Report - upfilesurls.com/UCqw?token=eyJpdiI6IjZRdloxMlZqQk5sSkF4ZXNkNHZGakE9PSIsInZhbHVlIjoiNFJRTnoreStnMUlXM1JSbFI5TVR4QT09IiwibWFjIjoiZjQ1NjM3YTQ5MzMzMTkyOWQ3ZjQwOGQxMGVjYWM1NDU1MGQ3NWY4NjgzMTdkMWUxNmEyOGJmMTRlNTBiZGQyZCIsInRhZyI6IiJ9

Report Overview

Visited public
2023-12-11 05:14:43
Tags
Submit Tags
URL
upfilesurls.com/UCqw?token=eyJpdiI6IjZRdloxMlZqQk5sSkF4ZXNkNHZGakE9PSIsInZhbHVlIjoiNFJRTnoreStnMUlXM1JSbFI5TVR4QT09IiwibWFjIjoiZjQ1NjM3YTQ5MzMzMTkyOWQ3ZjQwOGQxMGVjYWM1NDU1MGQ3NWY4NjgzMTdkMWUxNmEyOGJmMTRlNTBiZGQyZCIsInRhZyI6IiJ9
Finishing URL
upfilesurls.com/UCqw
IP / ASN
104.26.8.138
#13335 CLOUDFLARENET
Title
fresh x60 rapidgator.txt

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
api.demand.supply	54270	2014-06-22	2018-05-24 04:58:27	2023-12-10 04:24:52	1.6 kB	3.2 kB	104.16.134.22
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-10 10:32:08	3.3 kB	193 kB	216.58.207.227
dasensiblem.org	unknown	2023-11-08	2023-12-10 12:00:24	2023-12-10 12:40:01	3.0 kB	7.0 kB	52.85.242.98
live.demand.supply	31265	2014-06-22	2018-03-13 18:27:23	2023-12-10 17:28:58	5.4 kB	102 kB	104.16.134.22
pogothere.xyz	unknown	2022-08-22	2022-09-04 21:11:25	2023-12-10 11:21:33	1.3 kB	105 kB	188.114.96.1
asverymuc.org	unknown	2023-11-08	2023-12-10 12:39:05	2023-12-10 12:39:37	1.6 kB	1.8 kB	188.114.96.1
www.gstatic.com	unknown	2008-02-11	2016-07-26 11:37:06	2023-12-10 05:58:01	492 B	206 kB	142.250.74.35
pagead2.googlesyndication.com	101	2003-01-21	2021-02-20 16:52:05	2023-12-10 21:35:06	454 B	683 B	142.250.74.130
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-12-10 09:38:04	509 B	19 kB	142.250.74.106
www.recaptcha.net	2060	2007-01-06	2012-07-11 16:32:37	2023-12-10 21:09:42	469 B	1.4 kB	142.250.74.131
dv663fc06d35i.cloudfront.net	unknown	2008-04-25	2023-11-21 21:26:58	2023-12-01 21:37:53	1.8 kB	105 kB	143.204.42.28
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-12-10 10:23:31	901 B	152 kB	142.250.74.168
upfilesurls.com	unknown	2022-11-30	2022-11-30 13:09:38	2023-12-02 17:59:29	16 kB	579 kB	172.67.71.90
accounts.google.com	81	1997-09-15	2016-03-20 13:44:49	2023-12-10 06:32:40	3.8 kB	11 kB	64.233.161.84
cschyogh.com	unknown	2022-10-24	2022-10-24 14:58:05	2023-12-10 19:57:19	410 B	1.1 kB	142.91.159.92

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

Scan Date	Severity	Indicator	Alert
2023-12-11	medium	upfilesurls.com/js/frontend.js?id=88f283c744d8a6e43cfb	Unique code from Jetriz, Swid & Jeniva of the Tetris framework

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (28)

	URL	From	Size	First Seen	Last Seen
	cschyogh.com/1clkn/34742	ScriptElement	6 B	2023-03-07	2025-07-11
Pretty URL cschyogh.com/1clkn/34742 IP 142.91.159.92 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-11 23:19 Times Seen13485 Hash 9082dc37e5e8046929da411544ad071a 41e0e3963ed94e59e8a2f115994c382712411537 b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550 Loading...

	upfilesurls.com/cdn-cgi/challenge-platform/scripts/jsd/main.js	ScriptElement	7.4 kB	2023-12-11	2023-12-11
Pretty URL upfilesurls.com/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 172.67.71.90 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-11 06:14 Last Seen2023-12-11 06:14 Times Seen1 Hash 550600908575413d460d2d49edd881b2 f7abf563cf5e4346823cff773eea3fef3f6cbbe6 413f40845116ca10254e72df0d79d2afbfc9407c8b4e106ad5772ab82dca3555 Loading...

	www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit	ScriptElement	921 B	2023-12-08	2024-08-20
Pretty URL www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit IP 142.250.74.131 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-08 01:39 Last Seen2024-08-20 16:24 Times Seen18 Hash 5662dc3a01e5ab0cea92d9a13432cf4a 2519fee20dbd1ef4bd07a18e6a57d2860c776e7f 20a0ed2d09144a0e5eda75d4b834460334b75f9770e97cf7bd96c349bd6544ac Loading...

	upfilesurls.com/UCqw	ScriptElement	119 B	2023-03-08	2024-05-22
Pretty URL upfilesurls.com/UCqw IP 172.67.71.90 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 15:28 Last Seen2024-05-22 10:51 Times Seen947 Hash bbdd43a315309ebd811a1e555db11f7f 4f221fbceb33ca51ca52ebe80577f681bc8c17df 212dfa0151b22549ac14757d4e65f3909dd45c9cdb366d8bd00fd6b17b906a09 Loading...

	upfilesurls.com/UCqw	ScriptElement	2.9 kB	2023-03-12	2024-08-21
Pretty URL upfilesurls.com/UCqw IP 172.67.71.90 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 16:23 Last Seen2024-08-21 09:44 Times Seen1514 Hash b9dd502c04f179299a891e65a107e887 8e02ecbfb34c4371548dd0213076bcbf9a2b1523 fb6d9228943aa1956f95e9e330577772a47470e279ffbf84c2bc4e4ed4885c1a Loading...

	live.demand.supply/up.js	ScriptElement	5.1 kB	2024-08-20	2024-08-20
Pretty URL live.demand.supply/up.js IP 104.16.134.22 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 16:09 Last Seen2024-08-20 16:09 Times Seen1 Hash b72b5f9577ea032ab5acaa96e2811382 2c191e0346c4dd9bb7b61468a0cde942e4b5d72c 8246d1b41571d98ced7ff1b9b1dd3b8065c2a737432e66167be5b08a2318f256 Loading...

	unknown	Function	49 B	2023-04-11	2025-07-11
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:23 Last Seen2025-07-11 15:18 Times Seen2342 Hash efde3719ad2205f4e3b6504a9bf45646 83101bef8fc5445fd9dcf54dd04495fc490e939a d84287d2b4f27cb1c02d18a77c979f739a5107585cf81911fea18a14b204f9ba Loading...

	live.demand.supply/impl.v17.24.0.js	ScriptElement	88 kB	2023-12-07	2023-12-13
Pretty URL live.demand.supply/impl.v17.24.0.js IP 104.16.134.22 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-07 03:38 Last Seen2023-12-13 18:07 Times Seen11 Hash 9b708e2d8560de456abc0ca7170ba689 2faa41210c11ebe437f38db5f1c985a9096180e8 8127d6dfb7da3bc1eb3b7ebc9feba37089d8a0d9b45c69fd71e1490fb091d9f9 Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-07-12
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-07-12 01:12 Times Seen405741 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	www.googletagmanager.com/gtag/js?id=UA-197252557-1	ScriptElement	191 kB	2023-12-11	2023-12-11
Pretty URL www.googletagmanager.com/gtag/js?id=UA-197252557-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-11 06:14 Last Seen2023-12-11 06:14 Times Seen1 Hash 51945b7cf5c34ea9b3bbd43e5c128388 1aae92c29a2c42750bd94cc044c75254d6a6e005 9ba2daa314f9a7a27f869d2c12e2d262d7f2b50ad25a50520d07c19bb0965eb7 Loading...

	unknown	Function	38 B	2023-04-11	2025-07-11
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:23 Last Seen2025-07-11 21:01 Times Seen29831 Hash caf13b633ab4249aeadda1952a9038ae 1eb64473acd8bff2d081a66f128c611d079f6cbe 30d90270fd3125eb763b9958a72bd513c90cd6207b97dd0ef40c06aa22111ac7 Loading...

	upfilesurls.com/js/ads.js	ScriptElement	1.5 kB	2023-03-26	2024-08-21
Pretty URL upfilesurls.com/js/ads.js IP 172.67.71.90 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 03:42 Last Seen2024-08-21 09:44 Times Seen875 Hash 474dab2bae672cd84661a241806c67af c4e9f460c20e1535000feef7a0c748d1287734c9 ba4689299e8a29627b02f9dd8bb5ecec1ca32122dab181724dee2313627d9d85 Loading...

	securepubads.g.doubleclick.net/tag/js/gpt.js	ScriptElement	13 kB	2023-04-05	2025-07-12
Pretty URL securepubads.g.doubleclick.net/tag/js/gpt.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 04:46 Last Seen2025-07-12 01:03 Times Seen49698 Hash 0c9ed134ae3d5ffe972da2a3e59dc428 620df222551395592e46e4c5f425cf23dcdad891 5f9efa604bfe2aee8c1a90376125a098306ba390530a6f9b2ecb0a67cdac178d Loading...

	www.googletagmanager.com/gtag/js?id=G-75C4L64NEB&l=dataLayer&cx=c	ScriptElement	229 kB	2023-12-11	2023-12-11
Pretty URL www.googletagmanager.com/gtag/js?id=G-75C4L64NEB&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-11 06:14 Last Seen2023-12-11 06:14 Times Seen1 Hash 7bdb65a3459737c5146d528ec365790b d95b98c78981b81079d7cffea28e65eb36803ba9 c63acb56dddb4687cf1991d6877b9ab46f30a55d9f7f619a273cb30a9745e72a Loading...

	www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__en.js	ScriptElement	512 kB	2023-12-05	2024-08-20
Pretty URL www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__en.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-05 02:59 Last Seen2024-08-20 16:44 Times Seen1421 Hash af51eb6ced1afe3f0f11ee679198808c 02b9d6a7a54f930807a01ae3cdcf462862925b40 6788908efcff931e3c0c4fb54a255932414a22e81971dcc1427c8a4f459a1fbf Loading...

	upfilesurls.com/UCqw	ScriptElement	191 B	2023-03-08	2024-08-21
Pretty URL upfilesurls.com/UCqw IP 172.67.71.90 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 15:28 Last Seen2024-08-21 09:44 Times Seen1024 Hash da30bb47614694e4cc233b287d20eb05 33483604c226b92b61915d364fd6489029cafe57 c5db272b10d5a0729fecd702bbe86f8447f72e2a10049608007c8e2646c803f8 Loading...

	upfilesurls.com/UCqw	ScriptElement	65 kB	2023-11-23	2024-08-20
Pretty URL upfilesurls.com/UCqw IP 172.67.71.90 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-23 18:45 Last Seen2024-08-20 18:08 Times Seen260 Hash af63038cd8f1acde963ec3a987e36a37 868824d19e2bbdd3d808d1bd6dcad64206e5e4f7 8b142bf9eb9af9defd9b0a8810a22d234f002b0df249b9830b05c41b5a902cb9 Loading...

	upfilesurls.com/sandbox%20eval%20code		136 B	2023-04-11	2025-07-12
Pretty URL upfilesurls.com/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:23 Last Seen2025-07-12 01:03 Times Seen53158 Hash fb4eb094524daea58bf7f82331598541 f5ca39eb98fa1685f8647514a627d3d7f216f7ef 7cbf1e77bb9277bac7030ded2087246adf5c59564a5a1f28ce8c09be6ef48683 Loading...

	upfilesurls.com/UCqw	ScriptElement	926 B	2024-08-20	2024-08-20
Pretty URL upfilesurls.com/UCqw IP 172.67.71.90 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:09 Last Seen2024-08-20 16:09 Times Seen1 Hash 3c60824a0b27aa138ad33a15f7887dd0 c4e3b2dcf1b0c4df407f5bc512d70b1f94bc85bb 45d9981259173386c3070605c8797c1ca48dcbe74ab449ce413b5819351a1c1e Loading...

	unknown	ScriptElement	247 B	2024-08-20	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 16:09 Last Seen2024-08-20 16:09 Times Seen1 Hash f092cd2751c3ec2665678f0e85a27092 50761390c47ba23223f3169bf1848e57b7712242 078fc8bf830d102ca4530e2f2c1b855b12c818c11ccf66652252e0a6ae8807e5 Loading...

	unknown	Function	36 B	2023-04-11	2025-07-11
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:23 Last Seen2025-07-11 15:18 Times Seen2341 Hash c6417364696009e1ecada40d12c97a2f dd602b8bbd3a3656463ec3f6868c74f3a937859d 5a59e842a79e328e171f1da23754526329095be86fe355574fd7622f04ed3854 Loading...

	live.demand.supply/p4/v17-24-0/dXBmaWxlc3VybHMuY29tL1VDcXc=	ScriptElement	984 B	2023-12-11	2024-08-20
Pretty URL live.demand.supply/p4/v17-24-0/dXBmaWxlc3VybHMuY29tL1VDcXc= IP 104.16.134.22 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-11 00:59 Last Seen2024-08-20 16:10 Times Seen2 Hash 37cf90d8f5729f36bb760a4881efb749 b21a4f2c8b80c130e67b79811f44f0aa92efa56d fe9dfe0dcc46bf073a420f3b8980f27e0ca3fa56608f76cebf41ce585f575f93 Loading...

	dv663fc06d35i.cloudfront.net/?dcfvd=1010617	ScriptElement	321 kB	2023-12-11	2023-12-11
Pretty URL dv663fc06d35i.cloudfront.net/?dcfvd=1010617 IP 143.204.42.28 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-11 06:14 Last Seen2023-12-11 06:14 Times Seen1 Hash d76fb748624ce2f02e8452b90d048730 31c65925c6c33d8e889a61723136c7818ed5c022 000048f4259a92ada0681bae1ce505382e6c822ab0e2bc78d66136ba02131c3d Loading...

	upfilesurls.com/UCqw	ScriptElement	155 B	2023-03-08	2025-07-09
Pretty URL upfilesurls.com/UCqw IP 172.67.71.90 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 15:28 Last Seen2025-07-09 09:56 Times Seen1183 Hash a1e0d623f9e510e759498d67c8281999 65e9e9287fd8060ebb5b624463ff977040e3d154 c66a236b63a0191f0cc1cb5a3c1b675c0fb7bf7d5e56b8c5ed34d70b10059aa7 Loading...

	upfilesurls.com/js/frontend.js?id=88f283c744d8a6e43cfb	ScriptElement	981 kB	2023-03-12	2024-08-21
Pretty URL upfilesurls.com/js/frontend.js?id=88f283c744d8a6e43cfb IP 172.67.71.90 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 18:36 Last Seen2024-08-21 09:44 Times Seen738 Hash e38c15d82ba94f65edf148d0f1a98487 cd8ecadbc330cd3e12d55927483e87b0785dfcaa e87e0991dcfaa2c7b015d284d8b5d872363eb52af458b63c8449351b4b24612f Loading...

	upfilesurls.com/UCqw	ScriptElement	1.1 kB	2024-08-20	2024-08-20
Pretty URL upfilesurls.com/UCqw IP 172.67.71.90 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:09 Last Seen2024-08-20 16:09 Times Seen1 Hash dc4ce7e301dbac9fd3e94168df2da78c 3139a8fc4cd646fa95584bff1a45839f3d1cd0b3 cda96e9c7f8608f11d9d184efbf39280000efb12f9323cda0a77653736be6d60 Loading...

	upfilesurls.com/sandbox%20eval%20code		147 B	2023-04-11	2025-07-12
Pretty URL upfilesurls.com/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-07-12 01:12 Times Seen406173 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

		Size	First Seen	Last Seen
	#1 Write - b4266e242eff23787e7b828376d99726	181 B	2023-03-12 13:39	2024-08-21 09:44
Pretty Observations First Seen2023-03-12 13:39 Last Seen2024-08-21 09:44 Times Seen1938 Hash b4266e242eff23787e7b828376d99726 2eabaa39d5f1dfa68dd681d3489db9798b74bd73 b5fdf3f7d7a1047cf080ba3ff3eb2d0a433c1c9e2a08960fe0ba078c21935d6c Loading...

HTTP Transactions (59)

URL IP Response Size

GET dv663fc06d35i.cloudfront.net/?dcfvd=1010617

143.204.42.28

200 OK

103 kB

URL GET HTTP/2
dv663fc06d35i.cloudfront.net/?dcfvd=1010617
IP
143.204.42.28:443
ASN
#16509 AMAZON-02

Requested by
https://upfilesurls.com/UCqw
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (15945)
Size
103 kB (102685 bytes)
Hash
d76fb748624ce2f02e8452b90d048730
31c65925c6c33d8e889a61723136c7818ed5c022
000048f4259a92ada0681bae1ce505382e6c822ab0e2bc78d66136ba02131c3d

HTTP Headers

GET /?dcfvd=1010617 HTTP/1.1
Host: dv663fc06d35i.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 102685
date: Mon, 11 Dec 2023 05:14:03 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Hit from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: X1Ts2MfkG9ovkHV-A0ZiSPVGsJcmzAaB8LMthlLg1ZKK4xqI6zW9mw==
age: 13
X-Firefox-Spdy: h2

GET www.googletagmanager.com/gtag/js?id=UA-197252557-1

142.250.74.168

200 OK

69 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-197252557-1
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://upfilesurls.com/UCqw
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintC1:58:7C:BF:5A:61:79:08:CB:C2:00:63:60:07:86:BD:EA:0A:45:8A
ValidityMon, 20 Nov 2023 08:02:50 GMT - Mon, 12 Feb 2024 08:02:49 GMT

File type
ASCII text, with very long lines (4179)
Size
69 kB (69023 bytes)
Hash
51945b7cf5c34ea9b3bbd43e5c128388
1aae92c29a2c42750bd94cc044c75254d6a6e005
9ba2daa314f9a7a27f869d2c12e2d262d7f2b50ad25a50520d07c19bb0965eb7

HTTP Headers

GET /gtag/js?id=UA-197252557-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 11 Dec 2023 05:14:16 GMT
expires: Mon, 11 Dec 2023 05:14:16 GMT
cache-control: private, max-age=900
last-modified: Mon, 11 Dec 2023 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 69023
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET cschyogh.com/1clkn/34742

142.91.159.92

200 OK

26 B

URL GET HTTP/1.1
cschyogh.com/1clkn/34742
IP
142.91.159.92:443
ASN
#7979 SERVERS-COM

Requested by
https://upfilesurls.com/UCqw
Certificate
IssuerLet's Encrypt
Subjectcschyogh.com
Fingerprint41:44:0C:14:E9:F0:56:DF:20:70:F6:D1:C1:CB:6E:3E:7B:D0:33:AE
ValidityWed, 04 Oct 2023 23:46:38 GMT - Tue, 02 Jan 2024 23:46:37 GMT

File type
ASCII text, with no line terminators
Size
26 B (26 bytes)
Hash
9082dc37e5e8046929da411544ad071a
41e0e3963ed94e59e8a2f115994c382712411537
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550

HTTP Headers

GET /1clkn/34742 HTTP/1.1
Host: cschyogh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 11 Dec 2023 05:14:16 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Set-Cookie: GL_UI4=eJw9zV1OhDAcBHC%2BWXVBJ%2BEAHqFVQXz0Za%2FgIyntH6wL7aZU0NtLTPRtMvlNJgiCqLpFuGYp4k9R414NvJGs5fKhfmRNUz8JRkPfvvTtc8MFa3Gll86LfiKf4LDMwvnOrwmOIxlyWnbSKipwt6u%2F5mzsZhKkvRNGFUjnXUwF8t7ZbSFXxUiMmAn5STsa7NcuxId1iDmr96zNnkOGyC5VXF4jf9NG7cvyiIizsswC3Fwm4Qfr5k6rLEQ6OqEI4SsOUngarftGrmg5e3sB7KS6f%2F97HG%2BcIVO0aklIrX8n9wNBjE5s; expires=Tue, 12-Dec-2023 05:14:16 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwViE0KgzAUBvMeJVAqhY96AE%2BQamsXbmuXRReewGopgZBIEvtz%2B%2BpiBmaEEJwmYD0hqQpV5ao8qeJSgl7gpgUPFrJx%2FtP%2FQB6cn8HeYtcG47LazTYuf8BmbZDG%2Fmr0N%2BucmaN2NoAXtnX%2FMM%2FjrbuDJkng6FaHMRWgtzz8AV7hHdE%3D; expires=Tue, 12-Dec-2023 05:14:16 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

GET upfilesurls.com/img/menu.svg

172.67.71.90

200 OK

16 kB

URL GET HTTP/2
upfilesurls.com/img/menu.svg
IP
172.67.71.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/UCqw
Certificate
IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
FingerprintC4:06:EA:F3:4B:AA:F0:43:B3:17:05:E3:66:A4:76:2C:54:9D:91:CF
ValidityMon, 20 Nov 2023 19:51:53 GMT - Sun, 18 Feb 2024 19:51:52 GMT

File type
SVG Scalable Vector Graphics image - XML 1.0 document text - XML document, ASCII text
Size
16 kB (16274 bytes)
Hash
e194fab3eea9f00d5a3814c4df00ac8c
4a9760c8ec110364d025527e26730e78ae0b3ac0
3d3e6705b468cecdd78fb9a1ee6688d60e1d2c1caa0db7baa88db460315dccea

HTTP Headers

GET /img/menu.svg HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/UCqw
Cookie: XSRF-TOKEN=eyJpdiI6InlENVlZMkk1ZDB4MTllVzR5RUc2OFE9PSIsInZhbHVlIjoiOUZtUGVWay9YUjBIdG9DRi9JRUVEUEVaU2ZaMXFzeTM3T1Fhc0pmL3phdEhUcWM0REdUbzVXVjNNYVZZS1A5UkNITmNGQjVxd2phZ1hxaXJsY2VSS2lqTWNudURtcllSNWoyRGdqdXd0YVdrdjl6RExjZnpLWWZEeXczZTc2SnQiLCJtYWMiOiJlZTA5MTcwMzlkMmJkZDQ3OGZmOWNjNmMzMTY2YjQ1MTUwZGU2OWI5ZDY3YzA0MzM2YjBhMzFhZDhlNDgwMmQ5IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InZhbE91RVppSENSWklyc1ZodnhnRnc9PSIsInZhbHVlIjoiZmI0K2MwMm5hUW5rVFFqTW5ZNER0UzVJbHFXTlIrUS92MzFQei90SkNEWVYwUHJhWktqSjZmYVZPc2QyNVBRTG8rN0JvazN6dFFaUGEzUHZ3RHg2cHVyemJsUE5URDY2bXNxcXZrR0hiQnVlR2IzcjRaQWJKV0FYZDN4MEswNU8iLCJtYWMiOiI4MWFkZTk1M2UyNTJhNzcxM2M1NDc4MDU1MGJhOGI4MzEwNWQ2MTVhNWNmNGYzZTc5MWE4ZjBmYjUzNjI4ODFhIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 11 Dec 2023 05:14:16 GMT
content-type: image/svg+xml
last-modified: Tue, 24 Jan 2023 16:39:42 GMT
vary: Accept-Encoding
etag: W/"63d009ce-72e"
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1388697
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FDlY3fQiDVonB0WEwUn7tqmv4xyhZn84wGpB3Ob4RaObHeUishHIE6Pqhsef64zz%2F6stmsLW0HHNha4s5x%2Fxi0aOt5s1n4h2%2FMxDdkXP1mRNHV0ls6woc0hy%2B%2FD0rljO7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 833b3e3f4bcf5688-OSL
content-encoding: br
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

216.58.207.227

200 OK

47 kB

URL GET HTTP/2
fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://upfilesurls.com/UCqw
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1
ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT

File type
Web Open Font Format (Version 2), TrueType, length 46704, version 1.0 - data
Size
47 kB (46704 bytes)
Hash
30a274cd01b6eeb0b082c918b0697f1e
393311bde26b99a4ad935fa55bad1dce7994388b
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

HTTP Headers

GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:42:27 GMT
expires: Fri, 06 Dec 2024 15:42:27 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
age: 307910
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET asverymuc.org/dUNoMTNafAtCDjsELgV9DwYlZHYaASlWfSYQH2hxMRU6YXIkIE5FWhF+WQECRXVZBhUFKgwMAlMwHFBHADBVABUcLQ5eDlM1VQAdRndGAgdbc05EDkRlHEFSEn5ZF0MBNwQMAkJzWgMERHVdBgBFcw

188.114.96.1

204 No Content

0 B

URL GET HTTP/2
asverymuc.org/dUNoMTNafAtCDjsELgV9DwYlZHYaASlWfSYQH2hxMRU6YXIkIE5FWhF+WQECRXVZBhUFKgwMAlMwHFBHADBVABUcLQ5eDlM1VQAdRndGAgdbc05EDkRlHEFSEn5ZF0MBNwQMAkJzWgMERHVdBgBFcw
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/UCqw
Certificate
IssuerGoogle Trust Services LLC
Subjectasverymuc.org
Fingerprint3D:47:FF:77:5C:9C:A6:46:E8:F5:28:57:7A:8A:77:05:17:3D:3A:07
ValidityFri, 08 Dec 2023 05:28:24 GMT - Thu, 07 Mar 2024 05:28:23 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /dUNoMTNafAtCDjsELgV9DwYlZHYaASlWfSYQH2hxMRU6YXIkIE5FWhF+WQECRXVZBhUFKgwMAlMwHFBHADBVABUcLQ5eDlM1VQAdRndGAgdbc05EDkRlHEFSEn5ZF0MBNwQMAkJzWgMERHVdBgBFcw HTTP/1.1
Host: asverymuc.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Mon, 11 Dec 2023 05:14:17 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xglr0EvEUAEe5lWy9mWxOutiUaJg0ZCza90%2FfffZ4xAYqWZI5mfER1RUrz%2BiafcAwlrt1iYv14G9WlXVq4U00VLYuzWDTZ6iSMONCKiJ5Z60O46KfciqO8hNUs%2Buh5Cg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 833b3e417dd356cc-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

216.58.207.227

200 OK

47 kB

URL GET HTTP/2
fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://upfilesurls.com/UCqw
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1
ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT

File type
Web Open Font Format (Version 2), TrueType, length 46704, version 1.0 - data
Size
47 kB (46704 bytes)
Hash
30a274cd01b6eeb0b082c918b0697f1e
393311bde26b99a4ad935fa55bad1dce7994388b
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

HTTP Headers

GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:42:27 GMT
expires: Fri, 06 Dec 2024 15:42:27 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
age: 307910
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://upfilesurls.com/UCqw
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1
ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0 - data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 04:57:34 GMT
expires: Fri, 06 Dec 2024 04:57:34 GMT
cache-control: public, max-age=31536000
age: 346603
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET upfilesurls.com/img/logo.svg

172.67.71.90

200 OK

6.0 kB

URL GET HTTP/2
upfilesurls.com/img/logo.svg
IP
172.67.71.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/UCqw
Certificate
IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
FingerprintC4:06:EA:F3:4B:AA:F0:43:B3:17:05:E3:66:A4:76:2C:54:9D:91:CF
ValidityMon, 20 Nov 2023 19:51:53 GMT - Sun, 18 Feb 2024 19:51:52 GMT

File type
SVG Scalable Vector Graphics image - HTML document text - HTML document, ASCII text, with very long lines (1361)
Size
6.0 kB (5979 bytes)
Hash
1e28749acbd90e7e99a883c1890327cd
638b4525d3f0ed776db136ca1025a8961f46c9e0
d526da1f4d4af45cefd2a0d140abec2beddc3150d13c47d3de893eaa278a369d

HTTP Headers

GET /img/logo.svg HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/UCqw
Cookie: XSRF-TOKEN=eyJpdiI6InlENVlZMkk1ZDB4MTllVzR5RUc2OFE9PSIsInZhbHVlIjoiOUZtUGVWay9YUjBIdG9DRi9JRUVEUEVaU2ZaMXFzeTM3T1Fhc0pmL3phdEhUcWM0REdUbzVXVjNNYVZZS1A5UkNITmNGQjVxd2phZ1hxaXJsY2VSS2lqTWNudURtcllSNWoyRGdqdXd0YVdrdjl6RExjZnpLWWZEeXczZTc2SnQiLCJtYWMiOiJlZTA5MTcwMzlkMmJkZDQ3OGZmOWNjNmMzMTY2YjQ1MTUwZGU2OWI5ZDY3YzA0MzM2YjBhMzFhZDhlNDgwMmQ5IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InZhbE91RVppSENSWklyc1ZodnhnRnc9PSIsInZhbHVlIjoiZmI0K2MwMm5hUW5rVFFqTW5ZNER0UzVJbHFXTlIrUS92MzFQei90SkNEWVYwUHJhWktqSjZmYVZPc2QyNVBRTG8rN0JvazN6dFFaUGEzUHZ3RHg2cHVyemJsUE5URDY2bXNxcXZrR0hiQnVlR2IzcjRaQWJKV0FYZDN4MEswNU8iLCJtYWMiOiI4MWFkZTk1M2UyNTJhNzcxM2M1NDc4MDU1MGJhOGI4MzEwNWQ2MTVhNWNmNGYzZTc5MWE4ZjBmYjUzNjI4ODFhIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 11 Dec 2023 05:14:16 GMT
content-type: image/svg+xml
last-modified: Fri, 08 Apr 2022 10:55:45 GMT
vary: Accept-Encoding
etag: W/"625014b1-56e8"
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1115703
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2FlmSI%2Bd0PxZzI71AhIsa4PLBxaaaCz4ipt7jEQA%2FWhUZW3qmiNCV7o0Ed6YROeFqaJxCI4%2BSe3RlZjHT7spUxWM9S0hJOC8YMOrNmvnmXtw0wMz9pbvLPNffX0Sw1dpwg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 833b3e3f4bce5688-OSL
content-encoding: br
X-Firefox-Spdy: h2

GET dasensiblem.org/TWdlZzYsBQYKCSxaB0FDPwtYQgQLQlchUjtRU1RQLldTAwV4DksEWiISAQFEIgkRSVgoE0BVcAUoIz1OKVQ3BXkfXzc0BjpCVyFwGBcjJHEpJTQyYx0EJxRzClY8CmIPJg0kBABTMRBSACgxPgMIIBIBeAsiJDZcByo3VnwYKR1fZx41UR1+NTUvJG4MNiAfbws+CQRyDyEGXmIMPisyXHkCJyYDGTcdMWQMMQkVfg8AKjJiIgMjC3MGIiA1bB8lVAxnG18hMmIqMSImeAEEVSl+CgwdHWd9AyMkfiUlMAxSewRVKX4MViBTZH0pNyROHzI3MmQMPiBKYB41VhdMHFcGIGIjKSYpXRguPFYPBT83Vl0cNSQ1YTdXADJdF0JXJWwIISI1dyUJNDJsHyQIPm4FAD8Dew9TNTJnIjY0IlIPIQg9bgwMDi0QJxQKCUZwADBUAwRfFhNZCikBM38I

52.85.242.98

200 OK

1.2 kB

URL GET HTTP/2
dasensiblem.org/TWdlZzYsBQYKCSxaB0FDPwtYQgQLQlchUjtRU1RQLldTAwV4DksEWiISAQFEIgkRSVgoE0BVcAUoIz1OKVQ3BXkfXzc0BjpCVyFwGBcjJHEpJTQyYx0EJxRzClY8CmIPJg0kBABTMRBSACgxPgMIIBIBeAsiJDZcByo3VnwYKR1fZx41UR1+NTUvJG4MNiAfbws+CQRyDyEGXmIMPisyXHkCJyYDGTcdMWQMMQkVfg8AKjJiIgMjC3MGIiA1bB8lVAxnG18hMmIqMSImeAEEVSl+CgwdHWd9AyMkfiUlMAxSewRVKX4MViBTZH0pNyROHzI3MmQMPiBKYB41VhdMHFcGIGIjKSYpXRguPFYPBT83Vl0cNSQ1YTdXADJdF0JXJWwIISI1dyUJNDJsHyQIPm4FAD8Dew9TNTJnIjY0IlIPIQg9bgwMDi0QJxQKCUZwADBUAwRfFhNZCikBM38I
IP
52.85.242.98:443
ASN
#16509 AMAZON-02

Requested by
https://upfilesurls.com/UCqw
Certificate
IssuerAmazon
Subjectdasensiblem.org
FingerprintAD:A1:72:CC:94:7F:76:62:4A:62:D6:B6:D9:BF:27:DE:3D:96:21:A6
ValidityFri, 08 Dec 2023 00:00:00 GMT - Mon, 06 Jan 2025 23:59:59 GMT

File type
HTML document text - HTML document text - HTML document text - HTML document text - exported SGML document, ASCII text, with very long lines (3049), with no line terminators
Size
1.2 kB (1198 bytes)
Hash
6fe467ba26098fecc347be02d2b24906
fa2be6b9c03356c1a473e4578b29320cb6e44dcc
192c3d7747d90b3ff66b0a21b2cc81a6e1a880039f8813674e26178fe6544468

HTTP Headers

GET /TWdlZzYsBQYKCSxaB0FDPwtYQgQLQlchUjtRU1RQLldTAwV4DksEWiISAQFEIgkRSVgoE0BVcAUoIz1OKVQ3BXkfXzc0BjpCVyFwGBcjJHEpJTQyYx0EJxRzClY8CmIPJg0kBABTMRBSACgxPgMIIBIBeAsiJDZcByo3VnwYKR1fZx41UR1+NTUvJG4MNiAfbws+CQRyDyEGXmIMPisyXHkCJyYDGTcdMWQMMQkVfg8AKjJiIgMjC3MGIiA1bB8lVAxnG18hMmIqMSImeAEEVSl+CgwdHWd9AyMkfiUlMAxSewRVKX4MViBTZH0pNyROHzI3MmQMPiBKYB41VhdMHFcGIGIjKSYpXRguPFYPBT83Vl0cNSQ1YTdXADJdF0JXJWwIISI1dyUJNDJsHyQIPm4FAD8Dew9TNTJnIjY0IlIPIQg9bgwMDi0QJxQKCUZwADBUAwRfFhNZCikBM38I HTTP/1.1
Host: dasensiblem.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html
content-length: 1198
date: Mon, 11 Dec 2023 05:14:17 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 b4b5a8fc69875a192be2508de7e5a5e8.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: Bg86zHwF8vU9FaaRtnLBLI5oMNMx1LgsRctPbzX9ZbCEjYE5-iMn2w==
X-Firefox-Spdy: h2

GET upfilesurls.com/img/faqs-image.svg

172.67.71.90

200 OK

14 kB

URL GET HTTP/2
upfilesurls.com/img/faqs-image.svg
IP
172.67.71.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/UCqw
Certificate
IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
FingerprintC4:06:EA:F3:4B:AA:F0:43:B3:17:05:E3:66:A4:76:2C:54:9D:91:CF
ValidityMon, 20 Nov 2023 19:51:53 GMT - Sun, 18 Feb 2024 19:51:52 GMT

File type
SVG Scalable Vector Graphics image - , ASCII text, with very long lines (4190)
Size
14 kB (14285 bytes)
Hash
a60b7216905928c625ae9592044476cd
e70c5be728c7bd1198100337487aafe126834ca3
9a717285429d468fadc4d25179fc6feb49e6335f3af1675fb6be1cb50e7e8322

HTTP Headers

GET /img/faqs-image.svg HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/UCqw
Cookie: XSRF-TOKEN=eyJpdiI6InlENVlZMkk1ZDB4MTllVzR5RUc2OFE9PSIsInZhbHVlIjoiOUZtUGVWay9YUjBIdG9DRi9JRUVEUEVaU2ZaMXFzeTM3T1Fhc0pmL3phdEhUcWM0REdUbzVXVjNNYVZZS1A5UkNITmNGQjVxd2phZ1hxaXJsY2VSS2lqTWNudURtcllSNWoyRGdqdXd0YVdrdjl6RExjZnpLWWZEeXczZTc2SnQiLCJtYWMiOiJlZTA5MTcwMzlkMmJkZDQ3OGZmOWNjNmMzMTY2YjQ1MTUwZGU2OWI5ZDY3YzA0MzM2YjBhMzFhZDhlNDgwMmQ5IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InZhbE91RVppSENSWklyc1ZodnhnRnc9PSIsInZhbHVlIjoiZmI0K2MwMm5hUW5rVFFqTW5ZNER0UzVJbHFXTlIrUS92MzFQei90SkNEWVYwUHJhWktqSjZmYVZPc2QyNVBRTG8rN0JvazN6dFFaUGEzUHZ3RHg2cHVyemJsUE5URDY2bXNxcXZrR0hiQnVlR2IzcjRaQWJKV0FYZDN4MEswNU8iLCJtYWMiOiI4MWFkZTk1M2UyNTJhNzcxM2M1NDc4MDU1MGJhOGI4MzEwNWQ2MTVhNWNmNGYzZTc5MWE4ZjBmYjUzNjI4ODFhIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 11 Dec 2023 05:14:16 GMT
content-type: image/svg+xml
last-modified: Fri, 13 Jan 2023 13:29:35 GMT
vary: Accept-Encoding
etag: W/"63c15cbf-95fb"
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1531901
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BEBM1MMSfQmDMYMIiZkFNza3lkJvB6912qG72PZySRCcg0iCDNoDQpegaEoj5s4DH62Z8A%2BrIVfWQVdQL6%2FYVWlNYDfwkNNMQrPori1UwP4dIlOIaP0yh2WOp0wBppXwWw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 833b3e3f4bd25688-OSL
content-encoding: br
X-Firefox-Spdy: h2

GET upfilesurls.com/images/arrow-down.png?c98e5283a69cb508d054d30256af43c6

172.67.71.90

200 OK

208 B

URL GET HTTP/2
upfilesurls.com/images/arrow-down.png?c98e5283a69cb508d054d30256af43c6
IP
172.67.71.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/UCqw
Certificate
IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
FingerprintC4:06:EA:F3:4B:AA:F0:43:B3:17:05:E3:66:A4:76:2C:54:9D:91:CF
ValidityMon, 20 Nov 2023 19:51:53 GMT - Sun, 18 Feb 2024 19:51:52 GMT

File type
PNG image data, 6 x 12, 8-bit/color RGBA, non-interlaced - data
Size
208 B (208 bytes)
Hash
31f073499665afb237f3294219d2d7c6
c1ada0510e31f661dab66203c15a3d6c8f5468d0
59b7ad6d6f457b624e25d22959edc7c83af2ac52edba32fd6648c97af0d1780c

HTTP Headers

GET /images/arrow-down.png?c98e5283a69cb508d054d30256af43c6 HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/css/frontend.css?id=2396ffb76e738e465b53
Cookie: XSRF-TOKEN=eyJpdiI6InlENVlZMkk1ZDB4MTllVzR5RUc2OFE9PSIsInZhbHVlIjoiOUZtUGVWay9YUjBIdG9DRi9JRUVEUEVaU2ZaMXFzeTM3T1Fhc0pmL3phdEhUcWM0REdUbzVXVjNNYVZZS1A5UkNITmNGQjVxd2phZ1hxaXJsY2VSS2lqTWNudURtcllSNWoyRGdqdXd0YVdrdjl6RExjZnpLWWZEeXczZTc2SnQiLCJtYWMiOiJlZTA5MTcwMzlkMmJkZDQ3OGZmOWNjNmMzMTY2YjQ1MTUwZGU2OWI5ZDY3YzA0MzM2YjBhMzFhZDhlNDgwMmQ5IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InZhbE91RVppSENSWklyc1ZodnhnRnc9PSIsInZhbHVlIjoiZmI0K2MwMm5hUW5rVFFqTW5ZNER0UzVJbHFXTlIrUS92MzFQei90SkNEWVYwUHJhWktqSjZmYVZPc2QyNVBRTG8rN0JvazN6dFFaUGEzUHZ3RHg2cHVyemJsUE5URDY2bXNxcXZrR0hiQnVlR2IzcjRaQWJKV0FYZDN4MEswNU8iLCJtYWMiOiI4MWFkZTk1M2UyNTJhNzcxM2M1NDc4MDU1MGJhOGI4MzEwNWQ2MTVhNWNmNGYzZTc5MWE4ZjBmYjUzNjI4ODFhIiwidGFnIjoiIn0%3D; ab=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 11 Dec 2023 05:14:17 GMT
content-type: image/png
content-length: 208
last-modified: Fri, 08 Apr 2022 10:55:45 GMT
etag: "625014b1-d0"
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1206827
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Z5Spb%2F5ZzbFebTv3B6NmZqw0TeBWD3ltdm4Jxuwz2CjbwyYbRl8hRg%2Fr0DleWxcSqUkNTxOwjYhxcPGf0pYhKdM8woxV9gjvQUlU586gIUjGyDjJJarMbqhZmzmpzRHGw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 833b3e438e045688-OSL
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

216.58.207.227

200 OK

47 kB

URL GET HTTP/2
fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://upfilesurls.com/UCqw
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1
ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT

File type
Web Open Font Format (Version 2), TrueType, length 46704, version 1.0 - data
Size
47 kB (46704 bytes)
Hash
30a274cd01b6eeb0b082c918b0697f1e
393311bde26b99a4ad935fa55bad1dce7994388b
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

HTTP Headers

GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:42:27 GMT
expires: Fri, 06 Dec 2024 15:42:27 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
age: 307910
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://upfilesurls.com/UCqw
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1
ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0 - data
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:57:09 GMT
expires: Fri, 06 Dec 2024 15:57:09 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 307028
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET www.googletagmanager.com/gtag/js?id=G-75C4L64NEB&l=dataLayer&cx=c

142.250.74.168

200 OK

81 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-75C4L64NEB&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://upfilesurls.com/UCqw
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintC1:58:7C:BF:5A:61:79:08:CB:C2:00:63:60:07:86:BD:EA:0A:45:8A
ValidityMon, 20 Nov 2023 08:02:50 GMT - Mon, 12 Feb 2024 08:02:49 GMT

File type
ASCII text, with very long lines (5955)
Size
81 kB (81233 bytes)
Hash
7bdb65a3459737c5146d528ec365790b
d95b98c78981b81079d7cffea28e65eb36803ba9
c63acb56dddb4687cf1991d6877b9ab46f30a55d9f7f619a273cb30a9745e72a

HTTP Headers

GET /gtag/js?id=G-75C4L64NEB&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 11 Dec 2023 05:14:17 GMT
expires: Mon, 11 Dec 2023 05:14:17 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 81233
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

HEAD live.demand.supply/e/e.js?e=ll&d=277&cs=c&dsReferer=dXBmaWxlc3VybHMuY29tL1VDcXc=

104.16.134.22

200 OK

0 B

URL HEAD HTTP/3
live.demand.supply/e/e.js?e=ll&d=277&cs=c&dsReferer=dXBmaWxlc3VybHMuY29tL1VDcXc=
IP
104.16.134.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/UCqw
Certificate
IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /e/e.js?e=ll&d=277&cs=c&dsReferer=dXBmaWxlc3VybHMuY29tL1VDcXc= HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 11 Dec 2023 05:14:17 GMT
content-type: application/javascript; charset=UTF-8
content-length: 1
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=2
etag: "a49e9f0a501edbf396bf43092ec1efa3-ssl"
strict-transport-security: max-age=31536000
x-nf-request-id: 01HGASW7J1MD8TRYJ5PSP508YH
cf-cache-status: HIT
age: 211761
accept-ranges: bytes
set-cookie: __cf_bm=eWiYpQfWQ0ejLbHYD2iz1DfHUxd9sb2u0e7rb3dbIic-1702271657-1-AeLm3jET0JK83z5xESQFuGuxBMg6Z0QMkPpQE0ysk/Il/8YQ2T05tyGOYiurvGp6mguH+3xBVGyWq5rFGDtD9H8=; path=/; expires=Mon, 11-Dec-23 05:44:17 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 833b3e440c4c712d-OSL
alt-svc: h3=":443"; ma=86400

dv663fc06d35i.cloudfront.net/PeHNXVlYbHDkwaQwaM2tvQUVhZmdeGSQ5OAhOMzUDQUA+EA4aKjEccAwJM2tmXh82ODFFVTI4NUVCcTcyGk5jcCIIHDxrJwEZPzklAhg+MnANEmo7OQIaOzo3XUERY3hIVmVmfg8aOTI5DwByZGYWB3JkZklDeWZzSzFyZGYPGjlgYl1AFXNkSAthYnNLMX-JkZgoFcmUXSUNieGZRVmVmMR0QPDlzSjVlZmdIQ2ZmZ11BZzA/ChYxOS5dQRFnZk1dZ3AjRUI

143.204.42.28

596 B

URL
dv663fc06d35i.cloudfront.net/PeHNXVlYbHDkwaQwaM2tvQUVhZmdeGSQ5OAhOMzUDQUA+EA4aKjEccAwJM2tmXh82ODFFVTI4NUVCcTcyGk5jcCIIHDxrJwEZPzklAhg+MnANEmo7OQIaOzo3XUERY3hIVmVmfg8aOTI5DwByZGYWB3JkZklDeWZzSzFyZGYPGjlgYl1AFXNkSAthYnNLMX-JkZgoFcmUXSUNieGZRVmVmMR0QPDlzSjVlZmdIQ2ZmZ11BZzA/ChYxOS5dQRFnZk1dZ3AjRUI
IP
143.204.42.28:0
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
ASCII text, with very long lines (836), with no line terminators
Size
596 B (596 bytes)
Hash
289685f783e1c528760651e6200fa270
29e107a6f6be1edf8489978680c45bf16d404d32
cce0a93db18ece55d70eb855d8bf2055d9378725f983ba697d5ddefc2f4740ce

HTTP Headers

GET /PeHNXVlYbHDkwaQwaM2tvQUVhZmdeGSQ5OAhOMzUDQUA+EA4aKjEccAwJM2tmXh82ODFFVTI4NUVCcTcyGk5jcCIIHDxrJwEZPzklAhg+MnANEmo7OQIaOzo3XUERY3hIVmVmfg8aOTI5DwByZGYWB3JkZklDeWZzSzFyZGYPGjlgYl1AFXNkSAthYnNLMX-JkZgoFcmUXSUNieGZRVmVmMR0QPDlzSjVlZmdIQ2ZmZ11BZzA/ChYxOS5dQRFnZk1dZ3AjRUI HTTP/1.1
Host: dv663fc06d35i.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dasensiblem.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 596
date: Mon, 11 Dec 2023 05:14:17 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 7NagbPPJXmEpuG1MA8SdUt4WzGaPkAOxg0lUCE3tGnFmU_iBN0JQ-w==
X-Firefox-Spdy: h2

GET upfilesurls.com/js/frontend.js?id=88f283c744d8a6e43cfb

172.67.71.90

200 OK

370 kB

URL GET HTTP/2
upfilesurls.com/js/frontend.js?id=88f283c744d8a6e43cfb
IP
172.67.71.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/UCqw
Certificate
IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
FingerprintC4:06:EA:F3:4B:AA:F0:43:B3:17:05:E3:66:A4:76:2C:54:9D:91:CF
ValidityMon, 20 Nov 2023 19:51:53 GMT - Sun, 18 Feb 2024 19:51:52 GMT

File type
Unicode text, UTF-8 text, with very long lines (65526), with no line terminators
Size
370 kB (370537 bytes)
Hash
e38c15d82ba94f65edf148d0f1a98487
cd8ecadbc330cd3e12d55927483e87b0785dfcaa
e87e0991dcfaa2c7b015d284d8b5d872363eb52af458b63c8449351b4b24612f

Detections

Analyzer	Verdict	Alert
Public Nextron YARA rules	malware	Unique code from Jetriz, Swid & Jeniva of the Tetris framework

HTTP Headers

GET /js/frontend.js?id=88f283c744d8a6e43cfb HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/UCqw
Cookie: XSRF-TOKEN=eyJpdiI6InlENVlZMkk1ZDB4MTllVzR5RUc2OFE9PSIsInZhbHVlIjoiOUZtUGVWay9YUjBIdG9DRi9JRUVEUEVaU2ZaMXFzeTM3T1Fhc0pmL3phdEhUcWM0REdUbzVXVjNNYVZZS1A5UkNITmNGQjVxd2phZ1hxaXJsY2VSS2lqTWNudURtcllSNWoyRGdqdXd0YVdrdjl6RExjZnpLWWZEeXczZTc2SnQiLCJtYWMiOiJlZTA5MTcwMzlkMmJkZDQ3OGZmOWNjNmMzMTY2YjQ1MTUwZGU2OWI5ZDY3YzA0MzM2YjBhMzFhZDhlNDgwMmQ5IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InZhbE91RVppSENSWklyc1ZodnhnRnc9PSIsInZhbHVlIjoiZmI0K2MwMm5hUW5rVFFqTW5ZNER0UzVJbHFXTlIrUS92MzFQei90SkNEWVYwUHJhWktqSjZmYVZPc2QyNVBRTG8rN0JvazN6dFFaUGEzUHZ3RHg2cHVyemJsUE5URDY2bXNxcXZrR0hiQnVlR2IzcjRaQWJKV0FYZDN4MEswNU8iLCJtYWMiOiI4MWFkZTk1M2UyNTJhNzcxM2M1NDc4MDU1MGJhOGI4MzEwNWQ2MTVhNWNmNGYzZTc5MWE4ZjBmYjUzNjI4ODFhIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 11 Dec 2023 05:14:16 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=980842
etag: W/"63baab19-ef76a"
last-modified: Sun, 08 Jan 2023 11:38:01 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1115703
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m5sDeHuNKyrW3AtwDlF4hyIZrwNkagPQnHjmDJ%2BBQuE%2Fs9v61chfI2TwLQSfh5cZf19%2BKcUTz2hggu%2BNmU9MsELaH5hiIU1gxyVUZ3E1sqInUb%2Bk9nGF5MoAS0KjLfbfSw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 833b3e3f5bd65688-OSL
content-encoding: br
X-Firefox-Spdy: h2

dv663fc06d35i.cloudfront.net/HOFZxd3RbOR8RS0w/FUpFCGdBQUUPcBsEG1YmTBAhC2M4TwdMOTY5EGwfNFEAQjJMR1JUNx8QSR4zHxRJCXAQExYFYlcDBFc9TAYNUj4eBA5TPxVRAVlrHBgOUTodFlEKEERZRB1kQV8DUTgVGANLc0NHGkxzQ0dFCHhBUkd6c0NHA1E4R0NRCxRURURAYE-VSR3pzQ0cGTnNCNkUIY19HXR1kQRARWz0eUkZ+ZEFGRAhnQUZRCmYXHgZdMB4PUQoQQEdBFmZXAkkJ

143.204.42.28

522 B

URL
dv663fc06d35i.cloudfront.net/HOFZxd3RbOR8RS0w/FUpFCGdBQUUPcBsEG1YmTBAhC2M4TwdMOTY5EGwfNFEAQjJMR1JUNx8QSR4zHxRJCXAQExYFYlcDBFc9TAYNUj4eBA5TPxVRAVlrHBgOUTodFlEKEERZRB1kQV8DUTgVGANLc0NHGkxzQ0dFCHhBUkd6c0NHA1E4R0NRCxRURURAYE-VSR3pzQ0cGTnNCNkUIY19HXR1kQRARWz0eUkZ+ZEFGRAhnQUZRCmYXHgZdMB4PUQoQQEdBFmZXAkkJ
IP
143.204.42.28:0
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
ASCII text, with very long lines (719), with no line terminators
Size
522 B (522 bytes)
Hash
9d650cda953682f980497abb8f69f0e6
95939c772051cea2f634973c6f4b229642e7bca5
dfe09b33bbc62c9102c612de64dc4fb2ced71f5ce034a9a4295a142cf6b44f72

HTTP Headers

GET /HOFZxd3RbOR8RS0w/FUpFCGdBQUUPcBsEG1YmTBAhC2M4TwdMOTY5EGwfNFEAQjJMR1JUNx8QSR4zHxRJCXAQExYFYlcDBFc9TAYNUj4eBA5TPxVRAVlrHBgOUTodFlEKEERZRB1kQV8DUTgVGANLc0NHGkxzQ0dFCHhBUkd6c0NHA1E4R0NRCxRURURAYE-VSR3pzQ0cGTnNCNkUIY19HXR1kQRARWz0eUkZ+ZEFGRAhnQUZRCmYXHgZdMB4PUQoQQEdBFmZXAkkJ HTTP/1.1
Host: dv663fc06d35i.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dasensiblem.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 522
date: Mon, 11 Dec 2023 05:14:17 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: GDt-IJIosUcM_N9CquFzVnzPbtwW_w20hNA5PMaHUpd58wzc8GC7vQ==
X-Firefox-Spdy: h2

POST upfilesurls.com/cdn-cgi/challenge-platform/h/b/jsd/r/833b3e3c1ac35688

172.67.71.90

200 OK

1 B

URL POST HTTP/2
upfilesurls.com/cdn-cgi/challenge-platform/h/b/jsd/r/833b3e3c1ac35688
IP
172.67.71.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/UCqw
Certificate
IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
FingerprintC4:06:EA:F3:4B:AA:F0:43:B3:17:05:E3:66:A4:76:2C:54:9D:91:CF
ValidityMon, 20 Nov 2023 19:51:53 GMT - Sun, 18 Feb 2024 19:51:52 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
eccbc87e4b5ce2fe28308fd9f2a7baf3
77de68daecd823babbb58edb1c8e14d7106e83bb
4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/jsd/r/833b3e3c1ac35688 HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12181
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/UCqw
Cookie: XSRF-TOKEN=eyJpdiI6InlENVlZMkk1ZDB4MTllVzR5RUc2OFE9PSIsInZhbHVlIjoiOUZtUGVWay9YUjBIdG9DRi9JRUVEUEVaU2ZaMXFzeTM3T1Fhc0pmL3phdEhUcWM0REdUbzVXVjNNYVZZS1A5UkNITmNGQjVxd2phZ1hxaXJsY2VSS2lqTWNudURtcllSNWoyRGdqdXd0YVdrdjl6RExjZnpLWWZEeXczZTc2SnQiLCJtYWMiOiJlZTA5MTcwMzlkMmJkZDQ3OGZmOWNjNmMzMTY2YjQ1MTUwZGU2OWI5ZDY3YzA0MzM2YjBhMzFhZDhlNDgwMmQ5IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InZhbE91RVppSENSWklyc1ZodnhnRnc9PSIsInZhbHVlIjoiZmI0K2MwMm5hUW5rVFFqTW5ZNER0UzVJbHFXTlIrUS92MzFQei90SkNEWVYwUHJhWktqSjZmYVZPc2QyNVBRTG8rN0JvazN6dFFaUGEzUHZ3RHg2cHVyemJsUE5URDY2bXNxcXZrR0hiQnVlR2IzcjRaQWJKV0FYZDN4MEswNU8iLCJtYWMiOiI4MWFkZTk1M2UyNTJhNzcxM2M1NDc4MDU1MGJhOGI4MzEwNWQ2MTVhNWNmNGYzZTc5MWE4ZjBmYjUzNjI4ODFhIiwidGFnIjoiIn0%3D; ab=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 11 Dec 2023 05:14:17 GMT
content-type: text/plain; charset=UTF-8
set-cookie: cf_clearance=m.sOuGici1oSdjoo7JzGGFdu8n.QF1Dx6cbzFQIa00U-1702271657-0-1-730ca2d2.57dbd4fb.240dfd32-0.2.1702271657; path=/; expires=Tue, 10-Dec-24 05:14:17 GMT; domain=.upfilesurls.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ysN6JrnAFO%2FcoLnjj9zXre7PNnJlazNfxX%2FA%2FXp11kDsDwv7dAXlhOe7pzvnV5S4RSFue9XcVlzWwgzR5uG09%2B%2Fp9t7xfhSffYjiYiMeEtiu%2BSd8dTKctEowNcMW6eeXsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 833b3e44de7f5688-OSL
content-encoding: br
X-Firefox-Spdy: h2

GET upfilesurls.com/css/frontend.css?id=2396ffb76e738e465b53

172.67.71.90

200 OK

48 kB

URL GET HTTP/2
upfilesurls.com/css/frontend.css?id=2396ffb76e738e465b53
IP
172.67.71.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/UCqw
Certificate
IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
FingerprintC4:06:EA:F3:4B:AA:F0:43:B3:17:05:E3:66:A4:76:2C:54:9D:91:CF
ValidityMon, 20 Nov 2023 19:51:53 GMT - Sun, 18 Feb 2024 19:51:52 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
48 kB (48031 bytes)
Hash
cf7148de68c4ff76f21e2200b67fd8c4
ace4770fa2d643e676bccca417f7880c8a6565dd
e51161fcc5b2c4b90c3381e517152eb275d52a6c288954e502479d7421386240

HTTP Headers

GET /css/frontend.css?id=2396ffb76e738e465b53 HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/UCqw
Cookie: XSRF-TOKEN=eyJpdiI6InlENVlZMkk1ZDB4MTllVzR5RUc2OFE9PSIsInZhbHVlIjoiOUZtUGVWay9YUjBIdG9DRi9JRUVEUEVaU2ZaMXFzeTM3T1Fhc0pmL3phdEhUcWM0REdUbzVXVjNNYVZZS1A5UkNITmNGQjVxd2phZ1hxaXJsY2VSS2lqTWNudURtcllSNWoyRGdqdXd0YVdrdjl6RExjZnpLWWZEeXczZTc2SnQiLCJtYWMiOiJlZTA5MTcwMzlkMmJkZDQ3OGZmOWNjNmMzMTY2YjQ1MTUwZGU2OWI5ZDY3YzA0MzM2YjBhMzFhZDhlNDgwMmQ5IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InZhbE91RVppSENSWklyc1ZodnhnRnc9PSIsInZhbHVlIjoiZmI0K2MwMm5hUW5rVFFqTW5ZNER0UzVJbHFXTlIrUS92MzFQei90SkNEWVYwUHJhWktqSjZmYVZPc2QyNVBRTG8rN0JvazN6dFFaUGEzUHZ3RHg2cHVyemJsUE5URDY2bXNxcXZrR0hiQnVlR2IzcjRaQWJKV0FYZDN4MEswNU8iLCJtYWMiOiI4MWFkZTk1M2UyNTJhNzcxM2M1NDc4MDU1MGJhOGI4MzEwNWQ2MTVhNWNmNGYzZTc5MWE4ZjBmYjUzNjI4ODFhIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 11 Dec 2023 05:14:16 GMT
content-type: text/css
cache-control: max-age=31536000
cf-bgj: minify
etag: W/"63a354a4-3f918"
last-modified: Wed, 21 Dec 2022 18:47:00 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1531901
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wfoZx1NcE1e9dezu8LQOIPwPAORxxSDm6WgE14p4%2FYCyXuj9RUA%2FTfzAGyxuwyg8agLBKQIPqM%2B9lEG8wdUhC1iCbyMcDWYmGfusg0zWqmUYgRYjztjCPsVgdu93arkuSA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 833b3e3f4bcd5688-OSL
content-encoding: br
X-Firefox-Spdy: h2

GET upfilesurls.com/UCqw?token=eyJpdiI6IjZRdloxMlZqQk5sSkF4ZXNkNHZGakE9PSIsInZhbHVlIjoiNFJRTnoreStnMUlXM1JSbFI5TVR4QT09IiwibWFjIjoiZjQ1NjM3YTQ5MzMzMTkyOWQ3ZjQwOGQxMGVjYWM1NDU1MGQ3NWY4NjgzMTdkMWUxNmEyOGJmMTRlNTBiZGQyZCIsInRhZyI6IiJ9

172.67.71.90

302 Found

720 B

URL User Request GET HTTP/2
upfilesurls.com/UCqw?token=eyJpdiI6IjZRdloxMlZqQk5sSkF4ZXNkNHZGakE9PSIsInZhbHVlIjoiNFJRTnoreStnMUlXM1JSbFI5TVR4QT09IiwibWFjIjoiZjQ1NjM3YTQ5MzMzMTkyOWQ3ZjQwOGQxMGVjYWM1NDU1MGQ3NWY4NjgzMTdkMWUxNmEyOGJmMTRlNTBiZGQyZCIsInRhZyI6IiJ9
IP
172.67.71.90:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
FingerprintC4:06:EA:F3:4B:AA:F0:43:B3:17:05:E3:66:A4:76:2C:54:9D:91:CF
ValidityMon, 20 Nov 2023 19:51:53 GMT - Sun, 18 Feb 2024 19:51:52 GMT

File type
data
Size
720 B (720 bytes)
Hash
b53081a16cbc486b5405711bd847e702
d48d111ca3cf627579f24402eac39581906c85c9
d7dab1f3bec52aa98c48dd8b3c742d98ce98814645864c1dec2b4d6b0f88054d

HTTP Headers

GET /UCqw?token=eyJpdiI6IjZRdloxMlZqQk5sSkF4ZXNkNHZGakE9PSIsInZhbHVlIjoiNFJRTnoreStnMUlXM1JSbFI5TVR4QT09IiwibWFjIjoiZjQ1NjM3YTQ5MzMzMTkyOWQ3ZjQwOGQxMGVjYWM1NDU1MGQ3NWY4NjgzMTdkMWUxNmEyOGJmMTRlNTBiZGQyZCIsInRhZyI6IiJ9 HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Mon, 11 Dec 2023 05:14:16 GMT
content-type: text/html; charset=UTF-8
location: https://upfilesurls.com/UCqw
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6IlNDNGdjVWJpZTVPS1dLSnM3Q2JvTnc9PSIsInZhbHVlIjoiWmpuekRuSFBqd3Q4Mys0RHIyRUNUaG1GQzFVQnE1Q3h3MU8xeXhwNm5GSElSUEpoRGNwS1RLTnFkWGRnbEpKd0lvRzdsK0g3bWJwUlBiSzk5NVU4TEM0aGRvSjMwV1NuZG03blc0N3pzNTR2Q1IvOW52Yks2aEN0RTU0L2p5MSsiLCJtYWMiOiJlNjk2MDZkY2MzNWRmMmQyZGZhNzExMzFkZGIzOWU5M2EwNjBiYmZhMjdlZjZjNWMxNDZmZTE2MmY0ZmI2MTZmIiwidGFnIjoiIn0%3D; expires=Mon, 18-Dec-2023 05:14:16 GMT; Max-Age=604800; path=/; samesite=lax
upfiles_session=eyJpdiI6InpoODZIaFdTdUhZdERSQTY4SzY0WlE9PSIsInZhbHVlIjoiSkpHcTdvNFRqTGU0TlgybHkrSlNZdldlc2pOVFEvaDREREpHeVYrRmdPM0p1UHMxd1ZxQ0J5Y2pwWnNBSmZ4ODRtTlorc0kxV29MOVp0TVJnd0hOUFdNdWFKbTNtRUw3TzdlSTVRcXhPY1ZPL2NhWURLNURVNXlVWnZTMWFMTngiLCJtYWMiOiI5YzU2MzNlM2JjNDllZWU3Mzc4ODhkMWYwZmJhYzk5ZTEyNTY1YTE2NzVhNzE1MmM3MjViZjMyMGJiYzdmZGFmIiwidGFnIjoiIn0%3D; expires=Mon, 18-Dec-2023 05:14:16 GMT; Max-Age=604800; path=/; httponly; samesite=lax
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ayBG%2F9BBLBrr27lRh9RVkeOaQrFkZKgPdb%2BLN%2Fgqe6cbGfnNRNEaE4kK5wgbQ8bRkqiDQlZuDQJqmuADxqsrcfj0gRMcqjOKDd50OXCapR9Cr1VQOhznMiuAuShVoHKow%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 833b3e3baaa35688-OSL
X-Firefox-Spdy: h2

HEAD live.demand.supply/x/e.js?ce=fs&dsReferer=dXBmaWxlc3VybHMuY29tL1VDcXc=

104.16.134.22

200 OK

0 B

URL HEAD HTTP/3
live.demand.supply/x/e.js?ce=fs&dsReferer=dXBmaWxlc3VybHMuY29tL1VDcXc=
IP
104.16.134.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/UCqw
Certificate
IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /x/e.js?ce=fs&dsReferer=dXBmaWxlc3VybHMuY29tL1VDcXc= HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 11 Dec 2023 05:14:17 GMT
content-type: application/javascript; charset=UTF-8
content-length: 1
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=2
etag: "901b70ae40b5b064aef6259e869a717e-ssl"
strict-transport-security: max-age=31536000
x-nf-request-id: 01HEWCA4FYGBGVP04DSNK46G58
cf-cache-status: HIT
age: 1643987
accept-ranges: bytes
set-cookie: __cf_bm=zTGfU1jJ.JDoGX.dcks7kMlnT4rNj5pb85AWV6Hxc3Q-1702271657-1-AV0wHM6J1yrDv0mmYqL/C03bbh0tgBfl9cCQpSwzJd+qExK1q7lcMhqMzVudzlNvsfEoDtECZQT2FDSCv8URevY=; path=/; expires=Mon, 11-Dec-23 05:44:17 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 833b3e457cbd712d-OSL
alt-svc: h3=":443"; ma=86400

HEAD live.demand.supply/e/e.js?r=upfilesurls.com_auto_interstitial_desktop&sn=1&ific=true&e=iar2&dsReferer=dXBmaWxlc3VybHMuY29tL1VDcXc=

104.16.134.22

200 OK

0 B

URL HEAD HTTP/3
live.demand.supply/e/e.js?r=upfilesurls.com_auto_interstitial_desktop&sn=1&ific=true&e=iar2&dsReferer=dXBmaWxlc3VybHMuY29tL1VDcXc=
IP
104.16.134.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/UCqw
Certificate
IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /e/e.js?r=upfilesurls.com_auto_interstitial_desktop&sn=1&ific=true&e=iar2&dsReferer=dXBmaWxlc3VybHMuY29tL1VDcXc= HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 11 Dec 2023 05:14:17 GMT
content-type: application/javascript; charset=UTF-8
content-length: 1
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=2
etag: "a49e9f0a501edbf396bf43092ec1efa3-ssl"
strict-transport-security: max-age=31536000
x-nf-request-id: 01HGASW7J1MD8TRYJ5PSP508YH
cf-cache-status: HIT
age: 211761
accept-ranges: bytes
set-cookie: __cf_bm=WbBbxAViMK3Em6QlcmnN3wQeL0KMOawG7.QisGMTjRE-1702271657-1-ASfGLModo5gOnj0bp3ZCQI+71NQkWlD6J+JRYxI53LJ8yyv+0OSor3zK1EjY25Bno5bs4OKsBEuxVl4eSBN3UeE=; path=/; expires=Mon, 11-Dec-23 05:44:17 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 833b3e457cbf712d-OSL
alt-svc: h3=":443"; ma=86400

GET dasensiblem.org/utx?cb=EjY0vorrgSwK&top=upfilesurls.com&tid=996601

52.85.242.98

204 No Content

0 B

URL GET HTTP/2
dasensiblem.org/utx?cb=EjY0vorrgSwK&top=upfilesurls.com&tid=996601
IP
52.85.242.98:443
ASN
#16509 AMAZON-02

Requested by
https://upfilesurls.com/UCqw
Certificate
IssuerAmazon
Subjectdasensiblem.org
FingerprintAD:A1:72:CC:94:7F:76:62:4A:62:D6:B6:D9:BF:27:DE:3D:96:21:A6
ValidityFri, 08 Dec 2023 00:00:00 GMT - Mon, 06 Jan 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /utx?cb=EjY0vorrgSwK&top=upfilesurls.com&tid=996601 HTTP/1.1
Host: dasensiblem.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Mon, 11 Dec 2023 05:14:17 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://upfilesurls.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 11 Dec 2023 05:15:17 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 b4b5a8fc69875a192be2508de7e5a5e8.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: pPpeqeDuW4DDbe5sfHFkr-f56e_-nv4kKPH3SjLFsd8pkhsH5tv5Gg==
X-Firefox-Spdy: h2

GET dasensiblem.org/utx?cb=q080JxqZyEU0&top=upfilesurls.com&tid=1010617

52.85.242.98

204 No Content

0 B

URL GET HTTP/2
dasensiblem.org/utx?cb=q080JxqZyEU0&top=upfilesurls.com&tid=1010617
IP
52.85.242.98:443
ASN
#16509 AMAZON-02

Requested by
https://upfilesurls.com/UCqw
Certificate
IssuerAmazon
Subjectdasensiblem.org
FingerprintAD:A1:72:CC:94:7F:76:62:4A:62:D6:B6:D9:BF:27:DE:3D:96:21:A6
ValidityFri, 08 Dec 2023 00:00:00 GMT - Mon, 06 Jan 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /utx?cb=q080JxqZyEU0&top=upfilesurls.com&tid=1010617 HTTP/1.1
Host: dasensiblem.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Mon, 11 Dec 2023 05:14:17 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://upfilesurls.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 11 Dec 2023 05:15:17 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 b4b5a8fc69875a192be2508de7e5a5e8.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: Qg9OvW7tz68ggT42XXe1COy3tRtemf5Om6Q64AZzPojN5D9XUuiqmg==
X-Firefox-Spdy: h2

HEAD live.demand.supply/e/e.js?r=upfilesurls.com_fluid_lb%2Bsq_firstpageafterbutton_1&e=empdr&dsReferer=dXBmaWxlc3VybHMuY29tL1VDcXc=

104.16.134.22

200 OK

0 B

URL HEAD HTTP/3
live.demand.supply/e/e.js?r=upfilesurls.com_fluid_lb%2Bsq_firstpageafterbutton_1&e=empdr&dsReferer=dXBmaWxlc3VybHMuY29tL1VDcXc=
IP
104.16.134.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/UCqw
Certificate
IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /e/e.js?r=upfilesurls.com_fluid_lb%2Bsq_firstpageafterbutton_1&e=empdr&dsReferer=dXBmaWxlc3VybHMuY29tL1VDcXc= HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 11 Dec 2023 05:14:18 GMT
content-type: application/javascript; charset=UTF-8
content-length: 1
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=2
etag: "a49e9f0a501edbf396bf43092ec1efa3-ssl"
strict-transport-security: max-age=31536000
x-nf-request-id: 01HGASW7J1MD8TRYJ5PSP508YH
cf-cache-status: HIT
age: 211762
accept-ranges: bytes
set-cookie: __cf_bm=3417y6Ss_nWkUB_zD7ncEBn9S.81Flvv6eV2KhxnU7g-1702271658-1-AbDDi6FRdc+DW/1i2RkewTmI8VipiWXwXixhTHLOOGGnfR4LQGmnIPALqWOW2Lew/BtD/XA7uCMcYuFnetC2D0o=; path=/; expires=Mon, 11-Dec-23 05:44:18 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 833b3e482d9b712d-OSL
alt-svc: h3=":443"; ma=86400

HEAD live.demand.supply/e/e.js?r=upfilesurls.com_fluid_lb%2Bsq_firstpagebeforetitle_1&e=empdr&dsReferer=dXBmaWxlc3VybHMuY29tL1VDcXc=

104.16.134.22

200 OK

0 B

URL HEAD HTTP/3
live.demand.supply/e/e.js?r=upfilesurls.com_fluid_lb%2Bsq_firstpagebeforetitle_1&e=empdr&dsReferer=dXBmaWxlc3VybHMuY29tL1VDcXc=
IP
104.16.134.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/UCqw
Certificate
IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /e/e.js?r=upfilesurls.com_fluid_lb%2Bsq_firstpagebeforetitle_1&e=empdr&dsReferer=dXBmaWxlc3VybHMuY29tL1VDcXc= HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 11 Dec 2023 05:14:18 GMT
content-type: application/javascript; charset=UTF-8
content-length: 1
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=2
etag: "a49e9f0a501edbf396bf43092ec1efa3-ssl"
strict-transport-security: max-age=31536000
x-nf-request-id: 01HGASW7J1MD8TRYJ5PSP508YH
cf-cache-status: HIT
age: 211762
accept-ranges: bytes
set-cookie: __cf_bm=pOxYQgEgt_sKVsWZ_SVF2DGXvIfj4O4Lco5GRdGmtr4-1702271658-1-ATBCIrZRWIslMaZRUN05Ft5d1wcRpZBaVPa57vauY/Ruf4xeqzxktrlVEzyE78kOKKBXU6DcQf35KMwOFGhUgp4=; path=/; expires=Mon, 11-Dec-23 05:44:18 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 833b3e482d9a712d-OSL
alt-svc: h3=":443"; ma=86400

GET accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASKXGp20h7mz04sI_hXSLMxMC3pSxyrnxaRRFjP2WicyFHnt_VmnmggdZG9-oigldmLeG45qwNRJ9g

64.233.161.84

302 Found

400 B

URL GET HTTP/3
accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASKXGp20h7mz04sI_hXSLMxMC3pSxyrnxaRRFjP2WicyFHnt_VmnmggdZG9-oigldmLeG45qwNRJ9g
IP
64.233.161.84:443
ASN
#15169 GOOGLE

Requested by
https://upfilesurls.com/UCqw
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:3A:D9:47:14:B0:78:30:A1:BF:B4:45:F6:F5:81:AD:0A:C7:76:89
ValidityMon, 20 Nov 2023 08:02:55 GMT - Mon, 12 Feb 2024 08:02:54 GMT

File type
HTML document text - HTML document text - HTML document text - HTML document, ASCII text, with very long lines (395)
Size
400 B (400 bytes)
Hash
5c56425e543970d26775296a114b1051
943066e4cdc3eb4709baf3bc4a3874e303145fd5
9f0205aac62de2defd8b89092c438881dba22fdb3db2c6575757c58214371211

HTTP Headers

GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASKXGp20h7mz04sI_hXSLMxMC3pSxyrnxaRRFjP2WicyFHnt_VmnmggdZG9-oigldmLeG45qwNRJ9g HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:qxNJFTjczA1H8pGl_Th4VcbxWVy3Vw:4pGkme4HyjB2c-MA;Path=/;Expires=Wed, 10-Dec-2025 05:14:18 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 11 Dec 2023 05:14:18 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp1pjxuBR3BuTFgjk-_J-bO9pR8f1rb5V1cq_75s3cyUDhOP2b6YBs2MPBsFu0_sbVWENtgF1A&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1040791261%3A1702271658376186&theme=glif
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-oMuQ84PZPU5YDuTImplqEw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 400
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp1aTIyFcOR8ZOR7kdPXN_43hP_9KBW18u6r77JRkwxpFuwI1eE7s461Gak63PqBr9dfxogWJQ

64.233.161.84

302 Found

403 B

URL GET HTTP/3
accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp1aTIyFcOR8ZOR7kdPXN_43hP_9KBW18u6r77JRkwxpFuwI1eE7s461Gak63PqBr9dfxogWJQ
IP
64.233.161.84:443
ASN
#15169 GOOGLE

Requested by
https://upfilesurls.com/UCqw
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:3A:D9:47:14:B0:78:30:A1:BF:B4:45:F6:F5:81:AD:0A:C7:76:89
ValidityMon, 20 Nov 2023 08:02:55 GMT - Mon, 12 Feb 2024 08:02:54 GMT

File type
HTML document text - HTML document text - HTML document text - HTML document, ASCII text, with very long lines (399)
Size
403 B (403 bytes)
Hash
bbed76a9f076960f64f0b116efe3de53
36e220a4c2283ba85d10d977afa4f1679cdd4266
4eb67eed8d6dff8a61dd798abf56b2273b12a6e334fe5903027cfe9b10a3ec8b

HTTP Headers

GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp1aTIyFcOR8ZOR7kdPXN_43hP_9KBW18u6r77JRkwxpFuwI1eE7s461Gak63PqBr9dfxogWJQ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:hTIZCksF-D6JQcfxI0sH2t0HFHcd-w:qLcVTksade9LTUHW;Path=/;Expires=Wed, 10-Dec-2025 05:14:18 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 11 Dec 2023 05:14:18 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp29ZECJcXmaEvf7vNraZEw646lqfa5P6xBCYHbRh2PczNyZpjteiiJNM7CPvRdetueJcp_7yQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1761918031%3A1702271658380563&theme=glif
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-upT3VVMypS22MYX-1lcyag' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 403
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__en.js

142.250.74.35

200 OK

205 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://upfilesurls.com/UCqw
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1
ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT

File type
ASCII text, with very long lines (568)
Size
205 kB (204921 bytes)
Hash
af51eb6ced1afe3f0f11ee679198808c
02b9d6a7a54f930807a01ae3cdcf462862925b40
6788908efcff931e3c0c4fb54a255932414a22e81971dcc1427c8a4f459a1fbf

HTTP Headers

GET /recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 204921
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 09 Dec 2023 21:16:49 GMT
expires: Sun, 08 Dec 2024 21:16:49 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 04 Dec 2023 17:08:31 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 115049
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET pogothere.xyz/asd100.bin

188.114.96.1

200 OK

102 kB

URL GET HTTP/2
pogothere.xyz/asd100.bin
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/UCqw
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT

File type
data
Size
102 kB (102400 bytes)
Hash
4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

HTTP Headers

GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 11 Dec 2023 05:14:17 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://upfilesurls.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 6963
last-modified: Mon, 11 Dec 2023 03:18:14 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F9nnbuI0fObRdE47HXVH4eOnYmlx1d%2BvsA4WRl0OGpXkabQ3LDI2MKMmI0aNoEQE2CFTB2NRev%2FFgnKRPU%2FtutTcfa8b8FExtpC72svcZqXQpfqR%2BlDIlKQ8HgvaiQ5d"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 833b3e45ca2056b7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

HEAD pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

142.250.74.130

200 OK

0 B

URL HEAD HTTP/2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP
142.250.74.130:443
ASN
#15169 GOOGLE

Requested by
https://upfilesurls.com/UCqw
Certificate
IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint69:F5:F0:31:0E:FD:67:62:BD:FA:40:0F:5B:17:0F:D2:EE:31:3D:79
ValidityMon, 20 Nov 2023 08:02:50 GMT - Mon, 12 Feb 2024 08:02:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 11 Dec 2023 05:14:18 GMT
expires: Mon, 11 Dec 2023 05:14:18 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 1679522567608060344
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 51761
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET upfilesurls.com/js/ads.js

172.67.71.90

200 OK

1.5 kB

URL GET HTTP/2
upfilesurls.com/js/ads.js
IP
172.67.71.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/UCqw
Certificate
IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
FingerprintC4:06:EA:F3:4B:AA:F0:43:B3:17:05:E3:66:A4:76:2C:54:9D:91:CF
ValidityMon, 20 Nov 2023 19:51:53 GMT - Sun, 18 Feb 2024 19:51:52 GMT

File type
ASCII text, with very long lines (1551), with no line terminators
Size
1.5 kB (1544 bytes)
Hash
18062be5f40e561d47292c4c3e16e968
a527704208e4e365d0119360f6dd5fb1ce8eb3c8
63e619bf91f115635c5f302e9352cca845a7c498eaef9c2fee9b50a16001be37

HTTP Headers

GET /js/ads.js HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/UCqw
Cookie: XSRF-TOKEN=eyJpdiI6InlENVlZMkk1ZDB4MTllVzR5RUc2OFE9PSIsInZhbHVlIjoiOUZtUGVWay9YUjBIdG9DRi9JRUVEUEVaU2ZaMXFzeTM3T1Fhc0pmL3phdEhUcWM0REdUbzVXVjNNYVZZS1A5UkNITmNGQjVxd2phZ1hxaXJsY2VSS2lqTWNudURtcllSNWoyRGdqdXd0YVdrdjl6RExjZnpLWWZEeXczZTc2SnQiLCJtYWMiOiJlZTA5MTcwMzlkMmJkZDQ3OGZmOWNjNmMzMTY2YjQ1MTUwZGU2OWI5ZDY3YzA0MzM2YjBhMzFhZDhlNDgwMmQ5IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InZhbE91RVppSENSWklyc1ZodnhnRnc9PSIsInZhbHVlIjoiZmI0K2MwMm5hUW5rVFFqTW5ZNER0UzVJbHFXTlIrUS92MzFQei90SkNEWVYwUHJhWktqSjZmYVZPc2QyNVBRTG8rN0JvazN6dFFaUGEzUHZ3RHg2cHVyemJsUE5URDY2bXNxcXZrR0hiQnVlR2IzcjRaQWJKV0FYZDN4MEswNU8iLCJtYWMiOiI4MWFkZTk1M2UyNTJhNzcxM2M1NDc4MDU1MGJhOGI4MzEwNWQ2MTVhNWNmNGYzZTc5MWE4ZjBmYjUzNjI4ODFhIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 11 Dec 2023 05:14:16 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-bgj: minify
etag: W/"63baab19-608"
last-modified: Sun, 08 Jan 2023 11:38:01 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1634526
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w2KicdI5UwGPl%2B0wO3rJgOus9WyFCWj13Z337pUEk%2BBb3kOe0Oxh%2FatZn8Kx8WcoHCsG7apXJi4z5Dc8r%2FTSM2m3GxjD2ytXe%2BA3009SB%2BVFW5TLz0X8r%2BfKODwmwS0BGw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 833b3e3f5bd55688-OSL
content-encoding: br
X-Firefox-Spdy: h2

GET asverymuc.org/popunder.gif

188.114.96.1

200 OK

35 B

URL GET HTTP/3
asverymuc.org/popunder.gif
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/UCqw
Certificate
IssuerGoogle Trust Services LLC
Subjectasverymuc.org
Fingerprint3D:47:FF:77:5C:9C:A6:46:E8:F5:28:57:7A:8A:77:05:17:3D:3A:07
ValidityFri, 08 Dec 2023 05:28:24 GMT - Thu, 07 Mar 2024 05:28:23 GMT

File type
GIF image data, version 89a, 1 x 1 - data
Size
35 B (35 bytes)
Hash
28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

HTTP Headers

GET /popunder.gif HTTP/1.1
Host: asverymuc.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 11 Dec 2023 05:14:18 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 66187
last-modified: Sun, 10 Dec 2023 10:51:11 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sF%2FM9FIm2pN8xQm%2BxIDnQXl7ex7gWXQGiB2UPV7O5DWSXJM8M0aTYC0NvaRfaF%2FfP33SkysrFytVkSyKrgPTE9ysj1cpKqQ1UCOtjP58sBV9yXz0we1rHcyGmr7qvClv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 833b3e485dc8b4eb-OSL
alt-svc: h3=":443"; ma=86400

GET upfilesurls.com/favicon.ico

172.67.71.90

200 OK

1.5 kB

URL GET HTTP/2
upfilesurls.com/favicon.ico
IP
172.67.71.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/UCqw
Certificate
IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
FingerprintC4:06:EA:F3:4B:AA:F0:43:B3:17:05:E3:66:A4:76:2C:54:9D:91:CF
ValidityMon, 20 Nov 2023 19:51:53 GMT - Sun, 18 Feb 2024 19:51:52 GMT

File type
MS Windows icon resource - 1 icon, 32x32 with PNG image data, 32 x 32, 8-bit colormap, non-interlaced, 32 bits/pixel - data
Size
1.5 kB (1464 bytes)
Hash
ba3a9d1041ae9a7a655f9632756b1e92
fbb065d1df15871da0b7df14ca22041a729dda88
180c85c0caca07f8411a77e2392751d979f74982f0ed7062a0093b322924f38f

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/UCqw
Cookie: XSRF-TOKEN=eyJpdiI6InlENVlZMkk1ZDB4MTllVzR5RUc2OFE9PSIsInZhbHVlIjoiOUZtUGVWay9YUjBIdG9DRi9JRUVEUEVaU2ZaMXFzeTM3T1Fhc0pmL3phdEhUcWM0REdUbzVXVjNNYVZZS1A5UkNITmNGQjVxd2phZ1hxaXJsY2VSS2lqTWNudURtcllSNWoyRGdqdXd0YVdrdjl6RExjZnpLWWZEeXczZTc2SnQiLCJtYWMiOiJlZTA5MTcwMzlkMmJkZDQ3OGZmOWNjNmMzMTY2YjQ1MTUwZGU2OWI5ZDY3YzA0MzM2YjBhMzFhZDhlNDgwMmQ5IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InZhbE91RVppSENSWklyc1ZodnhnRnc9PSIsInZhbHVlIjoiZmI0K2MwMm5hUW5rVFFqTW5ZNER0UzVJbHFXTlIrUS92MzFQei90SkNEWVYwUHJhWktqSjZmYVZPc2QyNVBRTG8rN0JvazN6dFFaUGEzUHZ3RHg2cHVyemJsUE5URDY2bXNxcXZrR0hiQnVlR2IzcjRaQWJKV0FYZDN4MEswNU8iLCJtYWMiOiI4MWFkZTk1M2UyNTJhNzcxM2M1NDc4MDU1MGJhOGI4MzEwNWQ2MTVhNWNmNGYzZTc5MWE4ZjBmYjUzNjI4ODFhIiwidGFnIjoiIn0%3D; ab=1; cf_clearance=m.sOuGici1oSdjoo7JzGGFdu8n.QF1Dx6cbzFQIa00U-1702271657-0-1-730ca2d2.57dbd4fb.240dfd32-0.2.1702271657
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 11 Dec 2023 05:14:17 GMT
content-type: image/x-icon
last-modified: Fri, 08 Apr 2022 10:55:45 GMT
vary: Accept-Encoding
etag: W/"625014b1-5b8"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 13
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qDTLky%2BSLpn3ogSN28EdUq422Y1bxKMtcaH8B89T%2BSW064HUYH3T82W5nYKAfSmlijoVozgO6HPpWSW2LTzrHR71Xk6qvQbI5kwf%2BJtdwcL1oJct5r4kSxAHD65%2BQJVkPg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 833b3e450e8e5688-OSL
content-encoding: br
X-Firefox-Spdy: h2

GET dasensiblem.org/QWtzVWYgCRA4WSBWEXMTMwdOcFQHTkETAjddRWYAIltFMVV0Al02Ci4eFzMULgUHewgkH1ZnIBEOOxs+FwcqNy4FAAQ0NzYKPmcSNzomAw4bBhcwIRI6RhonKSQ+LzMFOiYUQ3MpNhRSICAZEAUiKgQfK3MfHg0OeVk8ESAHPSccUg8+JRYFFQgKEg10ARAWLwgjNy0UCxw2DzY7AB8UDiZOQRcrLyo9EAsuXDwELyAkCTpVGT42Bz9yAzoDCxcGFTJeICQnHFMFHDEsPAYyJBdVCwApPgoFDiQPHBIRNSw8BjIjEgwtDCo5VwAtKxsNEioHPT8vJT8YPmwhGA8BLi0QODMZOCYbDyQsKQcwLD0eGDRxOiMRCjs4GQMKGwYXHDdzMR4PV3ApKS8nZFk1Fg4YEzwGUyU6IRMIGwBCMTxyKhkHMwhNGSYJLxtOMQUUUkA8IBkJKjMs

52.85.242.98

200 OK

3.0 kB

URL GET HTTP/2
dasensiblem.org/QWtzVWYgCRA4WSBWEXMTMwdOcFQHTkETAjddRWYAIltFMVV0Al02Ci4eFzMULgUHewgkH1ZnIBEOOxs+FwcqNy4FAAQ0NzYKPmcSNzomAw4bBhcwIRI6RhonKSQ+LzMFOiYUQ3MpNhRSICAZEAUiKgQfK3MfHg0OeVk8ESAHPSccUg8+JRYFFQgKEg10ARAWLwgjNy0UCxw2DzY7AB8UDiZOQRcrLyo9EAsuXDwELyAkCTpVGT42Bz9yAzoDCxcGFTJeICQnHFMFHDEsPAYyJBdVCwApPgoFDiQPHBIRNSw8BjIjEgwtDCo5VwAtKxsNEioHPT8vJT8YPmwhGA8BLi0QODMZOCYbDyQsKQcwLD0eGDRxOiMRCjs4GQMKGwYXHDdzMR4PV3ApKS8nZFk1Fg4YEzwGUyU6IRMIGwBCMTxyKhkHMwhNGSYJLxtOMQUUUkA8IBkJKjMs
IP
52.85.242.98:443
ASN
#16509 AMAZON-02

Requested by
https://upfilesurls.com/UCqw
Certificate
IssuerAmazon
Subjectdasensiblem.org
FingerprintAD:A1:72:CC:94:7F:76:62:4A:62:D6:B6:D9:BF:27:DE:3D:96:21:A6
ValidityFri, 08 Dec 2023 00:00:00 GMT - Mon, 06 Jan 2025 23:59:59 GMT

File type
HTML document text - HTML document text - HTML document text - HTML document text - exported SGML document, ASCII text, with very long lines (3067), with no line terminators
Size
3.0 kB (3041 bytes)
Hash
05526d7ffc5651616d4e9f0851a6de50
21d2fde9a33a9f0e57fc334f9fc161702d054ace
c58986a5013488edda866d9e21b58391c045524c2dfcc128fb3c80407e61675e

HTTP Headers

GET /QWtzVWYgCRA4WSBWEXMTMwdOcFQHTkETAjddRWYAIltFMVV0Al02Ci4eFzMULgUHewgkH1ZnIBEOOxs+FwcqNy4FAAQ0NzYKPmcSNzomAw4bBhcwIRI6RhonKSQ+LzMFOiYUQ3MpNhRSICAZEAUiKgQfK3MfHg0OeVk8ESAHPSccUg8+JRYFFQgKEg10ARAWLwgjNy0UCxw2DzY7AB8UDiZOQRcrLyo9EAsuXDwELyAkCTpVGT42Bz9yAzoDCxcGFTJeICQnHFMFHDEsPAYyJBdVCwApPgoFDiQPHBIRNSw8BjIjEgwtDCo5VwAtKxsNEioHPT8vJT8YPmwhGA8BLi0QODMZOCYbDyQsKQcwLD0eGDRxOiMRCjs4GQMKGwYXHDdzMR4PV3ApKS8nZFk1Fg4YEzwGUyU6IRMIGwBCMTxyKhkHMwhNGSYJLxtOMQUUUkA8IBkJKjMs HTTP/1.1
Host: dasensiblem.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html
content-length: 1191
date: Mon, 11 Dec 2023 05:14:17 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 b4b5a8fc69875a192be2508de7e5a5e8.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: qFvXO0VPAusHPFPcOT6xkk5FNb94EXnLIh9UhCTGtrSPYw_eBqy2yA==
X-Firefox-Spdy: h2

GET upfilesurls.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

172.67.71.90

302 Found

7.4 kB

URL GET HTTP/2
upfilesurls.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
172.67.71.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/UCqw
Certificate
IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
FingerprintC4:06:EA:F3:4B:AA:F0:43:B3:17:05:E3:66:A4:76:2C:54:9D:91:CF
ValidityMon, 20 Nov 2023 19:51:53 GMT - Sun, 18 Feb 2024 19:51:52 GMT

File type

Size
7.4 kB (7379 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InlENVlZMkk1ZDB4MTllVzR5RUc2OFE9PSIsInZhbHVlIjoiOUZtUGVWay9YUjBIdG9DRi9JRUVEUEVaU2ZaMXFzeTM3T1Fhc0pmL3phdEhUcWM0REdUbzVXVjNNYVZZS1A5UkNITmNGQjVxd2phZ1hxaXJsY2VSS2lqTWNudURtcllSNWoyRGdqdXd0YVdrdjl6RExjZnpLWWZEeXczZTc2SnQiLCJtYWMiOiJlZTA5MTcwMzlkMmJkZDQ3OGZmOWNjNmMzMTY2YjQ1MTUwZGU2OWI5ZDY3YzA0MzM2YjBhMzFhZDhlNDgwMmQ5IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InZhbE91RVppSENSWklyc1ZodnhnRnc9PSIsInZhbHVlIjoiZmI0K2MwMm5hUW5rVFFqTW5ZNER0UzVJbHFXTlIrUS92MzFQei90SkNEWVYwUHJhWktqSjZmYVZPc2QyNVBRTG8rN0JvazN6dFFaUGEzUHZ3RHg2cHVyemJsUE5URDY2bXNxcXZrR0hiQnVlR2IzcjRaQWJKV0FYZDN4MEswNU8iLCJtYWMiOiI4MWFkZTk1M2UyNTJhNzcxM2M1NDc4MDU1MGJhOGI4MzEwNWQ2MTVhNWNmNGYzZTc5MWE4ZjBmYjUzNjI4ODFhIiwidGFnIjoiIn0%3D; ab=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Mon, 11 Dec 2023 05:14:17 GMT
access-control-allow-origin: *
cache-control: max-age=300, public
vary: accept-encoding
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GJ52U3a0QtxyuQAeJ8okvRBv%2FVo%2BmWpx5R4u4vqsG35ETIRVqK%2F5cPU4i%2Fmq2cq4BRruM6%2FSW%2BAiPtPRCf%2FTQRy7P0MlRAqJWDvAeio6sF%2FzWhYUNecPN5xcvWey3JYO7w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 833b3e43ae0f5688-OSL
X-Firefox-Spdy: h2

GET accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube

64.233.161.84

302 Found

0 B

URL GET HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
64.233.161.84:443
ASN
#15169 GOOGLE

Requested by
https://upfilesurls.com/UCqw
Certificate
IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
FingerprintF3:FB:54:1B:21:E9:69:01:41:02:BB:D0:97:A2:BA:45:72:5A:71:D8
ValidityMon, 20 Nov 2023 08:09:49 GMT - Mon, 12 Feb 2024 08:09:48 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:eVGf3kyxUlAe5KsSeSD6ttgkqmavUw:-ZRRtBMv6oXPfiIg; Expires=Wed, 10-Dec-2025 05:14:17 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 11 Dec 2023 05:14:17 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp1aTIyFcOR8ZOR7kdPXN_43hP_9KBW18u6r77JRkwxpFuwI1eE7s461Gak63PqBr9dfxogWJQ
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-YEeY4M6Xo8t_C5l6BaqCqg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET upfilesurls.com/UCqw

172.67.71.90

200 OK

93 kB

URL User Request GET HTTP/2
upfilesurls.com/UCqw
IP
172.67.71.90:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
FingerprintC4:06:EA:F3:4B:AA:F0:43:B3:17:05:E3:66:A4:76:2C:54:9D:91:CF
ValidityMon, 20 Nov 2023 19:51:53 GMT - Sun, 18 Feb 2024 19:51:52 GMT

File type
HTML document text - HTML document text - HTML document text - HTML document text - HTML document text - HTML document text - exported SGML document, ASCII text, with very long lines (59319)
Size
93 kB (93415 bytes)
Hash
cb9a61a4c060dcc95c7d8caf7d46d4ed
995649792708114da82e622c1ff2820f916e9123
856046b2194f2a605bd96100246c4af346e1dd9e0c8495399a8426ba554e59b7

HTTP Headers

GET /UCqw HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlNDNGdjVWJpZTVPS1dLSnM3Q2JvTnc9PSIsInZhbHVlIjoiWmpuekRuSFBqd3Q4Mys0RHIyRUNUaG1GQzFVQnE1Q3h3MU8xeXhwNm5GSElSUEpoRGNwS1RLTnFkWGRnbEpKd0lvRzdsK0g3bWJwUlBiSzk5NVU4TEM0aGRvSjMwV1NuZG03blc0N3pzNTR2Q1IvOW52Yks2aEN0RTU0L2p5MSsiLCJtYWMiOiJlNjk2MDZkY2MzNWRmMmQyZGZhNzExMzFkZGIzOWU5M2EwNjBiYmZhMjdlZjZjNWMxNDZmZTE2MmY0ZmI2MTZmIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InpoODZIaFdTdUhZdERSQTY4SzY0WlE9PSIsInZhbHVlIjoiSkpHcTdvNFRqTGU0TlgybHkrSlNZdldlc2pOVFEvaDREREpHeVYrRmdPM0p1UHMxd1ZxQ0J5Y2pwWnNBSmZ4ODRtTlorc0kxV29MOVp0TVJnd0hOUFdNdWFKbTNtRUw3TzdlSTVRcXhPY1ZPL2NhWURLNURVNXlVWnZTMWFMTngiLCJtYWMiOiI5YzU2MzNlM2JjNDllZWU3Mzc4ODhkMWYwZmJhYzk5ZTEyNTY1YTE2NzVhNzE1MmM3MjViZjMyMGJiYzdmZGFmIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 11 Dec 2023 05:14:16 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6InlENVlZMkk1ZDB4MTllVzR5RUc2OFE9PSIsInZhbHVlIjoiOUZtUGVWay9YUjBIdG9DRi9JRUVEUEVaU2ZaMXFzeTM3T1Fhc0pmL3phdEhUcWM0REdUbzVXVjNNYVZZS1A5UkNITmNGQjVxd2phZ1hxaXJsY2VSS2lqTWNudURtcllSNWoyRGdqdXd0YVdrdjl6RExjZnpLWWZEeXczZTc2SnQiLCJtYWMiOiJlZTA5MTcwMzlkMmJkZDQ3OGZmOWNjNmMzMTY2YjQ1MTUwZGU2OWI5ZDY3YzA0MzM2YjBhMzFhZDhlNDgwMmQ5IiwidGFnIjoiIn0%3D; expires=Mon, 18-Dec-2023 05:14:16 GMT; Max-Age=604800; path=/; samesite=lax
upfiles_session=eyJpdiI6InZhbE91RVppSENSWklyc1ZodnhnRnc9PSIsInZhbHVlIjoiZmI0K2MwMm5hUW5rVFFqTW5ZNER0UzVJbHFXTlIrUS92MzFQei90SkNEWVYwUHJhWktqSjZmYVZPc2QyNVBRTG8rN0JvazN6dFFaUGEzUHZ3RHg2cHVyemJsUE5URDY2bXNxcXZrR0hiQnVlR2IzcjRaQWJKV0FYZDN4MEswNU8iLCJtYWMiOiI4MWFkZTk1M2UyNTJhNzcxM2M1NDc4MDU1MGJhOGI4MzEwNWQ2MTVhNWNmNGYzZTc5MWE4ZjBmYjUzNjI4ODFhIiwidGFnIjoiIn0%3D; expires=Mon, 18-Dec-2023 05:14:16 GMT; Max-Age=604800; path=/; httponly; samesite=lax
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BO6w6ImEkoinqY%2BkFpQmGiLq7TUswrd0mta4pVPh3FbhSyzg9KT35HJPJyM2hdNj2HQhVwqARtAasZ43QdrD%2BVaDXR0aSgXGLIveoPwwB80y4CodiqR8TXJ2iWOdxQP6Cw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 833b3e3c1ac35688-OSL
content-encoding: br
X-Firefox-Spdy: h2

GET live.demand.supply/p4/v17-24-0/dXBmaWxlc3VybHMuY29tL1VDcXc=

104.16.134.22

200 OK

984 B

URL GET HTTP/3
live.demand.supply/p4/v17-24-0/dXBmaWxlc3VybHMuY29tL1VDcXc=
IP
104.16.134.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/UCqw
Certificate
IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1122), with no line terminators
Size
984 B (984 bytes)
Hash
0115919d18c1acd7d8b793c3f8569dcf
0d638cc0aef4e108cdb8c159b373869dbc719154
08da3e1ded5697974c486a3d3f95d5324709e2155767aacd5c9c6b315ff6b643

HTTP Headers

GET /p4/v17-24-0/dXBmaWxlc3VybHMuY29tL1VDcXc= HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Cookie: demandSupplyTi=ca5c4752-3dcc-4f15-a898-8d9484f87b6d; __cf_bm=HaL49bvEOiHQZdi0RRvIpg4rxLy00VmCg7XipfYs2sQ-1702271657-1-AUV5OvNwiRWXLo29NMtcEL9QyysF5VEo3Ae5ANn05xChbW2a084WOCnK4w1DckfEz2pnvNHQGHCCStnRlfutybE=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 11 Dec 2023 05:14:17 GMT
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
vary: Accept-Encoding
server: cloudflare
cf-ray: 833b3e43f8c05693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET live.demand.supply/impl.v17.24.0.js

104.16.134.22

200 OK

88 kB

URL GET HTTP/3
live.demand.supply/impl.v17.24.0.js
IP
104.16.134.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/UCqw
Certificate
IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT

File type
ASCII text, with very long lines (23263)
Size
88 kB (88081 bytes)
Hash
9b708e2d8560de456abc0ca7170ba689
2faa41210c11ebe437f38db5f1c985a9096180e8
8127d6dfb7da3bc1eb3b7ebc9feba37089d8a0d9b45c69fd71e1490fb091d9f9

HTTP Headers

GET /impl.v17.24.0.js HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Cookie: demandSupplyTi=ca5c4752-3dcc-4f15-a898-8d9484f87b6d; __cf_bm=HaL49bvEOiHQZdi0RRvIpg4rxLy00VmCg7XipfYs2sQ-1702271657-1-AUV5OvNwiRWXLo29NMtcEL9QyysF5VEo3Ae5ANn05xChbW2a084WOCnK4w1DckfEz2pnvNHQGHCCStnRlfutybE=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 11 Dec 2023 05:14:17 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
cache-status: "Netlify Edge"; fwd=miss
cf-bgj: minify
cf-polished: origSize=88264
etag: W/"92d047beda3bde91ddc99a3dc5b31b77-ssl-df"
strict-transport-security: max-age=31536000
timing-allow-origin: *
vary: Accept-Encoding
x-nf-request-id: 01HH0CAFCJ3B652PWFANZN4T5Y
cf-cache-status: HIT
age: 377884
server: cloudflare
cf-ray: 833b3e43e8bf5693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET live.demand.supply/ds.2.html

104.16.134.22

200 OK

413 B

URL GET HTTP/3
live.demand.supply/ds.2.html
IP
104.16.134.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/UCqw
Certificate
IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT

File type
HTML document text - HTML document text - HTML document text - exported SGML document, ASCII text, with very long lines (430), with no line terminators
Size
413 B (413 bytes)
Hash
68dce237203af5e16657b39e1f2e7b46
8084ece9e2500c1a0731aaf8f33290744b174b9c
8534d0076676e85517a298ded722e84bb64abf655fbc565588f76a7e26ad4680

HTTP Headers

GET /ds.2.html HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 11 Dec 2023 05:14:17 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-nf-request-id: 01HFP9N9C4P8K47VBZVVEWGYZG
cf-cache-status: HIT
age: 1637929
set-cookie: __cf_bm=bnrlvouI39B1S4WpOU6daNjbX5olfeWrFvnWk4qj2h0-1702271657-1-AcCNmusl3eu3S+enf4HUgbVPP8VQm6LFp7EQXrYWJxcKkTh769iCeoeTeCzuXmhtGFTgxiXp1XGhB2eWVSkvejw=; path=/; expires=Mon, 11-Dec-23 05:44:17 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 833b3e43f8c25693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET pogothere.xyz/

188.114.96.1

200 OK

26 B

URL GET HTTP/2
pogothere.xyz/
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/UCqw
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
26 B (26 bytes)
Hash
f32f866c969476065c95b28ca2d26741
b6307a5fc16e46a141c421abb3ee54bdbe10f92b
2c62e064400eef2b9e82bd835ef19a698eb3b741c7963f642effb6de755952c6

HTTP Headers

GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 11 Dec 2023 05:14:17 GMT
content-type: text/plain
set-cookie: csu=491907749972099@1@1702271657; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://upfilesurls.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IlwBAzDu5Vpq7U1IZ1PDtAbSiC3irRbC5PLfHk%2FNPOsGAZ7BhaX5jmZNEUpnXjAmB7bI%2F6vBmCo97U5BPSwMVFgyHFPsdkD2sbrtoVjwt6kCL2iX7jzmtN03PbLhqiil"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 833b3e45ba1656b7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET api.demand.supply/v17-24-0/a/upfilesurls.com_fluid_lb+sq_firstpagebeforetitle_1?&dsReferer=dXBmaWxlc3VybHMuY29tL1VDcXc=

104.16.134.22

200 OK

384 B

URL GET HTTP/3
api.demand.supply/v17-24-0/a/upfilesurls.com_fluid_lb+sq_firstpagebeforetitle_1?&dsReferer=dXBmaWxlc3VybHMuY29tL1VDcXc=
IP
104.16.134.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/UCqw
Certificate
IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (454), with no line terminators
Size
384 B (384 bytes)
Hash
da088e1c904bcf2f9408d279e53f1d82
90c52d877026ef166368d8e5d1109d879eeef89d
d7a296b631423689f365179983801424f07601c5a2cf7b8f3f06f63c657140ea

HTTP Headers

GET /v17-24-0/a/upfilesurls.com_fluid_lb+sq_firstpagebeforetitle_1?&dsReferer=dXBmaWxlc3VybHMuY29tL1VDcXc= HTTP/1.1
Host: api.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 11 Dec 2023 05:14:17 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
etag: W/"180-OVg9JRLthBL7VkPwPMHGr3aEz8M"
cf-cache-status: HIT
age: 3252
set-cookie: __cf_bm=051VA6owSkry.8pmMZEiETOGFnhQCxlleonY1kVjQQo-1702271657-1-Ac/a5haIS+SKbpySnqBDjjZjCtBJQcSjPzpSow517aqUx3eov/S73FVQoXSf0UPVHwl107qieO0LXj9lUWzQOLA=; path=/; expires=Mon, 11-Dec-23 05:44:17 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 833b3e458cc4712d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET upfilesurls.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js

172.67.71.90

200 OK

7.4 kB

URL GET HTTP/2
upfilesurls.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
IP
172.67.71.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/UCqw
Certificate
IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
FingerprintC4:06:EA:F3:4B:AA:F0:43:B3:17:05:E3:66:A4:76:2C:54:9D:91:CF
ValidityMon, 20 Nov 2023 19:51:53 GMT - Sun, 18 Feb 2024 19:51:52 GMT

File type
ASCII text, with very long lines (7379), with no line terminators
Size
7.4 kB (7379 bytes)
Hash
550600908575413d460d2d49edd881b2
f7abf563cf5e4346823cff773eea3fef3f6cbbe6
413f40845116ca10254e72df0d79d2afbfc9407c8b4e106ad5772ab82dca3555

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InlENVlZMkk1ZDB4MTllVzR5RUc2OFE9PSIsInZhbHVlIjoiOUZtUGVWay9YUjBIdG9DRi9JRUVEUEVaU2ZaMXFzeTM3T1Fhc0pmL3phdEhUcWM0REdUbzVXVjNNYVZZS1A5UkNITmNGQjVxd2phZ1hxaXJsY2VSS2lqTWNudURtcllSNWoyRGdqdXd0YVdrdjl6RExjZnpLWWZEeXczZTc2SnQiLCJtYWMiOiJlZTA5MTcwMzlkMmJkZDQ3OGZmOWNjNmMzMTY2YjQ1MTUwZGU2OWI5ZDY3YzA0MzM2YjBhMzFhZDhlNDgwMmQ5IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InZhbE91RVppSENSWklyc1ZodnhnRnc9PSIsInZhbHVlIjoiZmI0K2MwMm5hUW5rVFFqTW5ZNER0UzVJbHFXTlIrUS92MzFQei90SkNEWVYwUHJhWktqSjZmYVZPc2QyNVBRTG8rN0JvazN6dFFaUGEzUHZ3RHg2cHVyemJsUE5URDY2bXNxcXZrR0hiQnVlR2IzcjRaQWJKV0FYZDN4MEswNU8iLCJtYWMiOiI4MWFkZTk1M2UyNTJhNzcxM2M1NDc4MDU1MGJhOGI4MzEwNWQ2MTVhNWNmNGYzZTc5MWE4ZjBmYjUzNjI4ODFhIiwidGFnIjoiIn0%3D; ab=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 11 Dec 2023 05:14:17 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
vary: accept-encoding
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R1NELVBSwi1th13ndY03%2FHpxTguAzvywNSZCQWLNm54vmKKwWNmNmVOal3F4jXIxhjGZnmJrIIO1z%2FZGeCztn91gKo08TI3Kvp7%2FMQNNzvFMeuePgqUbOfCEyLnknkeTlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 833b3e440e335688-OSL
content-encoding: br
X-Firefox-Spdy: h2

GET fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap

142.250.74.106

200 OK

18 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://upfilesurls.com/UCqw
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint10:D0:ED:9A:F4:53:C8:99:DE:B6:5E:5C:04:E6:20:0B:68:7D:46:EC
ValidityMon, 20 Nov 2023 08:08:50 GMT - Mon, 12 Feb 2024 08:08:49 GMT

File type
ASCII text
Size
18 kB (18524 bytes)
Hash
46d5857babcdc79465067d5bc6f0516b
a08ea148fdc854daab89bdc95d05379979485024
0f9f9de833d585905809ec4e207ddc9b42190d5660f30c54b25a8c6deb3612df

HTTP Headers

GET /css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 11 Dec 2023 05:14:17 GMT
date: Mon, 11 Dec 2023 05:14:17 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET asverymuc.org/TDM3TFljDFQ/ZAJ1bQQXBGZzLjcNdmUdaCtVUAoaDl4OfRh8ZhE4MCgODnVvegMGaiklVwp9fz9HVjgsPw4GajAiVVhxfzoOBmJqeB0EeHd8FUJxaGpHRy0+cQIRPC04Xwp9bnwBBXtoegYAf217

188.114.96.1

204 No Content

0 B

URL GET HTTP/2
asverymuc.org/TDM3TFljDFQ/ZAJ1bQQXBGZzLjcNdmUdaCtVUAoaDl4OfRh8ZhE4MCgODnVvegMGaiklVwp9fz9HVjgsPw4GajAiVVhxfzoOBmJqeB0EeHd8FUJxaGpHRy0+cQIRPC04Xwp9bnwBBXtoegYAf217
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/UCqw
Certificate
IssuerGoogle Trust Services LLC
Subjectasverymuc.org
Fingerprint3D:47:FF:77:5C:9C:A6:46:E8:F5:28:57:7A:8A:77:05:17:3D:3A:07
ValidityFri, 08 Dec 2023 05:28:24 GMT - Thu, 07 Mar 2024 05:28:23 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /TDM3TFljDFQ/ZAJ1bQQXBGZzLjcNdmUdaCtVUAoaDl4OfRh8ZhE4MCgODnVvegMGaiklVwp9fz9HVjgsPw4GajAiVVhxfzoOBmJqeB0EeHd8FUJxaGpHRy0+cQIRPC04Xwp9bnwBBXtoegYAf217 HTTP/1.1
Host: asverymuc.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Mon, 11 Dec 2023 05:14:17 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YWgl%2BUpdSMTfsb8PY00jldP3O8mGK4W31%2FF%2BlUXg%2ByFF9EbdlmmaIvxORG7TSNIvpk0TuUAHsrdikNlDg5mEuBQRdXvQYsv%2BeKYHVJVOGx0qoieu%2BuscmPuK3WUB%2FMZM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 833b3e41bde556cc-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

HEAD live.demand.supply/e/e.js?r=upfilesurls.com_fluid_sq_firstpageaftertitle_1&e=empdr&dsReferer=dXBmaWxlc3VybHMuY29tL1VDcXc=

104.16.134.22

200 OK

0 B

URL HEAD HTTP/3
live.demand.supply/e/e.js?r=upfilesurls.com_fluid_sq_firstpageaftertitle_1&e=empdr&dsReferer=dXBmaWxlc3VybHMuY29tL1VDcXc=
IP
104.16.134.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/UCqw
Certificate
IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /e/e.js?r=upfilesurls.com_fluid_sq_firstpageaftertitle_1&e=empdr&dsReferer=dXBmaWxlc3VybHMuY29tL1VDcXc= HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 11 Dec 2023 05:14:18 GMT
content-type: application/javascript; charset=UTF-8
content-length: 1
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=2
etag: "a49e9f0a501edbf396bf43092ec1efa3-ssl"
strict-transport-security: max-age=31536000
x-nf-request-id: 01HGASW7J1MD8TRYJ5PSP508YH
cf-cache-status: HIT
age: 211762
accept-ranges: bytes
set-cookie: __cf_bm=8Nnsd103buv3YKRupSe1PXGEd63a4C2Q7Go3kgbxLks-1702271658-1-AQCnjn8XuJlhQhcGXIGQGlCZ29q1Ic6lJiOV54FJFraq5VFCNrIOhu6oH1/pN0Xgm5mCn94aGMqeCBH8+jB1y2c=; path=/; expires=Mon, 11-Dec-23 05:44:18 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 833b3e48edc3712d-OSL
alt-svc: h3=":443"; ma=86400

GET accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp1pjxuBR3BuTFgjk-_J-bO9pR8f1rb5V1cq_75s3cyUDhOP2b6YBs2MPBsFu0_sbVWENtgF1A&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1040791261%3A1702271658376186&theme=glif

64.233.161.84

403 Forbidden

0 B

URL GET HTTP/3
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp1pjxuBR3BuTFgjk-_J-bO9pR8f1rb5V1cq_75s3cyUDhOP2b6YBs2MPBsFu0_sbVWENtgF1A&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1040791261%3A1702271658376186&theme=glif
IP
64.233.161.84:443
ASN
#15169 GOOGLE

Requested by
https://upfilesurls.com/UCqw
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:3A:D9:47:14:B0:78:30:A1:BF:B4:45:F6:F5:81:AD:0A:C7:76:89
ValidityMon, 20 Nov 2023 08:02:55 GMT - Mon, 12 Feb 2024 08:02:54 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp1pjxuBR3BuTFgjk-_J-bO9pR8f1rb5V1cq_75s3cyUDhOP2b6YBs2MPBsFu0_sbVWENtgF1A&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1040791261%3A1702271658376186&theme=glif HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 11 Dec 2023 05:14:18 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-TpAmd42V3qwDy6Qp-PN3Ow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET api.demand.supply/v17-24-0/a/upfilesurls.com_fluid_lb+sq_firstpageafterbutton_1?&dsReferer=dXBmaWxlc3VybHMuY29tL1VDcXc=

104.16.134.22

200 OK

384 B

URL GET HTTP/3
api.demand.supply/v17-24-0/a/upfilesurls.com_fluid_lb+sq_firstpageafterbutton_1?&dsReferer=dXBmaWxlc3VybHMuY29tL1VDcXc=
IP
104.16.134.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/UCqw
Certificate
IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (454), with no line terminators
Size
384 B (384 bytes)
Hash
59dd54193dc81a25fae635e8621e2632
bec085d4b08f50b04df05bde5e1bc2d1fdaf9aa6
cc497596c24afb71e734177039f936db20148e4b84b0d6f6adc6e918708f6a22

HTTP Headers

GET /v17-24-0/a/upfilesurls.com_fluid_lb+sq_firstpageafterbutton_1?&dsReferer=dXBmaWxlc3VybHMuY29tL1VDcXc= HTTP/1.1
Host: api.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 11 Dec 2023 05:14:17 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
etag: W/"180-6mNu1aK5PogTfT8+RobC0ZfRdJ0"
cf-cache-status: HIT
age: 3252
set-cookie: __cf_bm=5c4NbjZxw2.2RJhRa8Q2qQjksb0YVzU_8ONZ5v49QBg-1702271657-1-AZYX2lTrqox4Xy5gAgs1aZxDQ9NZvm/vWoEzXWS44GkpIAzTDdR5Oox+ezjycklGd2sxlHLrDJMspQ1nvNtP0TQ=; path=/; expires=Mon, 11-Dec-23 05:44:17 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 833b3e458cc2712d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET upfilesurls.com/img/plane.svg

172.67.71.90

200 OK

684 B

URL GET HTTP/2
upfilesurls.com/img/plane.svg
IP
172.67.71.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/UCqw
Certificate
IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
FingerprintC4:06:EA:F3:4B:AA:F0:43:B3:17:05:E3:66:A4:76:2C:54:9D:91:CF
ValidityMon, 20 Nov 2023 19:51:53 GMT - Sun, 18 Feb 2024 19:51:52 GMT

File type
SVG Scalable Vector Graphics image - , ASCII text, with very long lines (701), with no line terminators
Size
684 B (684 bytes)
Hash
8e7c41bde9bc90def2171d239eb22f04
853c0fbf7ca55b313af83201d95d6f6f3d3225ba
9bc4e093793a06ba14d0505710aad5254212125573342fa92c228f873d05bfea

HTTP Headers

GET /img/plane.svg HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/UCqw
Cookie: XSRF-TOKEN=eyJpdiI6InlENVlZMkk1ZDB4MTllVzR5RUc2OFE9PSIsInZhbHVlIjoiOUZtUGVWay9YUjBIdG9DRi9JRUVEUEVaU2ZaMXFzeTM3T1Fhc0pmL3phdEhUcWM0REdUbzVXVjNNYVZZS1A5UkNITmNGQjVxd2phZ1hxaXJsY2VSS2lqTWNudURtcllSNWoyRGdqdXd0YVdrdjl6RExjZnpLWWZEeXczZTc2SnQiLCJtYWMiOiJlZTA5MTcwMzlkMmJkZDQ3OGZmOWNjNmMzMTY2YjQ1MTUwZGU2OWI5ZDY3YzA0MzM2YjBhMzFhZDhlNDgwMmQ5IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InZhbE91RVppSENSWklyc1ZodnhnRnc9PSIsInZhbHVlIjoiZmI0K2MwMm5hUW5rVFFqTW5ZNER0UzVJbHFXTlIrUS92MzFQei90SkNEWVYwUHJhWktqSjZmYVZPc2QyNVBRTG8rN0JvazN6dFFaUGEzUHZ3RHg2cHVyemJsUE5URDY2bXNxcXZrR0hiQnVlR2IzcjRaQWJKV0FYZDN4MEswNU8iLCJtYWMiOiI4MWFkZTk1M2UyNTJhNzcxM2M1NDc4MDU1MGJhOGI4MzEwNWQ2MTVhNWNmNGYzZTc5MWE4ZjBmYjUzNjI4ODFhIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 11 Dec 2023 05:14:16 GMT
content-type: image/svg+xml
last-modified: Fri, 13 Jan 2023 13:29:35 GMT
vary: Accept-Encoding
etag: W/"63c15cbf-2ac"
cache-control: max-age=2592000
cf-cache-status: HIT
age: 962591
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0bfe29p7o%2FqCMJ3u1SPuZIpkmpxnSJJNNU9866w8vQHii5JUtFAyz1wxUnCC1zKLS0EbcbMJACs0bC5bi0AlbdGBl650azK%2Fcops9TLeOMRKyXhBumDtHKUkPSsxEhTVcw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 833b3e3f4bd45688-OSL
content-encoding: br
X-Firefox-Spdy: h2

GET live.demand.supply/up.js

104.16.134.22

200 OK

5.1 kB

URL GET HTTP/2
live.demand.supply/up.js
IP
104.16.134.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/UCqw
Certificate
IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT

File type
ASCII text, with very long lines (5294), with no line terminators
Size
5.1 kB (5132 bytes)
Hash
bb6147be49de1663e49f2dea46e5d201
06f4cf0d365a4a015071a26977a3eaeae3154b9b
56ace89da13d1849dbba152d0efb9f0187af2d63c282818780f439abd879d87a

HTTP Headers

GET /up.js HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 11 Dec 2023 05:14:17 GMT
content-type: application/javascript; charset=UTF-8
cf-ray: 833b3e415863b524-OSL
cf-cache-status: HIT
age: 214
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
etag: W/"1b2f9125258c2cae057f34201271a7f1-ssl-df"
link: <https://live.demand.supply/impl.v17.24.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v17-24-0/dXBmaWxlc3VybHMuY29tLw==>; rel=preload; as=script
strict-transport-security: max-age=31536000
vary: Accept-Encoding
cache-status: "Netlify Edge"; fwd=stale
cf-bgj: minify
cf-polished: origSize=4807
timing-allow-origin: *
x-nf-request-id: 01HH0CAF532FRDT8A0DK4DPB2J
set-cookie: demandSupplyTi=ca5c4752-3dcc-4f15-a898-8d9484f87b6d; demandSupplyTc = null; demandSupplyTcI = null; SameSite=None; Secure; Max-Age=63072000
__cf_bm=HaL49bvEOiHQZdi0RRvIpg4rxLy00VmCg7XipfYs2sQ-1702271657-1-AUV5OvNwiRWXLo29NMtcEL9QyysF5VEo3Ae5ANn05xChbW2a084WOCnK4w1DckfEz2pnvNHQGHCCStnRlfutybE=; path=/; expires=Mon, 11-Dec-23 05:44:17 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET api.demand.supply/v17-24-0/a/upfilesurls.com_fluid_sq_firstpageaftertitle_1?&dsReferer=dXBmaWxlc3VybHMuY29tL1VDcXc=

104.16.134.22

200 OK

383 B

URL GET HTTP/3
api.demand.supply/v17-24-0/a/upfilesurls.com_fluid_sq_firstpageaftertitle_1?&dsReferer=dXBmaWxlc3VybHMuY29tL1VDcXc=
IP
104.16.134.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/UCqw
Certificate
IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (453), with no line terminators
Size
383 B (383 bytes)
Hash
286719a921342bdb26c5a6b246b3a95f
d9956dac18618d26c62a68d1a386daf6b1738a17
0069dd04e2a1f8b4f558785379851d776ade6e54e4b3047a69a3e1e4a3d9b41b

HTTP Headers

GET /v17-24-0/a/upfilesurls.com_fluid_sq_firstpageaftertitle_1?&dsReferer=dXBmaWxlc3VybHMuY29tL1VDcXc= HTTP/1.1
Host: api.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 11 Dec 2023 05:14:17 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
etag: W/"17f-h07wsylAV8xmofL2khkSlUmuyao"
cf-cache-status: HIT
age: 3252
set-cookie: __cf_bm=s8u5Q0sf29WDvVYOhbjuSUIshWWpahpOSRCnl3..uvY-1702271657-1-AfKu6a8aKep1h2BtKNMVqziiJsYRY9l2KBOW+9DUuDB/llzBBytQK4hlCFdPIMxMO1N1L4RW+2LBd+SSDJyWtIg=; path=/; expires=Mon, 11-Dec-23 05:44:17 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 833b3e458cc3712d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp29ZECJcXmaEvf7vNraZEw646lqfa5P6xBCYHbRh2PczNyZpjteiiJNM7CPvRdetueJcp_7yQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1761918031%3A1702271658380563&theme=glif

64.233.161.84

403 Forbidden

0 B

URL GET HTTP/3
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp29ZECJcXmaEvf7vNraZEw646lqfa5P6xBCYHbRh2PczNyZpjteiiJNM7CPvRdetueJcp_7yQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1761918031%3A1702271658380563&theme=glif
IP
64.233.161.84:443
ASN
#15169 GOOGLE

Requested by
https://upfilesurls.com/UCqw
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:3A:D9:47:14:B0:78:30:A1:BF:B4:45:F6:F5:81:AD:0A:C7:76:89
ValidityMon, 20 Nov 2023 08:02:55 GMT - Mon, 12 Feb 2024 08:02:54 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp29ZECJcXmaEvf7vNraZEw646lqfa5P6xBCYHbRh2PczNyZpjteiiJNM7CPvRdetueJcp_7yQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1761918031%3A1702271658380563&theme=glif HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 11 Dec 2023 05:14:18 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-security-policy: script-src 'nonce-AoAy1Zi7NdMOGWfqnl5Ksw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://upfilesurls.com/UCqw
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1
ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0 - data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:46:25 GMT
expires: Fri, 06 Dec 2024 15:46:25 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 307672
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET pogothere.xyz/

188.114.96.1

200 OK

27 B

URL GET HTTP/2
pogothere.xyz/
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/UCqw
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
27 B (27 bytes)
Hash
8b2a32407a848d263cca91a521c45e7d
5a5c6ee318af53b06826b0bde06ed4db34d6f3a4
12df416f0b8dba269cabd444128510888da1dc3e179c33e7f922b748ec4b9bae

HTTP Headers

GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 11 Dec 2023 05:14:18 GMT
content-type: text/plain
set-cookie: csu=2217281420850699@1@1702271657; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://upfilesurls.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rWMfCSyLDSh3C4twR7o%2BYMxYHl0AzNYkHsxRT0CH0FtlgW1L7cvH8%2BiBHv%2Bpc6bkGUDxIuGIG301bhttfsvBvBBQu3nfgeeoXUL6lVXhN6MtFEANnnOxZZUuVicy78nq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 833b3e45da2156b7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

142.250.74.131

200 OK

921 B

URL GET HTTP/2
www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://upfilesurls.com/UCqw
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc.google.com
FingerprintFA:D5:51:24:05:76:F2:01:EC:D9:67:37:B0:0E:D0:64:99:F7:5A:DF
ValidityMon, 20 Nov 2023 08:03:50 GMT - Mon, 12 Feb 2024 08:03:49 GMT

File type
ASCII text, with very long lines (921), with no line terminators
Size
921 B (921 bytes)
Hash
5662dc3a01e5ab0cea92d9a13432cf4a
2519fee20dbd1ef4bd07a18e6a57d2860c776e7f
20a0ed2d09144a0e5eda75d4b834460334b75f9770e97cf7bd96c349bd6544ac

HTTP Headers

GET /recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit HTTP/1.1
Host: www.recaptcha.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Mon, 11 Dec 2023 05:14:17 GMT
date: Mon, 11 Dec 2023 05:14:17 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail

64.233.161.84

302 Found

0 B

URL GET HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
64.233.161.84:443
ASN
#15169 GOOGLE

Requested by
https://upfilesurls.com/UCqw
Certificate
IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
FingerprintF3:FB:54:1B:21:E9:69:01:41:02:BB:D0:97:A2:BA:45:72:5A:71:D8
ValidityMon, 20 Nov 2023 08:09:49 GMT - Mon, 12 Feb 2024 08:09:48 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:W9QWhNRWSStE5U4ZsiE1ehDCitbTEQ:R0RXC79RJcaskeaE; Expires=Wed, 10-Dec-2025 05:14:17 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 11 Dec 2023 05:14:17 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASKXGp20h7mz04sI_hXSLMxMC3pSxyrnxaRRFjP2WicyFHnt_VmnmggdZG9-oigldmLeG45qwNRJ9g
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce--UQMDON0D-a8gGMYtEBdCw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
cross-origin-opener-policy: unsafe-none
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (28)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash