6840cfad6eac17a39aadb6cfab89a9510c
26e16f5710cb56732061e8025733dd384b41d823d359806f9c697a74ed209fe3
27c5969dc8d515e42b01193ec6ff64e2ff6b74ee39af199445978bb8afa25810
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3e4dc309817221417205c20dceff2dc39d90c460fbfae740a4bd99cd27194ae9
4398479d3d062ac1fb8d56ed429bea1ae4d6d21dce9dc14d88962b8cea0f65b7
44bae3586c48283835d9e8155b181de3f59c660b72e3a2b3f2ccb1c0ee618487
455ade4f2af76701a548d53f6838ed6f1c40a74b9612580e905044112a6276fe
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5673d5c33ae061335d136a7c0a95fabaff555eb5946e71758837bf735d06ae1b
59e9a218e74dc0143a4d3954e885cd851bf7b56e2e8becd2631d40d1210aca26
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
800b77de13058f70458365b0040ecef27e7a327167775e23133ca7af3b19a50d
8300148a65246e0d11c5d2c03cd7456fa0d968eb02c914676c01353d23cd71c7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83853c5a92f6fd1104612b324f0bba74a74ae60032c3d31f78d64d505e8934e4
8643bcd8cd9c0cc9c17e62a900f64cd72d4fe746018576247622781a2ffccef7
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d6b04b1ce9f35138eb1dc0371105278087a2fe0fb3611e11da0df9427cf2da4
906e3c8636b032636dc1f2b5d8ae069827f96b63327d557162435802f76c1e2c
9f0a1319b8f30451d3058273c80cadf1b33c07c9a7165eb6e7600a1334b00672
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
a358ae8b7b4b8458e53b3ea24b5390adcdc2b436a83d03fdbc09f38a22eab434
a89893d166d647ef4b835f100216d84d7e0fc9b6ba57d90716019ffd866a0c13
ab3b4928cd56c0165c0492340c2bd5e77405f7a485107039c765e4a9f587a205
b0e7fadc3bee4745eb7e38e7684dc1ab8ffb8639d16f1ebdc21cbca2f9dbcc0b
b435982d9e74b3901a30b13f840a0184d6881a5fd52bf3d78cece7b4d8cda8d7
b95d388639377c2a8369196883c985eba7f1e86544b384abdda7140904b6e3b0
ba725767941bb782ef38d6a30d987298ec540dd468aec27e62c2b3f3817bbc69
c29e2d68b8d2b99093f317022e3561fa9bbe6e323cd83f8e8cfadd24dab71972
c71d49cfc099563c205918a58497a420e4a3509becd7ae1782b6fda044fb43b3
c8061552964779eec60b1cde5f3c901e918ed0725566281fdb02a18d737f1a79
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e72c4420acf6fb4b2361a123217672946b8a0c5085e1395db0aeea7a38e871a0
ea5b2f0ae6e51e58a4849658ff814852af1f2134408d0be55062dbcc1b5868fc
ec278cce49e8ca5a66fa3b2f2b56510c8e9239753a50e704a504491253dc3288
ed93bca7212bd9a6bf22e8819636f0d4a7e256f77afc4aa1333596c65a2ecd31
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f074e8a49fe0c0dfae4601e2c9bc5d5fc2473f11da7001871e6d72cdf8b6c3f3
fc6b00b39c6831d32690a5f33fe637ecfee459123b835d461428e16ea7157842
fe894077580a26a7bb0005cc423f8c9b22041593ec03bce3e9061dca7d7b5f1f
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
ff8e6e4ea104bcb9ad3c7f53c8c88f47d7a21bf9131abf5c88dc5bea3373afe2