Report - upfiles.com/wwRfHz

Report Overview

Visited public
2023-12-03 23:01:25
Tags
URL
upfiles.com/wwRfHz
Finishing URL
upfilesurls.com/wwRfHz
IP / ASN
104.21.72.12
#13335 CLOUDFLARENET
Title
Melina Vip.rar

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-12-03 06:51:04	889 B	300 kB	142.250.74.168
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-03 05:48:43	2.7 kB	145 kB	216.58.207.227
lingrethertantin.com	unknown	2023-11-07	2023-12-01 15:42:27	2023-12-03 20:06:16	3.0 kB	5.2 kB	52.85.242.19
pogothere.xyz	unknown	2022-08-22	2022-09-04 21:11:25	2023-12-02 21:42:02	1.7 kB	222 kB	188.114.96.1
www.recaptcha.net	2060	2007-01-06	2012-07-11 16:32:37	2023-12-02 20:25:08	469 B	1.4 kB	142.250.74.131
dv663fc06d35i.cloudfront.net	unknown	2008-04-25	2023-11-21 21:26:58	2023-12-01 21:37:53	2.3 kB	208 kB	143.204.42.28
upfilesurls.com	unknown	2022-11-30	2022-11-30 13:09:38	2023-12-02 17:59:29	16 kB	1.3 MB	104.26.9.138
www.gstatic.com	unknown	2008-02-11	2016-07-26 11:37:06	2023-12-03 07:56:40	492 B	192 kB	142.250.74.35
upfiles.com	282220	2004-06-05	2015-10-29 10:28:55	2023-12-02 19:21:18	486 B	92 kB	172.67.173.106
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-12-03 06:08:10	507 B	1.6 kB	142.250.74.106
live.demand.supply	31265	2014-06-22	2018-03-13 18:27:23	2023-12-03 17:15:05	5.4 kB	183 kB	104.16.133.22
datatechone.com	unknown	2021-12-24	2015-06-17 15:52:19	2023-12-03 11:24:37	542 B	466 B	139.45.195.253
accounts.google.com	81	1997-09-15	2016-03-20 13:44:49	2023-12-03 08:32:19	3.8 kB	11 kB	173.194.73.84
pagead2.googlesyndication.com	101	2003-01-21	2021-02-20 16:52:05	2023-12-03 12:34:56	894 B	1.4 kB	216.58.211.2
cschyogh.com	unknown	2022-10-24	2022-10-24 14:58:05	2023-11-24 20:05:55	410 B	1.1 kB	23.109.150.234
api.demand.supply	54270	2014-06-22	2018-05-24 04:58:27	2023-12-01 23:07:41	1.6 kB	3.2 kB	104.16.133.22
cdntechone.com	64371	2021-12-24	2021-12-24 18:09:58	2023-12-03 19:41:05	413 B	20 kB	188.114.97.1
ldrenandthe.org	unknown	2023-11-07	2023-11-29 08:03:40	2023-12-03 16:11:20	2.2 kB	2.4 kB	172.67.194.104

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-03	medium	datatechone.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (30)

	URL	From	Size	First Seen	Last Seen
	upfilesurls.com/wwRfHz	ScriptElement	119 B	2023-03-08	2024-05-22
Pretty URL upfilesurls.com/wwRfHz IP 104.26.9.138 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 15:28 Last Seen2024-05-22 10:51 Times Seen947 Hash bbdd43a315309ebd811a1e555db11f7f 4f221fbceb33ca51ca52ebe80577f681bc8c17df 212dfa0151b22549ac14757d4e65f3909dd45c9cdb366d8bd00fd6b17b906a09 Loading...

	upfilesurls.com/wwRfHz	ScriptElement	535 B	2024-08-20	2024-08-20
Pretty URL upfilesurls.com/wwRfHz IP 104.26.9.138 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:53 Last Seen2024-08-20 16:53 Times Seen1 Hash b80c3d63c31818136118aa3f076c4358 393b900d36e58e602e960ff8dec191b6090e0647 cb41045c92deaf08b63f61dc8c9e372fc39885ae3f141509a531031f12c58c92 Loading...

	upfilesurls.com/sandbox%20eval%20code		136 B	2023-04-11	2025-05-09
Pretty URL upfilesurls.com/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:23 Last Seen2025-05-09 11:41 Times Seen41492 Hash fb4eb094524daea58bf7f82331598541 f5ca39eb98fa1685f8647514a627d3d7f216f7ef 7cbf1e77bb9277bac7030ded2087246adf5c59564a5a1f28ce8c09be6ef48683 Loading...

	upfilesurls.com/js/frontend.js?id=88f283c744d8a6e43cfb	ScriptElement	981 kB	2023-03-12	2024-08-21
Pretty URL upfilesurls.com/js/frontend.js?id=88f283c744d8a6e43cfb IP 104.26.9.138 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 18:36 Last Seen2024-08-21 09:44 Times Seen738 Hash e38c15d82ba94f65edf148d0f1a98487 cd8ecadbc330cd3e12d55927483e87b0785dfcaa e87e0991dcfaa2c7b015d284d8b5d872363eb52af458b63c8449351b4b24612f Loading...

	unknown	Function	36 B	2023-04-11	2025-05-08
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:23 Last Seen2025-05-08 14:54 Times Seen2196 Hash c6417364696009e1ecada40d12c97a2f dd602b8bbd3a3656463ec3f6868c74f3a937859d 5a59e842a79e328e171f1da23754526329095be86fe355574fd7622f04ed3854 Loading...

	upfilesurls.com/wwRfHz	ScriptElement	2.9 kB	2023-03-12	2024-08-21
Pretty URL upfilesurls.com/wwRfHz IP 104.26.9.138 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 16:23 Last Seen2024-08-21 09:44 Times Seen1514 Hash b9dd502c04f179299a891e65a107e887 8e02ecbfb34c4371548dd0213076bcbf9a2b1523 fb6d9228943aa1956f95e9e330577772a47470e279ffbf84c2bc4e4ed4885c1a Loading...

	upfilesurls.com/wwRfHz	ScriptElement	191 B	2023-03-08	2024-08-21
Pretty URL upfilesurls.com/wwRfHz IP 104.26.9.138 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 15:28 Last Seen2024-08-21 09:44 Times Seen1024 Hash da30bb47614694e4cc233b287d20eb05 33483604c226b92b61915d364fd6489029cafe57 c5db272b10d5a0729fecd702bbe86f8447f72e2a10049608007c8e2646c803f8 Loading...

	dv663fc06d35i.cloudfront.net/?dcfvd=1010617	ScriptElement	321 kB	2023-12-04	2023-12-04
Pretty URL dv663fc06d35i.cloudfront.net/?dcfvd=1010617 IP 143.204.42.28 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 00:01 Last Seen2023-12-04 00:02 Times Seen3 Hash 3f33d3e01267b689d37ac879b5b9d2ea 2ec88d590ded109a5b052051b2ed5dd5d2786384 ce2adbf8a7e833ddec4481c88a6da0f72a065fcef6309497d9fa994eb001bd51 Loading...

	unknown	Function	49 B	2023-04-11	2025-05-08
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:23 Last Seen2025-05-08 14:54 Times Seen2197 Hash efde3719ad2205f4e3b6504a9bf45646 83101bef8fc5445fd9dcf54dd04495fc490e939a d84287d2b4f27cb1c02d18a77c979f739a5107585cf81911fea18a14b204f9ba Loading...

	upfilesurls.com/sandbox%20eval%20code		147 B	2023-04-11	2025-05-09
Pretty URL upfilesurls.com/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-09 11:51 Times Seen341424 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	www.googletagmanager.com/gtag/js?id=G-75C4L64NEB&l=dataLayer&cx=c	ScriptElement	229 kB	2023-12-04	2023-12-04
Pretty URL www.googletagmanager.com/gtag/js?id=G-75C4L64NEB&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 00:01 Last Seen2023-12-04 05:50 Times Seen6 Hash 01dba953b3011cdd4b24713da7b775f1 d6298cd7b92fe6fd54a73031255f573af69b99f1 ea0121b122ceb7f7a32b6cde42a60cacfb5f9904d66a5d4c09f73f97e2e9abb9 Loading...

	upfilesurls.com/wwRfHz	ScriptElement	65 kB	2023-11-23	2024-08-20
Pretty URL upfilesurls.com/wwRfHz IP 104.26.9.138 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-23 18:45 Last Seen2024-08-20 18:08 Times Seen260 Hash af63038cd8f1acde963ec3a987e36a37 868824d19e2bbdd3d808d1bd6dcad64206e5e4f7 8b142bf9eb9af9defd9b0a8810a22d234f002b0df249b9830b05c41b5a902cb9 Loading...

	cschyogh.com/1clkn/34742	ScriptElement	6 B	2023-03-07	2025-05-09
Pretty URL cschyogh.com/1clkn/34742 IP 23.109.150.234 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-09 11:41 Times Seen12514 Hash 9082dc37e5e8046929da411544ad071a 41e0e3963ed94e59e8a2f115994c382712411537 b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550 Loading...

	www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit	ScriptElement	921 B	2023-11-14	2023-12-08
Pretty URL www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit IP 142.250.74.131 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-14 22:29 Last Seen2023-12-08 23:14 Times Seen336 Hash 5b6f08f1e0f0284cf893616838da61f3 b267f92b338a62dc38640f2ef7c6c33ab129e962 04accf2271af1d069333bfbe89d2002c5e92cfd66b7fd41a31e71616cdd47b28 Loading...

	unknown	Function	38 B	2023-04-11	2025-05-09
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:23 Last Seen2025-05-09 06:17 Times Seen29300 Hash caf13b633ab4249aeadda1952a9038ae 1eb64473acd8bff2d081a66f128c611d079f6cbe 30d90270fd3125eb763b9958a72bd513c90cd6207b97dd0ef40c06aa22111ac7 Loading...

	upfilesurls.com/cdn-cgi/challenge-platform/scripts/jsd/main.js	ScriptElement	7.3 kB	2023-12-03	2023-12-04
Pretty URL upfilesurls.com/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 104.26.9.138 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-03 23:59 Last Seen2023-12-04 00:15 Times Seen3 Hash 669a4e956a898797250c7565262fac7d 7187e9af413033a1c91dc24356b7787382b710d3 688a6c736d0ffe193c463e10b7637f85c0cb0fb2b1f60326993b4d560541dc6e Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-05-09
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-09 11:51 Times Seen340623 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	upfilesurls.com/js/ads.js	ScriptElement	1.5 kB	2023-03-26	2024-08-21
Pretty URL upfilesurls.com/js/ads.js IP 104.26.9.138 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 03:42 Last Seen2024-08-21 09:44 Times Seen875 Hash 474dab2bae672cd84661a241806c67af c4e9f460c20e1535000feef7a0c748d1287734c9 ba4689299e8a29627b02f9dd8bb5ecec1ca32122dab181724dee2313627d9d85 Loading...

	unknown	ScriptElement	247 B	2024-08-20	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 16:53 Last Seen2024-08-20 16:53 Times Seen1 Hash 5b6f4deb0d0aa111b3769c9c445fdb90 92a991889425b75f3cc9608b9027164e64be9e9d bf13a9ac9cccfd59eac84af07f5907cec0cb8623a2ed46988a7e314d1e00c34e Loading...

	live.demand.supply/up.js	ScriptElement	5.1 kB	2024-08-20	2024-08-20
Pretty URL live.demand.supply/up.js IP 104.16.133.22 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 16:53 Last Seen2024-08-20 16:53 Times Seen1 Hash e27cde0498cb97ee08bbbd2320ea39c9 3f0646fb6de37c12dd1729188bd8531cfc856cd8 24a9b688eba56df18db848c082e21eea32ae256a43b6f70eb5450b07fc40690a Loading...

	www.googletagmanager.com/gtag/js?id=UA-197252557-1	ScriptElement	191 kB	2023-12-04	2023-12-04
Pretty URL www.googletagmanager.com/gtag/js?id=UA-197252557-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 00:01 Last Seen2023-12-04 03:30 Times Seen4 Hash 2eaacc3ed163df3e3f1b46a67422a12c a63b7568b0dbe766268579749d9b7d1df53090a1 5aabe3dd3cf80c9023d08eafa433e64df0f5a8447f86e8943956efd4bd83c8e7 Loading...

	live.demand.supply/impl.v17.23.1.js	ScriptElement	88 kB	2023-12-01	2023-12-06
Pretty URL live.demand.supply/impl.v17.23.1.js IP 104.16.133.22 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-01 21:36 Last Seen2023-12-06 16:46 Times Seen83 Hash a126ddea54aa780835368bf1e6519b03 9e882f4aea3df64224789b0f57a28c541e9b52cd 21f113cdf5618b645145c239293ad9fd2bac75d71c17377e89636ef4fe52b8ba Loading...

	securepubads.g.doubleclick.net/tag/js/gpt.js	ScriptElement	13 kB	2023-04-05	2025-05-09
Pretty URL securepubads.g.doubleclick.net/tag/js/gpt.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 04:46 Last Seen2025-05-09 11:41 Times Seen39326 Hash 0c9ed134ae3d5ffe972da2a3e59dc428 620df222551395592e46e4c5f425cf23dcdad891 5f9efa604bfe2aee8c1a90376125a098306ba390530a6f9b2ecb0a67cdac178d Loading...

	upfilesurls.com/wwRfHz	ScriptElement	926 B	2024-08-20	2024-08-20
Pretty URL upfilesurls.com/wwRfHz IP 104.26.9.138 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:53 Last Seen2024-08-20 16:53 Times Seen3 Hash 92c6df90df0c6607b5f8ed8aaccdb799 01c26d8daaf0757e083056762e230d4406bdbf2a c5837bbea43e9bd757cd566696b2cb420daca6827c11237f7d97dd1d76033c53 Loading...

	upfilesurls.com/wwRfHz	ScriptElement	155 B	2023-03-08	2025-04-29
Pretty URL upfilesurls.com/wwRfHz IP 104.26.9.138 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 15:28 Last Seen2025-04-29 18:10 Times Seen1148 Hash a1e0d623f9e510e759498d67c8281999 65e9e9287fd8060ebb5b624463ff977040e3d154 c66a236b63a0191f0cc1cb5a3c1b675c0fb7bf7d5e56b8c5ed34d70b10059aa7 Loading...

	cdntechone.com/stattag.js	ScriptElement	19 kB	2023-09-07	2024-08-21
Pretty URL cdntechone.com/stattag.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-07 10:30 Last Seen2024-08-21 07:21 Times Seen1442 Hash 8ec0c661780569e42736cfc20e4c69d7 0d857c9b9813975179cf323a344c934bcae598c6 38831e62c2e99f2f64b0352f13ef7daaa7c97e31dac314bb52caa89a6a7f58f5 Loading...

	upfilesurls.com/wwRfHz	ScriptElement	1.1 kB	2024-08-20	2024-08-20
Pretty URL upfilesurls.com/wwRfHz IP 104.26.9.138 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:53 Last Seen2024-08-20 16:53 Times Seen1 Hash 2f1ecc784e87ba21589923417a50f61b 8812163b87fefa397f9e25fed9fe8bc928a1fabf ab7f1983b2e6e48aee14ce96e7c1282da12c2522e52070abccbe3408c7f91625 Loading...

	live.demand.supply/p4/v17-21-0/dXBmaWxlc3VybHMuY29tL3d3UmZIeg==	ScriptElement	984 B	2023-12-03	2024-08-20
Pretty URL live.demand.supply/p4/v17-21-0/dXBmaWxlc3VybHMuY29tL3d3UmZIeg== IP 104.16.133.22 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-03 08:20 Last Seen2024-08-20 16:58 Times Seen8 Hash 43481b0224484ea19df6020385c7ebda 18e17bcd7ebd815f94c250e5410b2f1d9e6b8bda bc1480321d6e49b386948eda1c4726f42a234d0637eb26354b21304ca6a436ab Loading...

	www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js	ScriptElement	476 kB	2023-11-14	2024-08-20
Pretty URL www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-14 09:02 Last Seen2024-08-20 19:39 Times Seen12206 Hash 23b9dd721490a4062ba8d01454ef6ba9 efdbb7331585411f7d397dacbf51fd3e95f3031d 4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7 Loading...

		Size	First Seen	Last Seen
	#1 Write - b4266e242eff23787e7b828376d99726	181 B	2023-03-12 13:39	2024-08-21 09:44
Pretty Observations First Seen2023-03-12 13:39 Last Seen2024-08-21 09:44 Times Seen1938 Hash b4266e242eff23787e7b828376d99726 2eabaa39d5f1dfa68dd681d3489db9798b74bd73 b5fdf3f7d7a1047cf080ba3ff3eb2d0a433c1c9e2a08960fe0ba078c21935d6c Loading...

HTTP Transactions (65)

URL IP Response Size

www.googletagmanager.com/gtag/js?id=UA-197252557-1

142.250.74.168

200 OK

69 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-197252557-1
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (4179)
Size
69 kB (69052 bytes)
Hash
2eaacc3ed163df3e3f1b46a67422a12c
a63b7568b0dbe766268579749d9b7d1df53090a1
5aabe3dd3cf80c9023d08eafa433e64df0f5a8447f86e8943956efd4bd83c8e7

HTTP Headers

GET /gtag/js?id=UA-197252557-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 03 Dec 2023 23:01:07 GMT
expires: Sun, 03 Dec 2023 23:01:07 GMT
cache-control: private, max-age=900
last-modified: Sun, 03 Dec 2023 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 69052
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cschyogh.com/1clkn/34742

23.109.150.234

200 OK

26 B

URL GET HTTP/1.1
cschyogh.com/1clkn/34742
IP
23.109.150.234:443
ASN
#7979 SERVERS-COM

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerLet's Encrypt
Subjectcschyogh.com
Fingerprint41:44:0C:14:E9:F0:56:DF:20:70:F6:D1:C1:CB:6E:3E:7B:D0:33:AE
ValidityWed, 04 Oct 2023 23:46:38 GMT - Tue, 02 Jan 2024 23:46:37 GMT

File type
ASCII text, with no line terminators
Size
26 B (26 bytes)
Hash
9082dc37e5e8046929da411544ad071a
41e0e3963ed94e59e8a2f115994c382712411537
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550

HTTP Headers

GET /1clkn/34742 HTTP/1.1
Host: cschyogh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 03 Dec 2023 23:01:07 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Set-Cookie: GL_UI4=eJw9zV1OhDAcBHC%2BWXVBJ%2BEAHqFVQXz0Za%2FgIyntH6wL7aZU0NtLTPRtMvlNJgiCqLpFuGYp4k9R414NvJGs5fKhfmRNUz8JRkPfvvTtc8MFa3Gll86LfiKf4LDMwvnOrwmOIxlyWnbSKipwt6u%2F5mzsZhKkvRNGFUjnXUwF8t7ZbSFXxUiMmAn5STsa7NcuxId1iDmr96zNnkOGyC5VXF4jf9NG7cvyiIizsswC3Fwm4Qfr5k6rLEQ6OqEI4SsOUngarftGrmg5e3sB7KS6f%2F97HG%2BcIVO0aklIrX8n9wNBjE5s; expires=Mon, 04-Dec-2023 23:01:07 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwViE0KgzAUBvMeJVAqhY96AE%2BQamsXbmuXRReewGopgZBIEvtz%2B%2BpiBmaEEJwmYD0hqQpV5ao8qeJSgl7gpgUPFrJx%2FtP%2FQB6cn8HeYtcG47LazTYuf8BmbZDG%2Fmr0N%2BucmaN2NoAXtnX%2FMM%2FjrbuDJkng6FaHMRWgtzz8AV7hHdE%3D; expires=Mon, 04-Dec-2023 23:01:07 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

dv663fc06d35i.cloudfront.net/?dcfvd=1010617

143.204.42.28

200 OK

103 kB

URL GET HTTP/2
dv663fc06d35i.cloudfront.net/?dcfvd=1010617
IP
143.204.42.28:443
ASN
#16509 AMAZON-02

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (15945)
Size
103 kB (102718 bytes)
Hash
3f33d3e01267b689d37ac879b5b9d2ea
2ec88d590ded109a5b052051b2ed5dd5d2786384
ce2adbf8a7e833ddec4481c88a6da0f72a065fcef6309497d9fa994eb001bd51

HTTP Headers

GET /?dcfvd=1010617 HTTP/1.1
Host: dv663fc06d35i.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 102718
date: Sun, 03 Dec 2023 23:01:07 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3u8YTdCteYS9Ra1XTkIc9F1xwBMQUt6EESSIg5jkQIeefrPUk7dulw==
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap

142.250.74.106

200 OK

963 B

URL GET HTTP/2
fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text
Size
963 B (963 bytes)
Hash
46d5857babcdc79465067d5bc6f0516b
a08ea148fdc854daab89bdc95d05379979485024
0f9f9de833d585905809ec4e207ddc9b42190d5660f30c54b25a8c6deb3612df

HTTP Headers

GET /css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 03 Dec 2023 23:01:07 GMT
date: Sun, 03 Dec 2023 23:01:07 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

upfilesurls.com/css/frontend.css?id=2396ffb76e738e465b53

104.26.9.138

200 OK

95 kB

URL GET HTTP/2
upfilesurls.com/css/frontend.css?id=2396ffb76e738e465b53
IP
104.26.9.138:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
FingerprintC4:06:EA:F3:4B:AA:F0:43:B3:17:05:E3:66:A4:76:2C:54:9D:91:CF
ValidityMon, 20 Nov 2023 19:51:53 GMT - Sun, 18 Feb 2024 19:51:52 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
95 kB (94735 bytes)
Hash
cf7148de68c4ff76f21e2200b67fd8c4
ace4770fa2d643e676bccca417f7880c8a6565dd
e51161fcc5b2c4b90c3381e517152eb275d52a6c288954e502479d7421386240

HTTP Headers

GET /css/frontend.css?id=2396ffb76e738e465b53 HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/wwRfHz
Cookie: XSRF-TOKEN=eyJpdiI6IlRMNHM1dEMvcjJkK1d5QWlqYkY3T2c9PSIsInZhbHVlIjoiMjh3MVA5S1NpMUpzR1d1cFllWXc3aW9qYXFXNzduKzFTaXIyVitROFNrK2FYT3VJUjJ2emVpNTdCRGpLV1lKOWt5R2s3VHN0bm9NNUFFVUJsb3dYSHFUeVNMdnhXcGpFZm9nWDZXQ2VKR2FKeXJoZHJUY0YrVCtwMG8xR0pKM0oiLCJtYWMiOiIwOTAzYTAyNzk2N2ZkZDg1M2QzY2RkYTY5YWUyMmU0OGNjMzU4MDRjMjQyNTIzNjc1NTdmOGM1ZDQyMzlmZTlkIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6IjA5bVBWYkc1RFd6Y1h3NUUrYVdzVWc9PSIsInZhbHVlIjoiMjdBSHZYOWptV083L2dQcmxPeW5OVGpmZGZlQnRIR3c2Vmk4dGdxZGJoNkFlZkFsbFZ0dUZNUTZFZEtwcldjRldHdmxzR3dBNzVyRTdycWZzdzVSTzVzNklSL2JMSWFEN09BWnJWVC9mWEtDVzB3UmdwbWNJb0NHQUNLUWN5THIiLCJtYWMiOiI5ZjQ5OTdmMWRlYjkyYmY4NmUxMGIxZDlhNjg5MjU5ODdhYmFkYTQ4N2MwMjk3NzE3OWYxMzBiOTYwZWMwOGYxIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:01:07 GMT
content-type: text/css
cache-control: max-age=31536000
cf-bgj: minify
etag: W/"63a354a4-3f918"
last-modified: Wed, 21 Dec 2022 18:47:00 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 904712
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZWQpPwFaZACpeRdOEUjWaYCYPXEIpfcpJuvTQaNRtpP0duh9fwcmDrIWNwEVlVdKSk0q1c3%2B5ca6DKtMd2juFLkwjQuYDotGyd0zD5fpFV3a2gDvlym2B4h%2FVUqZm6GRPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ff6dff6819b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2

fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

216.58.207.227

200 OK

47 kB

URL GET HTTP/2
fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 46704, version 1.0\012- data
Size
47 kB (46704 bytes)
Hash
30a274cd01b6eeb0b082c918b0697f1e
393311bde26b99a4ad935fa55bad1dce7994388b
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

HTTP Headers

GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 07:29:24 GMT
expires: Fri, 29 Nov 2024 07:29:24 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
age: 315103
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

upfilesurls.com/img/menu.svg

104.26.9.138

200 OK

16 kB

URL GET HTTP/2
upfilesurls.com/img/menu.svg
IP
104.26.9.138:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
FingerprintC4:06:EA:F3:4B:AA:F0:43:B3:17:05:E3:66:A4:76:2C:54:9D:91:CF
ValidityMon, 20 Nov 2023 19:51:53 GMT - Sun, 18 Feb 2024 19:51:52 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text
Size
16 kB (16274 bytes)
Hash
e194fab3eea9f00d5a3814c4df00ac8c
4a9760c8ec110364d025527e26730e78ae0b3ac0
3d3e6705b468cecdd78fb9a1ee6688d60e1d2c1caa0db7baa88db460315dccea

HTTP Headers

GET /img/menu.svg HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/wwRfHz
Cookie: XSRF-TOKEN=eyJpdiI6IlRMNHM1dEMvcjJkK1d5QWlqYkY3T2c9PSIsInZhbHVlIjoiMjh3MVA5S1NpMUpzR1d1cFllWXc3aW9qYXFXNzduKzFTaXIyVitROFNrK2FYT3VJUjJ2emVpNTdCRGpLV1lKOWt5R2s3VHN0bm9NNUFFVUJsb3dYSHFUeVNMdnhXcGpFZm9nWDZXQ2VKR2FKeXJoZHJUY0YrVCtwMG8xR0pKM0oiLCJtYWMiOiIwOTAzYTAyNzk2N2ZkZDg1M2QzY2RkYTY5YWUyMmU0OGNjMzU4MDRjMjQyNTIzNjc1NTdmOGM1ZDQyMzlmZTlkIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6IjA5bVBWYkc1RFd6Y1h3NUUrYVdzVWc9PSIsInZhbHVlIjoiMjdBSHZYOWptV083L2dQcmxPeW5OVGpmZGZlQnRIR3c2Vmk4dGdxZGJoNkFlZkFsbFZ0dUZNUTZFZEtwcldjRldHdmxzR3dBNzVyRTdycWZzdzVSTzVzNklSL2JMSWFEN09BWnJWVC9mWEtDVzB3UmdwbWNJb0NHQUNLUWN5THIiLCJtYWMiOiI5ZjQ5OTdmMWRlYjkyYmY4NmUxMGIxZDlhNjg5MjU5ODdhYmFkYTQ4N2MwMjk3NzE3OWYxMzBiOTYwZWMwOGYxIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:01:07 GMT
content-type: image/svg+xml
last-modified: Tue, 24 Jan 2023 16:39:42 GMT
vary: Accept-Encoding
etag: W/"63d009ce-72e"
cache-control: max-age=2592000
cf-cache-status: HIT
age: 761508
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yp9urY5rD6cNwHBMPr%2BxLm3T9BNovAW6DVrtoDNPZEs2RyLpQfoJgf2UPQpB8GO7NFtzDUpaZOVj3t5FTfslrY4ngjoXheJBRyJLdsZB0qBzD7pDACG36denTua%2B5npIxw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ff6dff681db50c-OSL
content-encoding: br
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:57:34 GMT
expires: Fri, 29 Nov 2024 04:57:34 GMT
cache-control: public, max-age=31536000
age: 324213
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

upfilesurls.com/wwRfHz?token=eyJpdiI6IlorN3ZhS3lCTDRaZEh6TU5YNE56eHc9PSIsInZhbHVlIjoibXpUQ2owaDcyM2t3Y1hpMnVaKzZIUT09IiwibWFjIjoiNDBhNmFjMzkyNTM1NDEyNjkwMmVjZjUyMjdjODUxMzJlNTQ5OTMwMmUzMTdiNWU4M2IyNGY2YjgyZGIxODcyMSIsInRhZyI6IiJ9

104.26.9.138

302 Found

13 kB

URL User Request GET HTTP/2
upfilesurls.com/wwRfHz?token=eyJpdiI6IlorN3ZhS3lCTDRaZEh6TU5YNE56eHc9PSIsInZhbHVlIjoibXpUQ2owaDcyM2t3Y1hpMnVaKzZIUT09IiwibWFjIjoiNDBhNmFjMzkyNTM1NDEyNjkwMmVjZjUyMjdjODUxMzJlNTQ5OTMwMmUzMTdiNWU4M2IyNGY2YjgyZGIxODcyMSIsInRhZyI6IiJ9
IP
104.26.9.138:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
FingerprintC4:06:EA:F3:4B:AA:F0:43:B3:17:05:E3:66:A4:76:2C:54:9D:91:CF
ValidityMon, 20 Nov 2023 19:51:53 GMT - Sun, 18 Feb 2024 19:51:52 GMT

File type
data
Size
13 kB (13411 bytes)
Hash
6ab9e6177e8b6f40eb2146e2c63930d9
146c65a045651ef81e0e4683f5236dc48499dc38
18a70d0e4802d457b55a326c3b8afcc5aef007fa3ef0911a4be29c76e8f884e1

HTTP Headers

GET /wwRfHz?token=eyJpdiI6IlorN3ZhS3lCTDRaZEh6TU5YNE56eHc9PSIsInZhbHVlIjoibXpUQ2owaDcyM2t3Y1hpMnVaKzZIUT09IiwibWFjIjoiNDBhNmFjMzkyNTM1NDEyNjkwMmVjZjUyMjdjODUxMzJlNTQ5OTMwMmUzMTdiNWU4M2IyNGY2YjgyZGIxODcyMSIsInRhZyI6IiJ9 HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sun, 03 Dec 2023 23:01:06 GMT
content-type: text/html; charset=UTF-8
location: https://upfilesurls.com/wwRfHz
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6IkhvQkRxS0FmUUJmYnkweWV2U3Z0aFE9PSIsInZhbHVlIjoidnBIUXJ3ai9WZTNlVTY4ZldMZ2RraGtyaVFhMzR1b1ZSYzdZdkJtVVRUd2ZQVXQxbG5KcUswWnBKdmhSaGk2Rm54cEFNTXRKZGZPeUwrQTZtN29GbHV6Y1RVaGs4Yjc0NzZocUd6enlLanBUVlAvbzBXVWpid09ma0xhVk1TcE8iLCJtYWMiOiI2NTQwOTZhODI4MzJiMzYwYjFiYzAzZjc3NWJjZjViMjA0NDQ3ZTc5NGVlODg1N2JmYzZmNWZmM2E4OTU4YjBlIiwidGFnIjoiIn0%3D; expires=Sun, 10-Dec-2023 23:01:06 GMT; Max-Age=604800; path=/; samesite=lax
upfiles_session=eyJpdiI6IkRmV2tBdW5acllFemthQzR4NDliMlE9PSIsInZhbHVlIjoieGpZaXlvekxYWmZxWTg0eERCZ2tSSHBmZVpQS2x3MFptN2NPa3BpRjJjZGliTTdZdkFKdUJpaDFHcWVKVFVqcUp4YXZKTG1RUFFiUXhXSjEzMDRYbW9zZFhsTGc0QUxqNDdQQ3lPZWgwQ2Ewb3FhQlpDVENqL21ka2hsRXB6b0giLCJtYWMiOiI1Y2JmZjUxN2M3NzRiNTYxYzBjMzhjZDQzZTFkZDEzYTRlMWVjYWE4OGMwOTFmZWE0NTBlNzlmY2JlM2UwNjA4IiwidGFnIjoiIn0%3D; expires=Sun, 10-Dec-2023 23:01:06 GMT; Max-Age=604800; path=/; httponly; samesite=lax
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9bdJ9GIbY2CfQjhYtef9TzCkPNuk7b8tOaZXDDZbzL9JDUymyxKpZniqvqQeCV29WzG%2FFVLZzWt9ETNzeQ8hc0xCvXUg1v1TU8zHRGWmwqs5ZLENbDgleLj2KWQYPJLluQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ff6df94cafb50c-OSL
X-Firefox-Spdy: h2

lingrethertantin.com/b3lMNjgOGy9bBw5ELhBNHRVxEwopXH5wXBlPegVeDEl6UgtaEGJVVAAMKFBKABc4GFYKDWkEfiobGUJsIRUBeXIrSB1UegQQAkFMHi8EB1QtFAZ6cTw7FmZqXkscQXIHKQ1najg6GWxzBjMLbH0cXH5wczkzOW5vX1x+cG4VSQdSVjktHGcNXSAkd0EsKiBDeQEsFnlCFx0uXlMGKRlnDyk6fFpvLAkAZlImNRxRcRc2IFkdXT8IcQ0HGgtsfApKFXNhXyx0eVQISg1cTwg8fnBcJSovYmE5SHpvQAcTH35fPTx+cFw/PTxvYjkVOW9wPUsUBUsdOAtScQo7YXNsNi98A3I9Nyt6cB8TDQUJCyAib302DiNDdSlJdGVwBC8OcXYMHH57cDZINENhPiB9dHwESxlyTzkbIXBPNhV9EwotHx1sCSgxFl8eBQojWEhSFXgEaSA7IkBMDgg8AQ

52.85.242.19

200 OK

1.2 kB

URL GET HTTP/2
lingrethertantin.com/b3lMNjgOGy9bBw5ELhBNHRVxEwopXH5wXBlPegVeDEl6UgtaEGJVVAAMKFBKABc4GFYKDWkEfiobGUJsIRUBeXIrSB1UegQQAkFMHi8EB1QtFAZ6cTw7FmZqXkscQXIHKQ1najg6GWxzBjMLbH0cXH5wczkzOW5vX1x+cG4VSQdSVjktHGcNXSAkd0EsKiBDeQEsFnlCFx0uXlMGKRlnDyk6fFpvLAkAZlImNRxRcRc2IFkdXT8IcQ0HGgtsfApKFXNhXyx0eVQISg1cTwg8fnBcJSovYmE5SHpvQAcTH35fPTx+cFw/PTxvYjkVOW9wPUsUBUsdOAtScQo7YXNsNi98A3I9Nyt6cB8TDQUJCyAib302DiNDdSlJdGVwBC8OcXYMHH57cDZINENhPiB9dHwESxlyTzkbIXBPNhV9EwotHx1sCSgxFl8eBQojWEhSFXgEaSA7IkBMDgg8AQ
IP
52.85.242.19:443
ASN
#16509 AMAZON-02

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerAmazon
Subjectlingrethertantin.com
Fingerprint05:43:5F:62:44:4A:F8:16:0D:0E:1F:DC:05:AA:39:FF:6E:4C:56:B8
ValidityMon, 27 Nov 2023 00:00:00 GMT - Wed, 25 Dec 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3043), with no line terminators
Size
1.2 kB (1195 bytes)
Hash
f4d75619190bac56c1cfb9d672213f04
24923a63824de318347cae6d20e657fead08544d
86a2207e73e193412c8a7b50f5b1e3d9b90d9722f78434beeea26273395539e0

HTTP Headers

GET /b3lMNjgOGy9bBw5ELhBNHRVxEwopXH5wXBlPegVeDEl6UgtaEGJVVAAMKFBKABc4GFYKDWkEfiobGUJsIRUBeXIrSB1UegQQAkFMHi8EB1QtFAZ6cTw7FmZqXkscQXIHKQ1najg6GWxzBjMLbH0cXH5wczkzOW5vX1x+cG4VSQdSVjktHGcNXSAkd0EsKiBDeQEsFnlCFx0uXlMGKRlnDyk6fFpvLAkAZlImNRxRcRc2IFkdXT8IcQ0HGgtsfApKFXNhXyx0eVQISg1cTwg8fnBcJSovYmE5SHpvQAcTH35fPTx+cFw/PTxvYjkVOW9wPUsUBUsdOAtScQo7YXNsNi98A3I9Nyt6cB8TDQUJCyAib302DiNDdSlJdGVwBC8OcXYMHH57cDZINENhPiB9dHwESxlyTzkbIXBPNhV9EwotHx1sCSgxFl8eBQojWEhSFXgEaSA7IkBMDgg8AQ HTTP/1.1
Host: lingrethertantin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html
content-length: 1195
date: Sun, 03 Dec 2023 23:01:07 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 a62f7ce6b39c676fcfdde0f9a6fcf08e.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: 0WJFRNQodS9dseJ5wQzNfk9-wmKxTglDIiyxVRGgF57mR0MPJeHqzA==
X-Firefox-Spdy: h2

lingrethertantin.com/ZlAzckUHMlAfegdtUVQwFDwOV3cgdQE0IRBmBUEjBWAFFnZTOR0RKQklVxQ3CT5HXCsDJBZAAxcfdzQBMRZbEB0PYBZABzxgSysPVAZDMQQkKlEfLjYWShk3KGFpMCMOYFsXIisiUiMPEAFnGQgHEQILHzUnWioEHipVGBc8CEogKQA8AhQMIQZDOiknPnwfECsWSREqKGF+PwscFQEhKQ1mYxtwMQN0JzEpAWURCSUZSyQDVjlVJTVDYnEwAlc/VSMqJDFKSj0wPGYBCR8jVzN2K2J/MHUiMwEeKiA3dR8kHj9XM3YrJn4kHC40AEM3AzhhCiQlEXwwEksKQTUtVhRQCyoTGGI7BgcHVDwNVR5LFBQJEnk2dVEFAkcoBzgHOQQ+GlwTBA0SUBx0FxN1ETQtOgIXHQwkChMrUhFQQHRUE3ERdzwHWFQvFT9dAngjKXFALVcKZAI/MmAGMQ

52.85.242.19

200 OK

1.2 kB

URL GET HTTP/2
lingrethertantin.com/ZlAzckUHMlAfegdtUVQwFDwOV3cgdQE0IRBmBUEjBWAFFnZTOR0RKQklVxQ3CT5HXCsDJBZAAxcfdzQBMRZbEB0PYBZABzxgSysPVAZDMQQkKlEfLjYWShk3KGFpMCMOYFsXIisiUiMPEAFnGQgHEQILHzUnWioEHipVGBc8CEogKQA8AhQMIQZDOiknPnwfECsWSREqKGF+PwscFQEhKQ1mYxtwMQN0JzEpAWURCSUZSyQDVjlVJTVDYnEwAlc/VSMqJDFKSj0wPGYBCR8jVzN2K2J/MHUiMwEeKiA3dR8kHj9XM3YrJn4kHC40AEM3AzhhCiQlEXwwEksKQTUtVhRQCyoTGGI7BgcHVDwNVR5LFBQJEnk2dVEFAkcoBzgHOQQ+GlwTBA0SUBx0FxN1ETQtOgIXHQwkChMrUhFQQHRUE3ERdzwHWFQvFT9dAngjKXFALVcKZAI/MmAGMQ
IP
52.85.242.19:443
ASN
#16509 AMAZON-02

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerAmazon
Subjectlingrethertantin.com
Fingerprint05:43:5F:62:44:4A:F8:16:0D:0E:1F:DC:05:AA:39:FF:6E:4C:56:B8
ValidityMon, 27 Nov 2023 00:00:00 GMT - Wed, 25 Dec 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3047), with no line terminators
Size
1.2 kB (1195 bytes)
Hash
52af48a8a3c07784b27a19f1c108821d
8c7b6eda556c99a265c16b631dbcb982b57b870b
a3c9c1d8b13b692111cdc43958fd9e895d875ba9a5e9e3534b84e19235137cf3

HTTP Headers

GET /ZlAzckUHMlAfegdtUVQwFDwOV3cgdQE0IRBmBUEjBWAFFnZTOR0RKQklVxQ3CT5HXCsDJBZAAxcfdzQBMRZbEB0PYBZABzxgSysPVAZDMQQkKlEfLjYWShk3KGFpMCMOYFsXIisiUiMPEAFnGQgHEQILHzUnWioEHipVGBc8CEogKQA8AhQMIQZDOiknPnwfECsWSREqKGF+PwscFQEhKQ1mYxtwMQN0JzEpAWURCSUZSyQDVjlVJTVDYnEwAlc/VSMqJDFKSj0wPGYBCR8jVzN2K2J/MHUiMwEeKiA3dR8kHj9XM3YrJn4kHC40AEM3AzhhCiQlEXwwEksKQTUtVhRQCyoTGGI7BgcHVDwNVR5LFBQJEnk2dVEFAkcoBzgHOQQ+GlwTBA0SUBx0FxN1ETQtOgIXHQwkChMrUhFQQHRUE3ERdzwHWFQvFT9dAngjKXFALVcKZAI/MmAGMQ HTTP/1.1
Host: lingrethertantin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html
content-length: 1195
date: Sun, 03 Dec 2023 23:01:07 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 a62f7ce6b39c676fcfdde0f9a6fcf08e.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: t3JGN80V8UmnApuivtxWAoOniO7cXzQI4FYds30GUnXNsOwOEaZaIg==
X-Firefox-Spdy: h2

upfilesurls.com/images/arrow-down.png?c98e5283a69cb508d054d30256af43c6

104.26.9.138

200 OK

208 B

URL GET HTTP/2
upfilesurls.com/images/arrow-down.png?c98e5283a69cb508d054d30256af43c6
IP
104.26.9.138:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
FingerprintC4:06:EA:F3:4B:AA:F0:43:B3:17:05:E3:66:A4:76:2C:54:9D:91:CF
ValidityMon, 20 Nov 2023 19:51:53 GMT - Sun, 18 Feb 2024 19:51:52 GMT

File type
PNG image data, 6 x 12, 8-bit/color RGBA, non-interlaced\012- data
Size
208 B (208 bytes)
Hash
31f073499665afb237f3294219d2d7c6
c1ada0510e31f661dab66203c15a3d6c8f5468d0
59b7ad6d6f457b624e25d22959edc7c83af2ac52edba32fd6648c97af0d1780c

HTTP Headers

GET /images/arrow-down.png?c98e5283a69cb508d054d30256af43c6 HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/css/frontend.css?id=2396ffb76e738e465b53
Cookie: XSRF-TOKEN=eyJpdiI6IlRMNHM1dEMvcjJkK1d5QWlqYkY3T2c9PSIsInZhbHVlIjoiMjh3MVA5S1NpMUpzR1d1cFllWXc3aW9qYXFXNzduKzFTaXIyVitROFNrK2FYT3VJUjJ2emVpNTdCRGpLV1lKOWt5R2s3VHN0bm9NNUFFVUJsb3dYSHFUeVNMdnhXcGpFZm9nWDZXQ2VKR2FKeXJoZHJUY0YrVCtwMG8xR0pKM0oiLCJtYWMiOiIwOTAzYTAyNzk2N2ZkZDg1M2QzY2RkYTY5YWUyMmU0OGNjMzU4MDRjMjQyNTIzNjc1NTdmOGM1ZDQyMzlmZTlkIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6IjA5bVBWYkc1RFd6Y1h3NUUrYVdzVWc9PSIsInZhbHVlIjoiMjdBSHZYOWptV083L2dQcmxPeW5OVGpmZGZlQnRIR3c2Vmk4dGdxZGJoNkFlZkFsbFZ0dUZNUTZFZEtwcldjRldHdmxzR3dBNzVyRTdycWZzdzVSTzVzNklSL2JMSWFEN09BWnJWVC9mWEtDVzB3UmdwbWNJb0NHQUNLUWN5THIiLCJtYWMiOiI5ZjQ5OTdmMWRlYjkyYmY4NmUxMGIxZDlhNjg5MjU5ODdhYmFkYTQ4N2MwMjk3NzE3OWYxMzBiOTYwZWMwOGYxIiwidGFnIjoiIn0%3D; ab=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:01:07 GMT
content-type: image/png
content-length: 208
last-modified: Fri, 08 Apr 2022 10:55:45 GMT
etag: "625014b1-d0"
cache-control: max-age=2592000
cf-cache-status: HIT
age: 579637
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aORY0tqeUnpI6iEEnELJACCMA0gsU3fKlHUOiJLqWra8aiJ3Xj2oTShVpz0mCzMGTHmnYF8fbWjbGnx4j40lJMHSCVwzF%2Bn9JcON%2FkDoUEaAwhuvxIoEmRH3q2En%2BSusQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff6e048b2bb50c-OSL
X-Firefox-Spdy: h2

fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

216.58.207.227

200 OK

47 kB

URL GET HTTP/2
fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 46704, version 1.0\012- data
Size
47 kB (46704 bytes)
Hash
30a274cd01b6eeb0b082c918b0697f1e
393311bde26b99a4ad935fa55bad1dce7994388b
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

HTTP Headers

GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 07:29:24 GMT
expires: Fri, 29 Nov 2024 07:29:24 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
age: 315103
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 07:29:35 GMT
expires: Fri, 29 Nov 2024 07:29:35 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 315093
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

live.demand.supply/ds.2.html

104.16.133.22

200 OK

81 kB

URL GET HTTP/3
live.demand.supply/ds.2.html
IP
104.16.133.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
81 kB (81399 bytes)
Hash
6d93563087b24f71a2de50d213d1a6a6
3084afce8b8bb33ba5f5c4ac4e7ebb153c552deb
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

HTTP Headers

GET /ds.2.html HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 03 Dec 2023 23:01:08 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-nf-request-id: 01HFP9N9C4P8K47VBZVVEWGYZG
cf-cache-status: HIT
age: 1010740
set-cookie: __cf_bm=dt_JhCevwgCOpnCOIHBriQHfRa_qzK7bLRIMZhRuQTg-1701644468-0-Aa0WcwPjr8OVGbQ4fSVFr1OuZEMbB29G6GB7frjMLBwQbLGW31kGRdpG0T8L0CZjIlEtSBk/Z/UvBdNBOVOD7n4=; path=/; expires=Sun, 03-Dec-23 23:31:08 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff6e059cfd56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

live.demand.supply/e/e.js?e=ll&d=265&cs=c&dsReferer=dXBmaWxlc3VybHMuY29tL3d3UmZIeg==

104.16.133.22

200 OK

0 B

URL HEAD HTTP/3
live.demand.supply/e/e.js?e=ll&d=265&cs=c&dsReferer=dXBmaWxlc3VybHMuY29tL3d3UmZIeg==
IP
104.16.133.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /e/e.js?e=ll&d=265&cs=c&dsReferer=dXBmaWxlc3VybHMuY29tL3d3UmZIeg== HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 03 Dec 2023 23:01:08 GMT
content-type: application/javascript; charset=UTF-8
content-length: 1
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=2
etag: "4de2110991f3807e8b4a19c48c14f2d1-ssl"
strict-transport-security: max-age=31536000
x-nf-request-id: 01HEQ11YQH5NDF00RQZ2ZRCY60
cf-cache-status: HIT
age: 1010740
accept-ranges: bytes
set-cookie: __cf_bm=yCXnKCgcjG50bfVK7JE9jj95FmbIhA.UVhF9.x8ctsY-1701644468-0-ATwNUGc2ja7KQ6IhjSJIa2eUb0O5cCdvvDDwMd+1wGEuMIjPJgtaMdw8JOCERaKvFlnu9J1rxJ+yBDwEktASTsY=; path=/; expires=Sun, 03-Dec-23 23:31:08 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff6e05f99656a4-OSL
alt-svc: h3=":443"; ma=86400

dv663fc06d35i.cloudfront.net/EbUtTNlMOJD1QbBkiNwtqVH1lBmJLISBZPR12PwJhPAQRWCUZKiJGZEs/KVJuXW0/Vz0KdnVTPQ52YhAyCSluAnUZOzxdbhkiPUQ7FC0lWCpLPjILPgIxOlo/DG5hcGZDe3YEY0U8Olg3AjwgE2FdJScTYV16YxhjSHgRE2FdPDpYZVluYHR2X3srAGdIeB-ETYV05JRNgLHpjA31dYnYEYwouMF08SHkVBGNce2MHY1xuYQY1BDk2UDwVbmFwYl1+fQZ1GHZi

143.204.42.28

619 B

URL
dv663fc06d35i.cloudfront.net/EbUtTNlMOJD1QbBkiNwtqVH1lBmJLISBZPR12PwJhPAQRWCUZKiJGZEs/KVJuXW0/Vz0KdnVTPQ52YhAyCSluAnUZOzxdbhkiPUQ7FC0lWCpLPjILPgIxOlo/DG5hcGZDe3YEY0U8Olg3AjwgE2FdJScTYV16YxhjSHgRE2FdPDpYZVluYHR2X3srAGdIeB-ETYV05JRNgLHpjA31dYnYEYwouMF08SHkVBGNce2MHY1xuYQY1BDk2UDwVbmFwYl1+fQZ1GHZi
IP
143.204.42.28:0
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
ASCII text, with very long lines (853), with no line terminators
Size
619 B (619 bytes)
Hash
3071b187e179724914129fb3c701eb59
172df520a9c6b102c39ff872198d98bcdc6b3167
6dd02488c049614145a2820cb1c9dbb65e1c8a972c8585807460a1c6796bb3aa

HTTP Headers

GET /EbUtTNlMOJD1QbBkiNwtqVH1lBmJLISBZPR12PwJhPAQRWCUZKiJGZEs/KVJuXW0/Vz0KdnVTPQ52YhAyCSluAnUZOzxdbhkiPUQ7FC0lWCpLPjILPgIxOlo/DG5hcGZDe3YEY0U8Olg3AjwgE2FdJScTYV16YxhjSHgRE2FdPDpYZVluYHR2X3srAGdIeB-ETYV05JRNgLHpjA31dYnYEYwouMF08SHkVBGNce2MHY1xuYQY1BDk2UDwVbmFwYl1+fQZ1GHZi HTTP/1.1
Host: dv663fc06d35i.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lingrethertantin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 619
date: Sun, 03 Dec 2023 23:01:08 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 7yes_aN4T9Edrlf6UmFrBDwhKsDBGtRfLGaglAfyi0q-LtkQkKjSRA==
X-Firefox-Spdy: h2

datatechone.com/log/add?cid=099bff94-57af-4b2b-a42c-300c65c51697

139.45.195.253

200 OK

2 B

URL POST HTTP/1.1
datatechone.com/log/add?cid=099bff94-57af-4b2b-a42c-300c65c51697
IP
139.45.195.253:443
ASN
#9002 RETN Limited

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerSectigo Limited
Subjectdatatechone.com
Fingerprint8E:B7:22:E4:97:95:3C:60:FC:7C:41:39:A6:B7:B7:E2:48:B2:D0:18
ValiditySun, 18 Dec 2022 00:00:00 GMT - Sun, 24 Dec 2023 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /log/add?cid=099bff94-57af-4b2b-a42c-300c65c51697 HTTP/1.1
Host: datatechone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1380
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sun, 03 Dec 2023 23:01:08 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://upfilesurls.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

dv663fc06d35i.cloudfront.net/qODFDWFhbXi0+Z0xYJ2VpCABzbmkPFykrN1ZBfh0hegMraQJvQTkMaA1yZSwiXAxzfjRZXyRlfl1fIGVpHlAnOmUMFzcoN1MMNzE2Slk6Pi5WSGUtOQVcLCIxVF0ifWp+BG1ofQoBay8xVlUsLysdA3M2LB0Dc2loFgFmaxodA3MvMVYHd31rehRxaCAOBW-ZrGh0DcyouHQICaWgNH3NxfQoBJD07U15mah4KAXJoaAkBcn1qCFcqKj1eXjt9an4Ac212CBc2ZWk

143.204.42.28

526 B

URL
dv663fc06d35i.cloudfront.net/qODFDWFhbXi0+Z0xYJ2VpCABzbmkPFykrN1ZBfh0hegMraQJvQTkMaA1yZSwiXAxzfjRZXyRlfl1fIGVpHlAnOmUMFzcoN1MMNzE2Slk6Pi5WSGUtOQVcLCIxVF0ifWp+BG1ofQoBay8xVlUsLysdA3M2LB0Dc2loFgFmaxodA3MvMVYHd31rehRxaCAOBW-ZrGh0DcyouHQICaWgNH3NxfQoBJD07U15mah4KAXJoaAkBcn1qCFcqKj1eXjt9an4Ac212CBc2ZWk
IP
143.204.42.28:0
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
ASCII text, with very long lines (734), with no line terminators
Size
526 B (526 bytes)
Hash
303548a014feb8418274374c84f14165
656316c4444bc33c4bac63c69b7520e0d0fd2b54
fb96875e854bade339e4f5a8690c815d620043ca127e5f2a41ed82af3880b32f

HTTP Headers

GET /qODFDWFhbXi0+Z0xYJ2VpCABzbmkPFykrN1ZBfh0hegMraQJvQTkMaA1yZSwiXAxzfjRZXyRlfl1fIGVpHlAnOmUMFzcoN1MMNzE2Slk6Pi5WSGUtOQVcLCIxVF0ifWp+BG1ofQoBay8xVlUsLysdA3M2LB0Dc2loFgFmaxodA3MvMVYHd31rehRxaCAOBW-ZrGh0DcyouHQICaWgNH3NxfQoBJD07U15mah4KAXJoaAkBcn1qCFcqKj1eXjt9an4Ac212CBc2ZWk HTTP/1.1
Host: dv663fc06d35i.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lingrethertantin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 526
date: Sun, 03 Dec 2023 23:01:08 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: mpa5bLsqJtXGfoyOU0odbupB3IsjjdqTjw_5JhLD-BldFWKpNd4Jfw==
X-Firefox-Spdy: h2

live.demand.supply/x/e.js?ce=fs&dsReferer=dXBmaWxlc3VybHMuY29tL3d3UmZIeg==

104.16.133.22

200 OK

0 B

URL HEAD HTTP/3
live.demand.supply/x/e.js?ce=fs&dsReferer=dXBmaWxlc3VybHMuY29tL3d3UmZIeg==
IP
104.16.133.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /x/e.js?ce=fs&dsReferer=dXBmaWxlc3VybHMuY29tL3d3UmZIeg== HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 03 Dec 2023 23:01:08 GMT
content-type: application/javascript; charset=UTF-8
content-length: 1
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=2
etag: "901b70ae40b5b064aef6259e869a717e-ssl"
strict-transport-security: max-age=31536000
x-nf-request-id: 01HEWCA4FYGBGVP04DSNK46G58
cf-cache-status: HIT
age: 1016798
accept-ranges: bytes
set-cookie: __cf_bm=Fkp_el.2SN9uytHna9fclUEgrL75KYjXpbBN_rau95k-1701644468-0-AU9BHdMfhtqCTq5Uyjwdw9DU3egOi2vm4aTNWmwrLEmIRuW6RE6nDnCdQC1TaRJB+sTn5DPK2twbJpWl9M2uUvU=; path=/; expires=Sun, 03-Dec-23 23:31:08 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff6e074ac256a4-OSL
alt-svc: h3=":443"; ma=86400

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube

173.194.73.84

302 Found

0 B

URL GET HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
173.194.73.84:443
ASN
#15169 GOOGLE

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint1E:A9:E1:96:78:1D:08:FC:96:C8:C2:34:4F:02:D3:3D:FA:9A:D2:6B
ValidityMon, 23 Oct 2023 11:25:04 GMT - Mon, 15 Jan 2024 11:25:03 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:3t6rrSWW_65tjV8KTcVPGnMrREgofw:qgzC_jPYcX_-d4xk; Expires=Tue, 02-Dec-2025 23:01:08 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 03 Dec 2023 23:01:08 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp2t1-MujReJCjDPuF5RDRfUnbEbTB3z6MHtAVhKXZ9A1CpLnrJ6jp_FJCcb2mzzyTL3xqLveA
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-8_Lvb9ttvu0a2GkI_m7BKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: unsafe-none
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

lingrethertantin.com/utx?cb=BhMgKrtIzq1K&top=upfilesurls.com&tid=1010617

52.85.242.19

204 No Content

0 B

URL GET HTTP/2
lingrethertantin.com/utx?cb=BhMgKrtIzq1K&top=upfilesurls.com&tid=1010617
IP
52.85.242.19:443
ASN
#16509 AMAZON-02

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerAmazon
Subjectlingrethertantin.com
Fingerprint05:43:5F:62:44:4A:F8:16:0D:0E:1F:DC:05:AA:39:FF:6E:4C:56:B8
ValidityMon, 27 Nov 2023 00:00:00 GMT - Wed, 25 Dec 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /utx?cb=BhMgKrtIzq1K&top=upfilesurls.com&tid=1010617 HTTP/1.1
Host: lingrethertantin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Sun, 03 Dec 2023 23:01:08 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://upfilesurls.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 03 Dec 2023 23:02:08 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 a62f7ce6b39c676fcfdde0f9a6fcf08e.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: yNOktWF_rDQ3juoyCDlW3Zq_Io7KaFT3UCH2mXGwiW0ifgreHlH0bQ==
X-Firefox-Spdy: h2

upfilesurls.com/cdn-cgi/challenge-platform/h/b/jsd/r/82ff6dfb0db3b50c

104.26.9.138

200 OK

1 B

URL POST HTTP/2
upfilesurls.com/cdn-cgi/challenge-platform/h/b/jsd/r/82ff6dfb0db3b50c
IP
104.26.9.138:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
FingerprintC4:06:EA:F3:4B:AA:F0:43:B3:17:05:E3:66:A4:76:2C:54:9D:91:CF
ValidityMon, 20 Nov 2023 19:51:53 GMT - Sun, 18 Feb 2024 19:51:52 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
eccbc87e4b5ce2fe28308fd9f2a7baf3
77de68daecd823babbb58edb1c8e14d7106e83bb
4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/jsd/r/82ff6dfb0db3b50c HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12189
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/wwRfHz
Cookie: XSRF-TOKEN=eyJpdiI6IlRMNHM1dEMvcjJkK1d5QWlqYkY3T2c9PSIsInZhbHVlIjoiMjh3MVA5S1NpMUpzR1d1cFllWXc3aW9qYXFXNzduKzFTaXIyVitROFNrK2FYT3VJUjJ2emVpNTdCRGpLV1lKOWt5R2s3VHN0bm9NNUFFVUJsb3dYSHFUeVNMdnhXcGpFZm9nWDZXQ2VKR2FKeXJoZHJUY0YrVCtwMG8xR0pKM0oiLCJtYWMiOiIwOTAzYTAyNzk2N2ZkZDg1M2QzY2RkYTY5YWUyMmU0OGNjMzU4MDRjMjQyNTIzNjc1NTdmOGM1ZDQyMzlmZTlkIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6IjA5bVBWYkc1RFd6Y1h3NUUrYVdzVWc9PSIsInZhbHVlIjoiMjdBSHZYOWptV083L2dQcmxPeW5OVGpmZGZlQnRIR3c2Vmk4dGdxZGJoNkFlZkFsbFZ0dUZNUTZFZEtwcldjRldHdmxzR3dBNzVyRTdycWZzdzVSTzVzNklSL2JMSWFEN09BWnJWVC9mWEtDVzB3UmdwbWNJb0NHQUNLUWN5THIiLCJtYWMiOiI5ZjQ5OTdmMWRlYjkyYmY4NmUxMGIxZDlhNjg5MjU5ODdhYmFkYTQ4N2MwMjk3NzE3OWYxMzBiOTYwZWMwOGYxIiwidGFnIjoiIn0%3D; ab=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:01:08 GMT
content-type: text/plain; charset=UTF-8
set-cookie: cf_clearance=01z0XZtA1cpQ75lzHvMiZARRenAvW0RMXXdRvw4zgaY-1701644468-0-1-730ca2d2.57dbd4fb.240dfd32-0.2.1701644468; path=/; expires=Mon, 02-Dec-24 23:01:08 GMT; domain=.upfilesurls.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pM3XtL29Nil22ifVj8YEYA36RWOYTmVXWy%2BUjLad23DlxXkpE1zFTka19V5qgzaMunN5ES1oFCN56Jj%2B3R6M5ifjK0%2FLB0F5L2m5Rh0UsC%2FP3wWEltTr6gAZG5d80XSgwg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ff6e074d0fb50c-OSL
content-encoding: br
X-Firefox-Spdy: h2

pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

216.58.211.2

200 OK

0 B

URL HEAD HTTP/2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP
216.58.211.2:443
ASN
#15169 GOOGLE

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint6C:2A:75:F2:3F:EF:4F:43:B1:8D:C3:B7:E9:2E:4A:EF:40:6A:FC:92
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 03 Dec 2023 23:01:08 GMT
expires: Sun, 03 Dec 2023 23:01:08 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 1085910690365100674
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 52711
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

upfilesurls.com/img/logo.svg

104.26.9.138

200 OK

6.0 kB

URL GET HTTP/2
upfilesurls.com/img/logo.svg
IP
104.26.9.138:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
FingerprintC4:06:EA:F3:4B:AA:F0:43:B3:17:05:E3:66:A4:76:2C:54:9D:91:CF
ValidityMon, 20 Nov 2023 19:51:53 GMT - Sun, 18 Feb 2024 19:51:52 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1361)
Size
6.0 kB (5979 bytes)
Hash
1e28749acbd90e7e99a883c1890327cd
638b4525d3f0ed776db136ca1025a8961f46c9e0
d526da1f4d4af45cefd2a0d140abec2beddc3150d13c47d3de893eaa278a369d

HTTP Headers

GET /img/logo.svg HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/wwRfHz
Cookie: XSRF-TOKEN=eyJpdiI6IlRMNHM1dEMvcjJkK1d5QWlqYkY3T2c9PSIsInZhbHVlIjoiMjh3MVA5S1NpMUpzR1d1cFllWXc3aW9qYXFXNzduKzFTaXIyVitROFNrK2FYT3VJUjJ2emVpNTdCRGpLV1lKOWt5R2s3VHN0bm9NNUFFVUJsb3dYSHFUeVNMdnhXcGpFZm9nWDZXQ2VKR2FKeXJoZHJUY0YrVCtwMG8xR0pKM0oiLCJtYWMiOiIwOTAzYTAyNzk2N2ZkZDg1M2QzY2RkYTY5YWUyMmU0OGNjMzU4MDRjMjQyNTIzNjc1NTdmOGM1ZDQyMzlmZTlkIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6IjA5bVBWYkc1RFd6Y1h3NUUrYVdzVWc9PSIsInZhbHVlIjoiMjdBSHZYOWptV083L2dQcmxPeW5OVGpmZGZlQnRIR3c2Vmk4dGdxZGJoNkFlZkFsbFZ0dUZNUTZFZEtwcldjRldHdmxzR3dBNzVyRTdycWZzdzVSTzVzNklSL2JMSWFEN09BWnJWVC9mWEtDVzB3UmdwbWNJb0NHQUNLUWN5THIiLCJtYWMiOiI5ZjQ5OTdmMWRlYjkyYmY4NmUxMGIxZDlhNjg5MjU5ODdhYmFkYTQ4N2MwMjk3NzE3OWYxMzBiOTYwZWMwOGYxIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:01:07 GMT
content-type: image/svg+xml
last-modified: Fri, 08 Apr 2022 10:55:45 GMT
vary: Accept-Encoding
etag: W/"625014b1-56e8"
cache-control: max-age=2592000
cf-cache-status: HIT
age: 488514
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xYQ2bXhQoJEXiamensVy%2FATZxZId46Ho5zXbrX0dWm9FxUKFf3j0SixSpmeENbDX5h6bXFhTZeSO%2B%2Ft7Egl2P7eB8RXxnRu1r6EQqa1akjHSW5VLwemvBof%2BD7vp2JYAcw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ff6dff681bb50c-OSL
content-encoding: br
X-Firefox-Spdy: h2

live.demand.supply/e/e.js?r=upfilesurls.com_auto_interstitial_desktop&sn=1&ific=true&e=iar2&dsReferer=dXBmaWxlc3VybHMuY29tL3d3UmZIeg==

104.16.133.22

200 OK

0 B

URL HEAD HTTP/3
live.demand.supply/e/e.js?r=upfilesurls.com_auto_interstitial_desktop&sn=1&ific=true&e=iar2&dsReferer=dXBmaWxlc3VybHMuY29tL3d3UmZIeg==
IP
104.16.133.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /e/e.js?r=upfilesurls.com_auto_interstitial_desktop&sn=1&ific=true&e=iar2&dsReferer=dXBmaWxlc3VybHMuY29tL3d3UmZIeg== HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 03 Dec 2023 23:01:08 GMT
content-type: application/javascript; charset=UTF-8
content-length: 1
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=2
etag: "4de2110991f3807e8b4a19c48c14f2d1-ssl"
strict-transport-security: max-age=31536000
x-nf-request-id: 01HEQ11YQH5NDF00RQZ2ZRCY60
cf-cache-status: HIT
age: 1010740
accept-ranges: bytes
set-cookie: __cf_bm=yXrf74xW3NZOloXQDv3gvL5Ih5fOAjGsloN0oq6o4To-1701644468-0-Adqa7bscoBk73Xw33GV/5XcPO68wKEULgNW4DmdYKpzmNAu2XrkoALBo6E8D1y8vpl0UnvwcJGyIjIAP/8eikl0=; path=/; expires=Sun, 03-Dec-23 23:31:08 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff6e0a3d2356a4-OSL
alt-svc: h3=":443"; ma=86400

dv663fc06d35i.cloudfront.net/?dcfvd=1010617

143.204.42.28

200 OK

103 kB

URL GET HTTP/2
dv663fc06d35i.cloudfront.net/?dcfvd=1010617
IP
143.204.42.28:443
ASN
#16509 AMAZON-02

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (15945)
Size
103 kB (102715 bytes)
Hash
0bcb2a7e3509a4bd78af392074a76095
1fdb70ed8bcf2191ddb65bd17d92a502b1a10bcd
c162f12e0bb24b5ffaaa87c634fcfc429601f5e21d2d36e5f86785b13978a642

HTTP Headers

GET /?dcfvd=1010617 HTTP/1.1
Host: dv663fc06d35i.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 102715
date: Sun, 03 Dec 2023 23:01:08 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://upfilesurls.com
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: I9eHLnQ4XA9fuOUuKeTR8j86w7-0V7B9rHdkSw7j4hqgsKpI8yr98Q==
X-Firefox-Spdy: h2

pogothere.xyz/

188.114.96.1

521 No Reason Phrase

6.8 kB

URL GET HTTP/2
pogothere.xyz/
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (394)
Size
6.8 kB (6815 bytes)
Hash
caae00366f8ccf7fd5d3ee1fb14eb9e5
b887e1915b30b6e713b02e5f424264b3676d86e3
72a02af2a2af2c008972726cad982733a189df19833d6af63c47dcb5f2922b9a

HTTP Headers

GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 521 No Reason Phrase
date: Sun, 03 Dec 2023 23:01:08 GMT
content-type: text/html; charset=UTF-8
content-length: 6815
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L51Hg5E9HtTZyM9vfJd%2F1Q70bejg4yEXg4k7mcdnK6DD5F9vUyA1moYAIucE61xDIbyt6Y8S2AXfBrfSqFRGkbR7DqLKMH3uh%2BC%2BvPz85mS%2F8UBeY1twBpLoNr4ZlXD8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
server: cloudflare
cf-ray: 82ff6e0a290056bd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

pogothere.xyz/

188.114.96.1

521 No Reason Phrase

6.8 kB

URL GET HTTP/2
pogothere.xyz/
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (394)
Size
6.8 kB (6815 bytes)
Hash
067018ba2d180466770d21c7ad148a57
6257890fe49cd32824788a4d0cd76b96be21013c
dde823e79029b80003d8ae2a3369adb044c7353539f3920fdbd86a65dde5c05a

HTTP Headers

GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 521 No Reason Phrase
date: Sun, 03 Dec 2023 23:01:08 GMT
content-type: text/html; charset=UTF-8
content-length: 6815
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hpJ63h8vGozlx5E3BlzDyIBUi%2BszFsG13jFzWJtbWYYjrpdJpfV44hDWMnuVmHMa6wATMH0ZTAsLv0qawhv5kRyeqwU%2BRXVowbjwrL0Gic3s1y7VLyaHV%2BkwtuUDDFZw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
server: cloudflare
cf-ray: 82ff6e0a391356bd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

live.demand.supply/e/e.js?r=upfilesurls.com_fluid_lb%2Bsq_firstpageafterbutton_1&e=empdr&dsReferer=dXBmaWxlc3VybHMuY29tL3d3UmZIeg==

104.16.133.22

200 OK

0 B

URL HEAD HTTP/3
live.demand.supply/e/e.js?r=upfilesurls.com_fluid_lb%2Bsq_firstpageafterbutton_1&e=empdr&dsReferer=dXBmaWxlc3VybHMuY29tL3d3UmZIeg==
IP
104.16.133.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /e/e.js?r=upfilesurls.com_fluid_lb%2Bsq_firstpageafterbutton_1&e=empdr&dsReferer=dXBmaWxlc3VybHMuY29tL3d3UmZIeg== HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 03 Dec 2023 23:01:09 GMT
content-type: application/javascript; charset=UTF-8
content-length: 1
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=2
etag: "4de2110991f3807e8b4a19c48c14f2d1-ssl"
strict-transport-security: max-age=31536000
x-nf-request-id: 01HEQ11YQH5NDF00RQZ2ZRCY60
cf-cache-status: HIT
age: 1010741
accept-ranges: bytes
set-cookie: __cf_bm=2FcMtJp7FIYFQNIYHfeOsAhZT0Dpa4IH7DTTWLwkH.M-1701644469-0-Acn0tQdL9cInisUVW9ebQpqFli57WmsPSX0Z9niQ3fBpfh/UE8WwEJnxJzu++VPawyX6MJn2frj90G4wGekxp7g=; path=/; expires=Sun, 03-Dec-23 23:31:09 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff6e0c7f3656a4-OSL
alt-svc: h3=":443"; ma=86400

live.demand.supply/e/e.js?r=upfilesurls.com_fluid_sq_firstpageaftertitle_1&e=empdr&dsReferer=dXBmaWxlc3VybHMuY29tL3d3UmZIeg==

104.16.133.22

200 OK

0 B

URL HEAD HTTP/3
live.demand.supply/e/e.js?r=upfilesurls.com_fluid_sq_firstpageaftertitle_1&e=empdr&dsReferer=dXBmaWxlc3VybHMuY29tL3d3UmZIeg==
IP
104.16.133.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /e/e.js?r=upfilesurls.com_fluid_sq_firstpageaftertitle_1&e=empdr&dsReferer=dXBmaWxlc3VybHMuY29tL3d3UmZIeg== HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 03 Dec 2023 23:01:09 GMT
content-type: application/javascript; charset=UTF-8
content-length: 1
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=2
etag: "4de2110991f3807e8b4a19c48c14f2d1-ssl"
strict-transport-security: max-age=31536000
x-nf-request-id: 01HEQ11YQH5NDF00RQZ2ZRCY60
cf-cache-status: HIT
age: 1010741
accept-ranges: bytes
set-cookie: __cf_bm=2GCs_WupXXaKcCvlP1TsMmp8UeoGZhQd0PB9RDkLysg-1701644469-0-AVjBfxDOGK2yfliKBPjV363TVCf2p4tl8VrzzLYfPZwxR9vLxb0S0PJyCiq4nmXBDhiY3dCEj5G5kdMmGKMSYnA=; path=/; expires=Sun, 03-Dec-23 23:31:09 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff6e0c7f2f56a4-OSL
alt-svc: h3=":443"; ma=86400

live.demand.supply/e/e.js?r=upfilesurls.com_fluid_lb%2Bsq_firstpagebeforetitle_1&e=empdr&dsReferer=dXBmaWxlc3VybHMuY29tL3d3UmZIeg==

104.16.133.22

200 OK

0 B

URL HEAD HTTP/3
live.demand.supply/e/e.js?r=upfilesurls.com_fluid_lb%2Bsq_firstpagebeforetitle_1&e=empdr&dsReferer=dXBmaWxlc3VybHMuY29tL3d3UmZIeg==
IP
104.16.133.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /e/e.js?r=upfilesurls.com_fluid_lb%2Bsq_firstpagebeforetitle_1&e=empdr&dsReferer=dXBmaWxlc3VybHMuY29tL3d3UmZIeg== HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 03 Dec 2023 23:01:09 GMT
content-type: application/javascript; charset=UTF-8
content-length: 1
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=2
etag: "4de2110991f3807e8b4a19c48c14f2d1-ssl"
strict-transport-security: max-age=31536000
x-nf-request-id: 01HEQ11YQH5NDF00RQZ2ZRCY60
cf-cache-status: HIT
age: 1010741
accept-ranges: bytes
set-cookie: __cf_bm=hgJeGm686_d3Tlxb_Zn_p1zEt4Wm4J4zLPXb590HaxU-1701644469-0-AWxXd+Wp1ZvzncZq6HInELKlhlsLqRvYkpRNdaCQn/dU7IkPxtacyq+0QEuLC3oUrIFIa+Y/cTpZ9MkQuBqsi3g=; path=/; expires=Sun, 03-Dec-23 23:31:09 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff6e0c7f3a56a4-OSL
alt-svc: h3=":443"; ma=86400

accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASKXGp07mZ8WHGVRT92bsvRODj5Kf_ZhiNURP5qjEcZUeeLP7YkrMZsuXh5bfxc6dhryT6TGR8_2sw

173.194.73.84

302 Found

400 B

URL GET HTTP/3
accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASKXGp07mZ8WHGVRT92bsvRODj5Kf_ZhiNURP5qjEcZUeeLP7YkrMZsuXh5bfxc6dhryT6TGR8_2sw
IP
173.194.73.84:443
ASN
#15169 GOOGLE

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (395)
Size
400 B (400 bytes)
Hash
1eae950fe0b103a20f46f7221f246b54
f6f1660e8426b3a0ff80ae7334d92168689dbc81
1f8d5dacc640def926a9133b2af3fb2856a495a067766309a7ddf22c76ec0e91

HTTP Headers

GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASKXGp07mZ8WHGVRT92bsvRODj5Kf_ZhiNURP5qjEcZUeeLP7YkrMZsuXh5bfxc6dhryT6TGR8_2sw HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:oAE_Wmsw98YjbYOa-t0oo0WzAcNhug:MY2yM2LAzwVogXWI;Path=/;Expires=Tue, 02-Dec-2025 23:01:09 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 03 Dec 2023 23:01:09 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp2kXECatIClzKaqyiX-GA3lVq15T1bf135FOcAaidzB_kNpnZokadF2JwIR-zmEeZwxuxUXIw&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1342789025%3A1701644469316415&theme=glif
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: script-src 'nonce-tZ7PRKIcuOYStReQde2xxA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 400
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp2t1-MujReJCjDPuF5RDRfUnbEbTB3z6MHtAVhKXZ9A1CpLnrJ6jp_FJCcb2mzzyTL3xqLveA

173.194.73.84

302 Found

407 B

URL GET HTTP/3
accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp2t1-MujReJCjDPuF5RDRfUnbEbTB3z6MHtAVhKXZ9A1CpLnrJ6jp_FJCcb2mzzyTL3xqLveA
IP
173.194.73.84:443
ASN
#15169 GOOGLE

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (399)
Size
407 B (407 bytes)
Hash
3fd69f13d3a03aa306e80ef63c28dff6
2703f57e229a05bf9a2a804d7d2447e4b86e7337
48533009b0bdcc44a2af4057923cfb2a1b35f0b0a846fcac133a4b96a380e2ab

HTTP Headers

GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp2t1-MujReJCjDPuF5RDRfUnbEbTB3z6MHtAVhKXZ9A1CpLnrJ6jp_FJCcb2mzzyTL3xqLveA HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:pA8N--U36q6JkLHD2VJdeAva37gZvg:vQ7ekrbq9rhvEAe4;Path=/;Expires=Tue, 02-Dec-2025 23:01:09 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 03 Dec 2023 23:01:09 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp3V9oV6JfQWcPm-HOLykqf2iy05tS3puijdZgmauKjrcV6wnKBJYL-6UKV55jQUgjn4DyKtpw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1007082092%3A1701644469313430&theme=glif
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-S8R7yJHI7I9e-BsTHA8Adg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 407
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js

142.250.74.35

200 OK

191 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (563)
Size
191 kB (190682 bytes)
Hash
23b9dd721490a4062ba8d01454ef6ba9
efdbb7331585411f7d397dacbf51fd3e95f3031d
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7

HTTP Headers

GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 190682
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 03 Dec 2023 11:52:30 GMT
expires: Mon, 02 Dec 2024 11:52:30 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 40119
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

216.58.211.2

200 OK

0 B

URL HEAD HTTP/2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP
216.58.211.2:443
ASN
#15169 GOOGLE

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint6C:2A:75:F2:3F:EF:4F:43:B1:8D:C3:B7:E9:2E:4A:EF:40:6A:FC:92
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 03 Dec 2023 23:01:09 GMT
expires: Sun, 03 Dec 2023 23:01:09 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 16210260977147890670
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 52704
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp2kXECatIClzKaqyiX-GA3lVq15T1bf135FOcAaidzB_kNpnZokadF2JwIR-zmEeZwxuxUXIw&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1342789025%3A1701644469316415&theme=glif

173.194.73.84

403 Forbidden

807 B

URL GET HTTP/3
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp2kXECatIClzKaqyiX-GA3lVq15T1bf135FOcAaidzB_kNpnZokadF2JwIR-zmEeZwxuxUXIw&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1342789025%3A1701644469316415&theme=glif
IP
173.194.73.84:443
ASN
#15169 GOOGLE

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1644), with no line terminators
Size
807 B (807 bytes)
Hash
d4cf271f60fcf954cc7c3d0dfd2d547c
d56c06d001e5b528a588b648491d485c12674900
c6263a52b0ec0ccbbab98d2b459031f2babf3b1bf489860ba168d9e010a05e93

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp2kXECatIClzKaqyiX-GA3lVq15T1bf135FOcAaidzB_kNpnZokadF2JwIR-zmEeZwxuxUXIw&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1342789025%3A1701644469316415&theme=glif HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 03 Dec 2023 23:01:09 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-N6I63DXU60O5fdbAkGTCGw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:13:56 GMT
expires: Thu, 28 Nov 2024 21:13:56 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 352031
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

api.demand.supply/v17-21-0/a/upfilesurls.com_fluid_lb+sq_firstpagebeforetitle_1?&dsReferer=dXBmaWxlc3VybHMuY29tL3d3UmZIeg==

104.16.133.22

200 OK

383 B

URL GET HTTP/3
api.demand.supply/v17-21-0/a/upfilesurls.com_fluid_lb+sq_firstpagebeforetitle_1?&dsReferer=dXBmaWxlc3VybHMuY29tL3d3UmZIeg==
IP
104.16.133.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (453), with no line terminators
Size
383 B (383 bytes)
Hash
d6d78a640d089e7bc2e8760c78e83623
8dbd9ee0831bb10555e72755e2780903140f73c1
e5e01977b303f95e2f7a3540198ee95d5827d7ae459fdb9c9843fd67f494a2ec

HTTP Headers

GET /v17-21-0/a/upfilesurls.com_fluid_lb+sq_firstpagebeforetitle_1?&dsReferer=dXBmaWxlc3VybHMuY29tL3d3UmZIeg== HTTP/1.1
Host: api.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 03 Dec 2023 23:01:08 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
etag: W/"17f-D2zTrmEkTfDGkpUrecAG5i5KHlY"
cf-cache-status: HIT
age: 6389
set-cookie: __cf_bm=j5Ps5JYF4QW_tVqDZ6H18seK25mV14ILfdvCvt2.pEU-1701644468-0-AepmoBM0d7GFARz/5skRDqBJ68rLhe8YMJ+UUXdAudNXB7k+Lmdxu0dL24jJHzZC+NSFui+8LA5tDXStunWoqu8=; path=/; expires=Sun, 03-Dec-23 23:31:08 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff6e088b9956a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cdntechone.com/stattag.js

188.114.97.1

200 OK

19 kB

URL GET HTTP/2
cdntechone.com/stattag.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint22:B1:48:87:A8:EF:B2:9B:65:EB:D6:C6:FD:8D:EF:A7:A7:DE:52:29
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (18335)
Size
19 kB (18985 bytes)
Hash
8ec0c661780569e42736cfc20e4c69d7
0d857c9b9813975179cf323a344c934bcae598c6
38831e62c2e99f2f64b0352f13ef7daaa7c97e31dac314bb52caa89a6a7f58f5

HTTP Headers

GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:01:07 GMT
content-type: application/javascript
last-modified: Thu, 07 Sep 2023 08:19:46 GMT
etag: W/"64f987a2-4a29"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 3076
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3nS9yf6hpdtIwVabls0VDq96pSIcBrI4WwyKehQVs%2BG8Owb32ZY749SfTKawJJaK91o6qWxWjZ11Vml2DAqcMfc9MWS9oyLAWhOXeCKu6TB1MNXyC8EClaN6Axo34j9dmA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff6e021b1a1c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

pogothere.xyz/asd100.bin

188.114.96.1

200 OK

102 kB

URL GET HTTP/2
pogothere.xyz/asd100.bin
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT

File type
data
Size
102 kB (102400 bytes)
Hash
4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

HTTP Headers

GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:01:08 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://upfilesurls.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 6652
last-modified: Sun, 03 Dec 2023 21:10:16 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IyyUCfF6h%2FxQQugUDmdkz3oSSQLoBsXOx4nM3BpcedNxuqrOL6ArKBPwhH3eYBkaafoK2BB04WuxQDTJmRzohlKq4ChFwnwKis8QaQDCyQrCBfE2zf6XOyEWrmXEjTqG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff6e0a28fb56bd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail

173.194.73.84

302 Found

0 B

URL GET HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
173.194.73.84:443
ASN
#15169 GOOGLE

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint1E:A9:E1:96:78:1D:08:FC:96:C8:C2:34:4F:02:D3:3D:FA:9A:D2:6B
ValidityMon, 23 Oct 2023 11:25:04 GMT - Mon, 15 Jan 2024 11:25:03 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:IlICJSHDgMS3CEAGQZf0TyFcKE4lsg:g5upuQZ9I17GhKxc; Expires=Tue, 02-Dec-2025 23:01:08 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 03 Dec 2023 23:01:08 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASKXGp07mZ8WHGVRT92bsvRODj5Kf_ZhiNURP5qjEcZUeeLP7YkrMZsuXh5bfxc6dhryT6TGR8_2sw
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-bVu35FTBpYk_sH9mWMEpdA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ldrenandthe.org/popunder.gif

172.67.194.104

200 OK

35 B

URL GET HTTP/3
ldrenandthe.org/popunder.gif
IP
172.67.194.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerGoogle Trust Services LLC
Subjectldrenandthe.org
FingerprintB1:E1:DF:C0:4E:E7:2F:9B:70:DF:D1:CA:75:2B:47:98:1B:CC:5F:BB
ValidityWed, 29 Nov 2023 06:03:19 GMT - Tue, 27 Feb 2024 06:03:18 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

HTTP Headers

GET /popunder.gif HTTP/1.1
Host: ldrenandthe.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 03 Dec 2023 23:01:09 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 202539
last-modified: Fri, 01 Dec 2023 14:45:30 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pG%2FDIIj6oT5TrzdIuPkfhFJwpKffi90JBuMZQsK%2Blz2wO0GsHa1j07MGuGwzmJ67saQ38qetmAgjoH6r34MdYqAsTIOU2H%2BFeOehlodV7qRTpBstwhFAWrIIeJbsjb3z%2B0M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff6e0c993156b5-OSL
alt-svc: h3=":443"; ma=86400

upfilesurls.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js

104.26.9.138

200 OK

7.3 kB

URL GET HTTP/2
upfilesurls.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
IP
104.26.9.138:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
FingerprintC4:06:EA:F3:4B:AA:F0:43:B3:17:05:E3:66:A4:76:2C:54:9D:91:CF
ValidityMon, 20 Nov 2023 19:51:53 GMT - Sun, 18 Feb 2024 19:51:52 GMT

File type
ASCII text, with very long lines (7317), with no line terminators
Size
7.3 kB (7317 bytes)
Hash
669a4e956a898797250c7565262fac7d
7187e9af413033a1c91dc24356b7787382b710d3
688a6c736d0ffe193c463e10b7637f85c0cb0fb2b1f60326993b4d560541dc6e

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlRMNHM1dEMvcjJkK1d5QWlqYkY3T2c9PSIsInZhbHVlIjoiMjh3MVA5S1NpMUpzR1d1cFllWXc3aW9qYXFXNzduKzFTaXIyVitROFNrK2FYT3VJUjJ2emVpNTdCRGpLV1lKOWt5R2s3VHN0bm9NNUFFVUJsb3dYSHFUeVNMdnhXcGpFZm9nWDZXQ2VKR2FKeXJoZHJUY0YrVCtwMG8xR0pKM0oiLCJtYWMiOiIwOTAzYTAyNzk2N2ZkZDg1M2QzY2RkYTY5YWUyMmU0OGNjMzU4MDRjMjQyNTIzNjc1NTdmOGM1ZDQyMzlmZTlkIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6IjA5bVBWYkc1RFd6Y1h3NUUrYVdzVWc9PSIsInZhbHVlIjoiMjdBSHZYOWptV083L2dQcmxPeW5OVGpmZGZlQnRIR3c2Vmk4dGdxZGJoNkFlZkFsbFZ0dUZNUTZFZEtwcldjRldHdmxzR3dBNzVyRTdycWZzdzVSTzVzNklSL2JMSWFEN09BWnJWVC9mWEtDVzB3UmdwbWNJb0NHQUNLUWN5THIiLCJtYWMiOiI5ZjQ5OTdmMWRlYjkyYmY4NmUxMGIxZDlhNjg5MjU5ODdhYmFkYTQ4N2MwMjk3NzE3OWYxMzBiOTYwZWMwOGYxIiwidGFnIjoiIn0%3D; ab=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:01:08 GMT
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
vary: accept-encoding
cache-control: max-age=14400, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BcgaVpyEkTgZmm3nqT8j6JTuFCUFEySuFGvsOBIjVBMbyHE66Ud0uqgIp3pufUFtUYWu%2FvCP%2FhEt0vgnVS1i2qSHavqKLTsEuAchcDGtyZyWUtR%2BdE38DFIf3xbCXi1CMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ff6e05ec33b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2

api.demand.supply/v17-21-0/a/upfilesurls.com_fluid_lb+sq_firstpageafterbutton_1?&dsReferer=dXBmaWxlc3VybHMuY29tL3d3UmZIeg==

104.16.133.22

200 OK

384 B

URL GET HTTP/3
api.demand.supply/v17-21-0/a/upfilesurls.com_fluid_lb+sq_firstpageafterbutton_1?&dsReferer=dXBmaWxlc3VybHMuY29tL3d3UmZIeg==
IP
104.16.133.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (454), with no line terminators
Size
384 B (384 bytes)
Hash
6a516a571262c4654d9eab34301d1515
9ccb6808ebfb6e453c3b988bfd8d40714fa59a4b
cbaf1caf8a19c79bc62881af128df30ad4cc51baa8be83d43ba73ea4ff809fd6

HTTP Headers

GET /v17-21-0/a/upfilesurls.com_fluid_lb+sq_firstpageafterbutton_1?&dsReferer=dXBmaWxlc3VybHMuY29tL3d3UmZIeg== HTTP/1.1
Host: api.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 03 Dec 2023 23:01:08 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
etag: W/"180-zVsQzGRzZMcIV7o1xSR+fj5I8ZI"
cf-cache-status: HIT
age: 6361
set-cookie: __cf_bm=Ir_TqVLOQR7GB8lbJSmp.VFm45PIFuTsna0DJItsKBU-1701644468-0-AVqvmpMP8TbT5NZRqY0p2P3x1Sx1wDmVMtWNMcFYPBz/kGYapbYpp9CUFdRkG0hQEapBwOh/iiD98R5e7q1SHRo=; path=/; expires=Sun, 03-Dec-23 23:31:08 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff6e088b9c56a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

pogothere.xyz/asd100.bin

188.114.96.1

200 OK

102 kB

URL GET HTTP/2
pogothere.xyz/asd100.bin
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT

File type
data
Size
102 kB (102400 bytes)
Hash
4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

HTTP Headers

GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:01:08 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://upfilesurls.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 6652
last-modified: Sun, 03 Dec 2023 21:10:16 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tyn5l4cGM6SzvIsmMh4MTRskN5MGylzwDZvgIFDTV2l1ag6I96xH7JSFRoGvU%2BAgq7uaOPBLR3g%2BKjxo3Irpwf%2Fia99xL9qGo66hLEtNgW8fMnVONZ8op%2BynjfkeFDdk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff6e0a491656bd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

upfilesurls.com/img/faqs-image.svg

104.26.9.138

200 OK

38 kB

URL GET HTTP/2
upfilesurls.com/img/faqs-image.svg
IP
104.26.9.138:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
FingerprintC4:06:EA:F3:4B:AA:F0:43:B3:17:05:E3:66:A4:76:2C:54:9D:91:CF
ValidityMon, 20 Nov 2023 19:51:53 GMT - Sun, 18 Feb 2024 19:51:52 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (4190)
Size
38 kB (38395 bytes)
Hash
a60b7216905928c625ae9592044476cd
e70c5be728c7bd1198100337487aafe126834ca3
9a717285429d468fadc4d25179fc6feb49e6335f3af1675fb6be1cb50e7e8322

HTTP Headers

GET /img/faqs-image.svg HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/wwRfHz
Cookie: XSRF-TOKEN=eyJpdiI6IlRMNHM1dEMvcjJkK1d5QWlqYkY3T2c9PSIsInZhbHVlIjoiMjh3MVA5S1NpMUpzR1d1cFllWXc3aW9qYXFXNzduKzFTaXIyVitROFNrK2FYT3VJUjJ2emVpNTdCRGpLV1lKOWt5R2s3VHN0bm9NNUFFVUJsb3dYSHFUeVNMdnhXcGpFZm9nWDZXQ2VKR2FKeXJoZHJUY0YrVCtwMG8xR0pKM0oiLCJtYWMiOiIwOTAzYTAyNzk2N2ZkZDg1M2QzY2RkYTY5YWUyMmU0OGNjMzU4MDRjMjQyNTIzNjc1NTdmOGM1ZDQyMzlmZTlkIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6IjA5bVBWYkc1RFd6Y1h3NUUrYVdzVWc9PSIsInZhbHVlIjoiMjdBSHZYOWptV083L2dQcmxPeW5OVGpmZGZlQnRIR3c2Vmk4dGdxZGJoNkFlZkFsbFZ0dUZNUTZFZEtwcldjRldHdmxzR3dBNzVyRTdycWZzdzVSTzVzNklSL2JMSWFEN09BWnJWVC9mWEtDVzB3UmdwbWNJb0NHQUNLUWN5THIiLCJtYWMiOiI5ZjQ5OTdmMWRlYjkyYmY4NmUxMGIxZDlhNjg5MjU5ODdhYmFkYTQ4N2MwMjk3NzE3OWYxMzBiOTYwZWMwOGYxIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:01:07 GMT
content-type: image/svg+xml
last-modified: Fri, 13 Jan 2023 13:29:35 GMT
vary: Accept-Encoding
etag: W/"63c15cbf-95fb"
cache-control: max-age=2592000
cf-cache-status: HIT
age: 904712
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t3I6KBMYHNR81emeHHtxS%2BxjB%2B6SeUHOTmMxC%2Be7g2jNu5zRvyCyryKQmmeF8fVELl3EmBw9s%2BUn7IFH%2F5wrRiYhI0D4XtJr7PSu4E2BqYMzfWUfiY5qUBthbHauqfKWow%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ff6dff6821b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2

upfilesurls.com/img/plane.svg

104.26.9.138

200 OK

684 B

URL GET HTTP/2
upfilesurls.com/img/plane.svg
IP
104.26.9.138:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
FingerprintC4:06:EA:F3:4B:AA:F0:43:B3:17:05:E3:66:A4:76:2C:54:9D:91:CF
ValidityMon, 20 Nov 2023 19:51:53 GMT - Sun, 18 Feb 2024 19:51:52 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (701), with no line terminators
Size
684 B (684 bytes)
Hash
8e7c41bde9bc90def2171d239eb22f04
853c0fbf7ca55b313af83201d95d6f6f3d3225ba
9bc4e093793a06ba14d0505710aad5254212125573342fa92c228f873d05bfea

HTTP Headers

GET /img/plane.svg HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/wwRfHz
Cookie: XSRF-TOKEN=eyJpdiI6IlRMNHM1dEMvcjJkK1d5QWlqYkY3T2c9PSIsInZhbHVlIjoiMjh3MVA5S1NpMUpzR1d1cFllWXc3aW9qYXFXNzduKzFTaXIyVitROFNrK2FYT3VJUjJ2emVpNTdCRGpLV1lKOWt5R2s3VHN0bm9NNUFFVUJsb3dYSHFUeVNMdnhXcGpFZm9nWDZXQ2VKR2FKeXJoZHJUY0YrVCtwMG8xR0pKM0oiLCJtYWMiOiIwOTAzYTAyNzk2N2ZkZDg1M2QzY2RkYTY5YWUyMmU0OGNjMzU4MDRjMjQyNTIzNjc1NTdmOGM1ZDQyMzlmZTlkIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6IjA5bVBWYkc1RFd6Y1h3NUUrYVdzVWc9PSIsInZhbHVlIjoiMjdBSHZYOWptV083L2dQcmxPeW5OVGpmZGZlQnRIR3c2Vmk4dGdxZGJoNkFlZkFsbFZ0dUZNUTZFZEtwcldjRldHdmxzR3dBNzVyRTdycWZzdzVSTzVzNklSL2JMSWFEN09BWnJWVC9mWEtDVzB3UmdwbWNJb0NHQUNLUWN5THIiLCJtYWMiOiI5ZjQ5OTdmMWRlYjkyYmY4NmUxMGIxZDlhNjg5MjU5ODdhYmFkYTQ4N2MwMjk3NzE3OWYxMzBiOTYwZWMwOGYxIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:01:07 GMT
content-type: image/svg+xml
last-modified: Fri, 13 Jan 2023 13:29:35 GMT
vary: Accept-Encoding
etag: W/"63c15cbf-2ac"
cache-control: max-age=2592000
cf-cache-status: HIT
age: 335402
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FtPtj5ZgUruFyjU8d1ORIuMJXHfyuXYI9W0Ge7MipNe8WJSEjP2QTJ84znIWgm42SDzpOA68JEvMrYXVtk8BUcJGqkjhXiEJtMzuK%2Fmem22yO7E1UngiewjfZHXBJYxuPA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ff6dff6824b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2

accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp3V9oV6JfQWcPm-HOLykqf2iy05tS3puijdZgmauKjrcV6wnKBJYL-6UKV55jQUgjn4DyKtpw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1007082092%3A1701644469313430&theme=glif

173.194.73.84

403 Forbidden

0 B

URL GET HTTP/3
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp3V9oV6JfQWcPm-HOLykqf2iy05tS3puijdZgmauKjrcV6wnKBJYL-6UKV55jQUgjn4DyKtpw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1007082092%3A1701644469313430&theme=glif
IP
173.194.73.84:443
ASN
#15169 GOOGLE

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp3V9oV6JfQWcPm-HOLykqf2iy05tS3puijdZgmauKjrcV6wnKBJYL-6UKV55jQUgjn4DyKtpw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1007082092%3A1701644469313430&theme=glif HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 03 Dec 2023 23:01:09 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-ReQnVWyRbXb5pF5RlMTIGQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

upfilesurls.com/wwRfHz

104.26.9.138

200 OK

90 kB

URL User Request GET HTTP/2
upfilesurls.com/wwRfHz
IP
104.26.9.138:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
FingerprintC4:06:EA:F3:4B:AA:F0:43:B3:17:05:E3:66:A4:76:2C:54:9D:91:CF
ValidityMon, 20 Nov 2023 19:51:53 GMT - Sun, 18 Feb 2024 19:51:52 GMT

File type

Size
90 kB (89839 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wwRfHz HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkhvQkRxS0FmUUJmYnkweWV2U3Z0aFE9PSIsInZhbHVlIjoidnBIUXJ3ai9WZTNlVTY4ZldMZ2RraGtyaVFhMzR1b1ZSYzdZdkJtVVRUd2ZQVXQxbG5KcUswWnBKdmhSaGk2Rm54cEFNTXRKZGZPeUwrQTZtN29GbHV6Y1RVaGs4Yjc0NzZocUd6enlLanBUVlAvbzBXVWpid09ma0xhVk1TcE8iLCJtYWMiOiI2NTQwOTZhODI4MzJiMzYwYjFiYzAzZjc3NWJjZjViMjA0NDQ3ZTc5NGVlODg1N2JmYzZmNWZmM2E4OTU4YjBlIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6IkRmV2tBdW5acllFemthQzR4NDliMlE9PSIsInZhbHVlIjoieGpZaXlvekxYWmZxWTg0eERCZ2tSSHBmZVpQS2x3MFptN2NPa3BpRjJjZGliTTdZdkFKdUJpaDFHcWVKVFVqcUp4YXZKTG1RUFFiUXhXSjEzMDRYbW9zZFhsTGc0QUxqNDdQQ3lPZWgwQ2Ewb3FhQlpDVENqL21ka2hsRXB6b0giLCJtYWMiOiI1Y2JmZjUxN2M3NzRiNTYxYzBjMzhjZDQzZTFkZDEzYTRlMWVjYWE4OGMwOTFmZWE0NTBlNzlmY2JlM2UwNjA4IiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:01:06 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6IlRMNHM1dEMvcjJkK1d5QWlqYkY3T2c9PSIsInZhbHVlIjoiMjh3MVA5S1NpMUpzR1d1cFllWXc3aW9qYXFXNzduKzFTaXIyVitROFNrK2FYT3VJUjJ2emVpNTdCRGpLV1lKOWt5R2s3VHN0bm9NNUFFVUJsb3dYSHFUeVNMdnhXcGpFZm9nWDZXQ2VKR2FKeXJoZHJUY0YrVCtwMG8xR0pKM0oiLCJtYWMiOiIwOTAzYTAyNzk2N2ZkZDg1M2QzY2RkYTY5YWUyMmU0OGNjMzU4MDRjMjQyNTIzNjc1NTdmOGM1ZDQyMzlmZTlkIiwidGFnIjoiIn0%3D; expires=Sun, 10-Dec-2023 23:01:06 GMT; Max-Age=604800; path=/; samesite=lax
upfiles_session=eyJpdiI6IjA5bVBWYkc1RFd6Y1h3NUUrYVdzVWc9PSIsInZhbHVlIjoiMjdBSHZYOWptV083L2dQcmxPeW5OVGpmZGZlQnRIR3c2Vmk4dGdxZGJoNkFlZkFsbFZ0dUZNUTZFZEtwcldjRldHdmxzR3dBNzVyRTdycWZzdzVSTzVzNklSL2JMSWFEN09BWnJWVC9mWEtDVzB3UmdwbWNJb0NHQUNLUWN5THIiLCJtYWMiOiI5ZjQ5OTdmMWRlYjkyYmY4NmUxMGIxZDlhNjg5MjU5ODdhYmFkYTQ4N2MwMjk3NzE3OWYxMzBiOTYwZWMwOGYxIiwidGFnIjoiIn0%3D; expires=Sun, 10-Dec-2023 23:01:06 GMT; Max-Age=604800; path=/; httponly; samesite=lax
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fIPR%2BLxCiy6d%2BVwBfYJGAl4f9H5NcVz%2F6zabyhHpmt3tNR4UR9RbYih611DrZqghDRET9BaewG4hLXvU6gZPxwp%2BeR%2BqJmN%2FUl9Jp%2F6g85OVKNfAx0%2BndtbmNdPsTjQ4vQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ff6dfb0db3b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2

ldrenandthe.org/aWdncTBGWAQCDT4/CzxkBT0VJWhQXj5DQCcCP0hZMDITQVYuMkEFWQ1aXkgGX1dWV0AAA1pAFhoTBgVFGlpWV1kHAQhMFh9aVl8DXUlURR5ZQRJMAU8TFxBXVFZBAUQdC1pAB1lWUUUEXVBUQQBd

172.67.194.104

204 No Content

0 B

URL GET HTTP/2
ldrenandthe.org/aWdncTBGWAQCDT4/CzxkBT0VJWhQXj5DQCcCP0hZMDITQVYuMkEFWQ1aXkgGX1dWV0AAA1pAFhoTBgVFGlpWV1kHAQhMFh9aVl8DXUlURR5ZQRJMAU8TFxBXVFZBAUQdC1pAB1lWUUUEXVBUQQBd
IP
172.67.194.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerGoogle Trust Services LLC
Subjectldrenandthe.org
FingerprintB1:E1:DF:C0:4E:E7:2F:9B:70:DF:D1:CA:75:2B:47:98:1B:CC:5F:BB
ValidityWed, 29 Nov 2023 06:03:19 GMT - Tue, 27 Feb 2024 06:03:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /aWdncTBGWAQCDT4/CzxkBT0VJWhQXj5DQCcCP0hZMDITQVYuMkEFWQ1aXkgGX1dWV0AAA1pAFhoTBgVFGlpWV1kHAQhMFh9aVl8DXUlURR5ZQRJMAU8TFxBXVFZBAUQdC1pAB1lWUUUEXVBUQQBd HTTP/1.1
Host: ldrenandthe.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Sun, 03 Dec 2023 23:01:07 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xtVc3SNqm2mh4StW%2B%2BPmZOCXEJxI8XYcYKbmXPYwniOzhwPKdu29IPW%2BfzrlFutzaJt6sLlBK0rYoFrHFCVKmY%2F3z6qlhbvgomBjoCnFna3APCdK8ZHmKIyDRo%2F1xBLVre4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ff6e02ac2f56c5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

lingrethertantin.com/utx?cb=oH7MLxbiicc1&top=upfilesurls.com&tid=996601

52.85.242.19

204 No Content

0 B

URL GET HTTP/2
lingrethertantin.com/utx?cb=oH7MLxbiicc1&top=upfilesurls.com&tid=996601
IP
52.85.242.19:443
ASN
#16509 AMAZON-02

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerAmazon
Subjectlingrethertantin.com
Fingerprint05:43:5F:62:44:4A:F8:16:0D:0E:1F:DC:05:AA:39:FF:6E:4C:56:B8
ValidityMon, 27 Nov 2023 00:00:00 GMT - Wed, 25 Dec 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /utx?cb=oH7MLxbiicc1&top=upfilesurls.com&tid=996601 HTTP/1.1
Host: lingrethertantin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Sun, 03 Dec 2023 23:01:08 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://upfilesurls.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 03 Dec 2023 23:02:08 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 a62f7ce6b39c676fcfdde0f9a6fcf08e.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: XxoMwbVAuubuYAeBVnIrBn5aVTCik0sEA10xQbOEoBw4OVj_MU7sCQ==
X-Firefox-Spdy: h2

upfilesurls.com/js/frontend.js?id=88f283c744d8a6e43cfb

104.26.9.138

200 OK

981 kB

URL GET HTTP/2
upfilesurls.com/js/frontend.js?id=88f283c744d8a6e43cfb
IP
104.26.9.138:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
FingerprintC4:06:EA:F3:4B:AA:F0:43:B3:17:05:E3:66:A4:76:2C:54:9D:91:CF
ValidityMon, 20 Nov 2023 19:51:53 GMT - Sun, 18 Feb 2024 19:51:52 GMT

File type

Size
981 kB (980828 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/frontend.js?id=88f283c744d8a6e43cfb HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/wwRfHz
Cookie: XSRF-TOKEN=eyJpdiI6IlRMNHM1dEMvcjJkK1d5QWlqYkY3T2c9PSIsInZhbHVlIjoiMjh3MVA5S1NpMUpzR1d1cFllWXc3aW9qYXFXNzduKzFTaXIyVitROFNrK2FYT3VJUjJ2emVpNTdCRGpLV1lKOWt5R2s3VHN0bm9NNUFFVUJsb3dYSHFUeVNMdnhXcGpFZm9nWDZXQ2VKR2FKeXJoZHJUY0YrVCtwMG8xR0pKM0oiLCJtYWMiOiIwOTAzYTAyNzk2N2ZkZDg1M2QzY2RkYTY5YWUyMmU0OGNjMzU4MDRjMjQyNTIzNjc1NTdmOGM1ZDQyMzlmZTlkIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6IjA5bVBWYkc1RFd6Y1h3NUUrYVdzVWc9PSIsInZhbHVlIjoiMjdBSHZYOWptV083L2dQcmxPeW5OVGpmZGZlQnRIR3c2Vmk4dGdxZGJoNkFlZkFsbFZ0dUZNUTZFZEtwcldjRldHdmxzR3dBNzVyRTdycWZzdzVSTzVzNklSL2JMSWFEN09BWnJWVC9mWEtDVzB3UmdwbWNJb0NHQUNLUWN5THIiLCJtYWMiOiI5ZjQ5OTdmMWRlYjkyYmY4NmUxMGIxZDlhNjg5MjU5ODdhYmFkYTQ4N2MwMjk3NzE3OWYxMzBiOTYwZWMwOGYxIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:01:07 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=980842
etag: W/"63baab19-ef76a"
last-modified: Sun, 08 Jan 2023 11:38:01 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 488514
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VjnzKwtnqlmWtRrlhSDj7ANGGTlLYIPVEJE1TljNiTNc4tyGqJoQUNEdDP5sxiFOVIpTVTnVRaZ4RvsJKHPleI5ArPHIiekwKocBwgBRIAMaajpKOVgw5O%2FVwwhuy88B1g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ff6dff7828b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2

live.demand.supply/up.js

104.16.133.22

200 OK

5.1 kB

URL GET HTTP/2
live.demand.supply/up.js
IP
104.16.133.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT

File type
ASCII text, with very long lines (5294), with no line terminators
Size
5.1 kB (5132 bytes)
Hash
c626dfb86aaca245059f108600e1a17d
10063a07d3f789ab7ff429888a74d0aa38b82650
448240e65e9ede0551a0984621a430e907227cb2b31cc0606d5b7180d61fab4b

HTTP Headers

GET /up.js HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:01:07 GMT
content-type: application/javascript; charset=UTF-8
cf-ray: 82ff6e020a1c5697-OSL
cf-cache-status: HIT
age: 503
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
etag: W/"51603a94d6ed1afd2227b0ac012f84b2-ssl-df"
link: <https://live.demand.supply/impl.v17.23.1.js>; rel=preload; as=script,<https://live.demand.supply/p4/v17-21-0/dXBmaWxlc3VybHMuY29tLw==>; rel=preload; as=script
strict-transport-security: max-age=31536000
vary: Accept-Encoding
cache-status: "Netlify Edge"; fwd=stale
cf-bgj: minify
cf-polished: origSize=4807
timing-allow-origin: *
x-nf-request-id: 01HGKB9FVVYY9S9NG0DCXFQ0G1
set-cookie: demandSupplyTi=28c025ef-dbae-479d-9f8d-8bbf5147c50e; demandSupplyTc = null; demandSupplyTcI = null; SameSite=None; Secure; Max-Age=63072000
__cf_bm=F6pNi9qqOzn05Fs8CsVoLt12LiIDLS5pGftJS1m.PyY-1701644467-0-AQpJPHbjCqTrvakSBD48s8CKtmNjGs4QvuJGQpXzaXgzZ4ht5h2M2tH3Bun4wH8ovBXLQgX7hVpvYcY5rloOGIM=; path=/; expires=Sun, 03-Dec-23 23:31:07 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

upfilesurls.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

104.26.9.138

302 Found

7.3 kB

URL GET HTTP/2
upfilesurls.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
104.26.9.138:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
FingerprintC4:06:EA:F3:4B:AA:F0:43:B3:17:05:E3:66:A4:76:2C:54:9D:91:CF
ValidityMon, 20 Nov 2023 19:51:53 GMT - Sun, 18 Feb 2024 19:51:52 GMT

File type

Size
7.3 kB (7317 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlRMNHM1dEMvcjJkK1d5QWlqYkY3T2c9PSIsInZhbHVlIjoiMjh3MVA5S1NpMUpzR1d1cFllWXc3aW9qYXFXNzduKzFTaXIyVitROFNrK2FYT3VJUjJ2emVpNTdCRGpLV1lKOWt5R2s3VHN0bm9NNUFFVUJsb3dYSHFUeVNMdnhXcGpFZm9nWDZXQ2VKR2FKeXJoZHJUY0YrVCtwMG8xR0pKM0oiLCJtYWMiOiIwOTAzYTAyNzk2N2ZkZDg1M2QzY2RkYTY5YWUyMmU0OGNjMzU4MDRjMjQyNTIzNjc1NTdmOGM1ZDQyMzlmZTlkIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6IjA5bVBWYkc1RFd6Y1h3NUUrYVdzVWc9PSIsInZhbHVlIjoiMjdBSHZYOWptV083L2dQcmxPeW5OVGpmZGZlQnRIR3c2Vmk4dGdxZGJoNkFlZkFsbFZ0dUZNUTZFZEtwcldjRldHdmxzR3dBNzVyRTdycWZzdzVSTzVzNklSL2JMSWFEN09BWnJWVC9mWEtDVzB3UmdwbWNJb0NHQUNLUWN5THIiLCJtYWMiOiI5ZjQ5OTdmMWRlYjkyYmY4NmUxMGIxZDlhNjg5MjU5ODdhYmFkYTQ4N2MwMjk3NzE3OWYxMzBiOTYwZWMwOGYxIiwidGFnIjoiIn0%3D; ab=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sun, 03 Dec 2023 23:01:08 GMT
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
cache-control: max-age=300, public
vary: accept-encoding
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=blfzc6yMUFAqux%2B96f7UkY00Yupp%2Beflmigp0%2Fl4S6G%2BJswDjmM9qqGxvSVOJvEoahmpdNdmCN85UsTkC%2F4lGjjA7EvW5DqVXlkD9FNVLQne1YBNnO%2FVoKM1jLEJgmyFQA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ff6e052b94b50c-OSL
X-Firefox-Spdy: h2

upfilesurls.com/js/ads.js

104.26.9.138

200 OK

1.5 kB

URL GET HTTP/2
upfilesurls.com/js/ads.js
IP
104.26.9.138:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
FingerprintC4:06:EA:F3:4B:AA:F0:43:B3:17:05:E3:66:A4:76:2C:54:9D:91:CF
ValidityMon, 20 Nov 2023 19:51:53 GMT - Sun, 18 Feb 2024 19:51:52 GMT

File type
ASCII text, with very long lines (1551), with no line terminators
Size
1.5 kB (1544 bytes)
Hash
18062be5f40e561d47292c4c3e16e968
a527704208e4e365d0119360f6dd5fb1ce8eb3c8
63e619bf91f115635c5f302e9352cca845a7c498eaef9c2fee9b50a16001be37

HTTP Headers

GET /js/ads.js HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/wwRfHz
Cookie: XSRF-TOKEN=eyJpdiI6IlRMNHM1dEMvcjJkK1d5QWlqYkY3T2c9PSIsInZhbHVlIjoiMjh3MVA5S1NpMUpzR1d1cFllWXc3aW9qYXFXNzduKzFTaXIyVitROFNrK2FYT3VJUjJ2emVpNTdCRGpLV1lKOWt5R2s3VHN0bm9NNUFFVUJsb3dYSHFUeVNMdnhXcGpFZm9nWDZXQ2VKR2FKeXJoZHJUY0YrVCtwMG8xR0pKM0oiLCJtYWMiOiIwOTAzYTAyNzk2N2ZkZDg1M2QzY2RkYTY5YWUyMmU0OGNjMzU4MDRjMjQyNTIzNjc1NTdmOGM1ZDQyMzlmZTlkIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6IjA5bVBWYkc1RFd6Y1h3NUUrYVdzVWc9PSIsInZhbHVlIjoiMjdBSHZYOWptV083L2dQcmxPeW5OVGpmZGZlQnRIR3c2Vmk4dGdxZGJoNkFlZkFsbFZ0dUZNUTZFZEtwcldjRldHdmxzR3dBNzVyRTdycWZzdzVSTzVzNklSL2JMSWFEN09BWnJWVC9mWEtDVzB3UmdwbWNJb0NHQUNLUWN5THIiLCJtYWMiOiI5ZjQ5OTdmMWRlYjkyYmY4NmUxMGIxZDlhNjg5MjU5ODdhYmFkYTQ4N2MwMjk3NzE3OWYxMzBiOTYwZWMwOGYxIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:01:07 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-bgj: minify
etag: W/"63baab19-608"
last-modified: Sun, 08 Jan 2023 11:38:01 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1007337
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2iu1rU%2BbdJaxaffTnVHeQD0xNp55D4ujSK00NQRwrskamzS82KX6HOGZXlAmQUpfUVK%2BKz6HsSL0LsS0Wx%2BoihiEgpz%2BKvUD6rS9WNyxYzXIgQU7LuO1hKfL7UFUTviRuA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ff6dff6826b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

142.250.74.131

200 OK

921 B

URL GET HTTP/2
www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc.google.com
Fingerprint60:EB:F2:B5:46:D7:39:12:3D:8C:D5:9A:EC:14:D4:9C:47:0F:DE:DE
ValidityMon, 23 Oct 2023 11:19:58 GMT - Mon, 15 Jan 2024 11:19:57 GMT

File type
ASCII text, with very long lines (921), with no line terminators
Size
921 B (921 bytes)
Hash
5b6f08f1e0f0284cf893616838da61f3
b267f92b338a62dc38640f2ef7c6c33ab129e962
04accf2271af1d069333bfbe89d2002c5e92cfd66b7fd41a31e71616cdd47b28

HTTP Headers

GET /recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit HTTP/1.1
Host: www.recaptcha.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Sun, 03 Dec 2023 23:01:08 GMT
date: Sun, 03 Dec 2023 23:01:08 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

upfilesurls.com/favicon.ico

104.26.9.138

200 OK

1.5 kB

URL GET HTTP/2
upfilesurls.com/favicon.ico
IP
104.26.9.138:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
FingerprintC4:06:EA:F3:4B:AA:F0:43:B3:17:05:E3:66:A4:76:2C:54:9D:91:CF
ValidityMon, 20 Nov 2023 19:51:53 GMT - Sun, 18 Feb 2024 19:51:52 GMT

File type
MS Windows icon resource - 1 icon, 32x32 with PNG image data, 32 x 32, 8-bit colormap, non-interlaced, 32 bits/pixel\012- data
Size
1.5 kB (1464 bytes)
Hash
ba3a9d1041ae9a7a655f9632756b1e92
fbb065d1df15871da0b7df14ca22041a729dda88
180c85c0caca07f8411a77e2392751d979f74982f0ed7062a0093b322924f38f

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/wwRfHz
Cookie: XSRF-TOKEN=eyJpdiI6IlRMNHM1dEMvcjJkK1d5QWlqYkY3T2c9PSIsInZhbHVlIjoiMjh3MVA5S1NpMUpzR1d1cFllWXc3aW9qYXFXNzduKzFTaXIyVitROFNrK2FYT3VJUjJ2emVpNTdCRGpLV1lKOWt5R2s3VHN0bm9NNUFFVUJsb3dYSHFUeVNMdnhXcGpFZm9nWDZXQ2VKR2FKeXJoZHJUY0YrVCtwMG8xR0pKM0oiLCJtYWMiOiIwOTAzYTAyNzk2N2ZkZDg1M2QzY2RkYTY5YWUyMmU0OGNjMzU4MDRjMjQyNTIzNjc1NTdmOGM1ZDQyMzlmZTlkIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6IjA5bVBWYkc1RFd6Y1h3NUUrYVdzVWc9PSIsInZhbHVlIjoiMjdBSHZYOWptV083L2dQcmxPeW5OVGpmZGZlQnRIR3c2Vmk4dGdxZGJoNkFlZkFsbFZ0dUZNUTZFZEtwcldjRldHdmxzR3dBNzVyRTdycWZzdzVSTzVzNklSL2JMSWFEN09BWnJWVC9mWEtDVzB3UmdwbWNJb0NHQUNLUWN5THIiLCJtYWMiOiI5ZjQ5OTdmMWRlYjkyYmY4NmUxMGIxZDlhNjg5MjU5ODdhYmFkYTQ4N2MwMjk3NzE3OWYxMzBiOTYwZWMwOGYxIiwidGFnIjoiIn0%3D; ab=1; cf_clearance=01z0XZtA1cpQ75lzHvMiZARRenAvW0RMXXdRvw4zgaY-1701644468-0-1-730ca2d2.57dbd4fb.240dfd32-0.2.1701644468; _ga_75C4L64NEB=GS1.1.1701644473.1.0.1701644473.0.0.0; _ga=GA1.1.2116704299.1701644474
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:01:08 GMT
content-type: image/x-icon
last-modified: Fri, 08 Apr 2022 10:55:45 GMT
vary: Accept-Encoding
etag: W/"625014b1-5b8"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 418
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eR2XCkFkC4kYcpqZP8pFhkYYDJtS1%2FAYs8LTfH90jFZWMQHLYjk8Olesqpt3x9jcpb8hlbxRc9dif8utx4rOrBdRaTIKTFWRyTisOBYQAUtPvJPlxESuFrLZ6loS9vxGtw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ff6e09be87b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2

live.demand.supply/impl.v17.23.1.js

104.16.133.22

200 OK

88 kB

URL GET HTTP/3
live.demand.supply/impl.v17.23.1.js
IP
104.16.133.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT

File type
ASCII text, with very long lines (23263)
Size
88 kB (88018 bytes)
Hash
a126ddea54aa780835368bf1e6519b03
9e882f4aea3df64224789b0f57a28c541e9b52cd
21f113cdf5618b645145c239293ad9fd2bac75d71c17377e89636ef4fe52b8ba

HTTP Headers

GET /impl.v17.23.1.js HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Cookie: demandSupplyTi=28c025ef-dbae-479d-9f8d-8bbf5147c50e; __cf_bm=F6pNi9qqOzn05Fs8CsVoLt12LiIDLS5pGftJS1m.PyY-1701644467-0-AQpJPHbjCqTrvakSBD48s8CKtmNjGs4QvuJGQpXzaXgzZ4ht5h2M2tH3Bun4wH8ovBXLQgX7hVpvYcY5rloOGIM=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 03 Dec 2023 23:01:08 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
cache-status: "Netlify Edge"; fwd=miss
cf-bgj: minify
cf-polished: origSize=88200
etag: W/"8aec9afb152593f3439ffcbf395458c2-ssl-df"
strict-transport-security: max-age=31536000
timing-allow-origin: *
vary: Accept-Encoding
x-nf-request-id: 01HGKAX7FS486RAMYC2BFDPGHN
cf-cache-status: HIT
age: 188428
server: cloudflare
cf-ray: 82ff6e055cd056b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

live.demand.supply/p4/v17-21-0/dXBmaWxlc3VybHMuY29tL3d3UmZIeg==

104.16.133.22

200 OK

984 B

URL GET HTTP/3
live.demand.supply/p4/v17-21-0/dXBmaWxlc3VybHMuY29tL3d3UmZIeg==
IP
104.16.133.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1122), with no line terminators
Size
984 B (984 bytes)
Hash
03c5865017b06d69bb43bbbf92f4b9e7
219be73e8b9393d2c927ce83c176c418527c9f86
66cbf6d67380a0834a45349826f5aa141d5f040436095e2e88b997ca5b76dc83

HTTP Headers

GET /p4/v17-21-0/dXBmaWxlc3VybHMuY29tL3d3UmZIeg== HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Cookie: demandSupplyTi=28c025ef-dbae-479d-9f8d-8bbf5147c50e; __cf_bm=F6pNi9qqOzn05Fs8CsVoLt12LiIDLS5pGftJS1m.PyY-1701644467-0-AQpJPHbjCqTrvakSBD48s8CKtmNjGs4QvuJGQpXzaXgzZ4ht5h2M2tH3Bun4wH8ovBXLQgX7hVpvYcY5rloOGIM=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 03 Dec 2023 23:01:08 GMT
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff6e059cfc56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ldrenandthe.org/cDhONVhfBy1GZRMKJgU6Hm4MbR0UXB9wGhNpGAwaIwk+eAA1YWhBMRQFdwxuRgh/EygZXHMEfgNML0EtAwV9BWhBHidbPh8FfgVoQR44CGleC3oba0QWfhMtTRV8EywAWSkIaVZIOkE0TQl5BWlGDHoBb0UKeAM

172.67.194.104

204 No Content

0 B

URL POST HTTP/3
ldrenandthe.org/cDhONVhfBy1GZRMKJgU6Hm4MbR0UXB9wGhNpGAwaIwk+eAA1YWhBMRQFdwxuRgh/EygZXHMEfgNML0EtAwV9BWhBHidbPh8FfgVoQR44CGleC3oba0QWfhMtTRV8EywAWSkIaVZIOkE0TQl5BWlGDHoBb0UKeAM
IP
172.67.194.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerGoogle Trust Services LLC
Subjectldrenandthe.org
FingerprintB1:E1:DF:C0:4E:E7:2F:9B:70:DF:D1:CA:75:2B:47:98:1B:CC:5F:BB
ValidityWed, 29 Nov 2023 06:03:19 GMT - Tue, 27 Feb 2024 06:03:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cDhONVhfBy1GZRMKJgU6Hm4MbR0UXB9wGhNpGAwaIwk+eAA1YWhBMRQFdwxuRgh/EygZXHMEfgNML0EtAwV9BWhBHidbPh8FfgVoQR44CGleC3oba0QWfhMtTRV8EywAWSkIaVZIOkE0TQl5BWlGDHoBb0UKeAM HTTP/1.1
Host: ldrenandthe.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/3 204 No Content
date: Sun, 03 Dec 2023 23:01:09 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zRdqzUoYV0Pqeb2fanmSdyNMb%2B4VMLP35UpPvGeRoPX7AJ9uVTMV%2F8xY3CGx2mV%2Fat85I1ngJIBR0z8kdqC7Eh9VG%2FVDXrZgW8aA1g5169uSywH0QgLpV3rvHwfgxBy%2BvSk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ff6e108c2f56b5-OSL
alt-svc: h3=":443"; ma=86400

ldrenandthe.org/ejVRN1JVCjJEby5zH0MIAFlobRRPYxUEBBRiPWYZH3IlVAQNRndDOx4IYAdjSgNgAHQKXDUKY1xGJVYmD0ZsBnQTWzdYb1xDbAZ8SQF/BGZUBXdCb0sTJUczHQhgESIOQT0KY00FYAFmTgFmBWtPAw

172.67.194.104

204 No Content

0 B

URL GET HTTP/2
ldrenandthe.org/ejVRN1JVCjJEby5zH0MIAFlobRRPYxUEBBRiPWYZH3IlVAQNRndDOx4IYAdjSgNgAHQKXDUKY1xGJVYmD0ZsBnQTWzdYb1xDbAZ8SQF/BGZUBXdCb0sTJUczHQhgESIOQT0KY00FYAFmTgFmBWtPAw
IP
172.67.194.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerGoogle Trust Services LLC
Subjectldrenandthe.org
FingerprintB1:E1:DF:C0:4E:E7:2F:9B:70:DF:D1:CA:75:2B:47:98:1B:CC:5F:BB
ValidityWed, 29 Nov 2023 06:03:19 GMT - Tue, 27 Feb 2024 06:03:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ejVRN1JVCjJEby5zH0MIAFlobRRPYxUEBBRiPWYZH3IlVAQNRndDOx4IYAdjSgNgAHQKXDUKY1xGJVYmD0ZsBnQTWzdYb1xDbAZ8SQF/BGZUBXdCb0sTJUczHQhgESIOQT0KY00FYAFmTgFmBWtPAw HTTP/1.1
Host: ldrenandthe.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Sun, 03 Dec 2023 23:01:07 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OxtqzxudI%2BolG2kElpHmMHCTNf1S%2FRMh2WBLjkLs8im5iofu5vLh1%2FgBgTPqsPZyQ7BJwA1PkRiqQHYSGZ0X%2B9LX%2Fbpnmw8o6WhYT9k2d4sPUBeHSXPeyogb6%2F%2BgOEcCRyQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ff6e022ba156c5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

api.demand.supply/v17-21-0/a/upfilesurls.com_fluid_sq_firstpageaftertitle_1?&dsReferer=dXBmaWxlc3VybHMuY29tL3d3UmZIeg==

104.16.133.22

200 OK

384 B

URL GET HTTP/3
api.demand.supply/v17-21-0/a/upfilesurls.com_fluid_sq_firstpageaftertitle_1?&dsReferer=dXBmaWxlc3VybHMuY29tL3d3UmZIeg==
IP
104.16.133.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (454), with no line terminators
Size
384 B (384 bytes)
Hash
3bf684cc82acb4d11dd8c82ce0ef6c00
61a1b779ffefe2d89706fa57de9dcbed3c78e0dd
2fe9815f7dc69dcd78be91e61b5f1bc478a198f4ae05fc08a31a5b0bba55fc2d

HTTP Headers

GET /v17-21-0/a/upfilesurls.com_fluid_sq_firstpageaftertitle_1?&dsReferer=dXBmaWxlc3VybHMuY29tL3d3UmZIeg== HTTP/1.1
Host: api.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 03 Dec 2023 23:01:08 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
etag: W/"180-hrDHU0YrhmDtbtOZ8ZuVDW0I4Ks"
cf-cache-status: HIT
age: 6389
set-cookie: __cf_bm=nXPHHK2uLaUeKHfMBGKu_Np.zQoFZ9h6FNP8DxB8yaM-1701644468-0-AcJHbIZeQ64iU2Ceda+p/pjibVAomZWl2AwgZWB7K3xH98bi/chhsfSvvnAyI3ZgOEhW6xP7iMtnxsKZFnwjIgY=; path=/; expires=Sun, 03-Dec-23 23:31:08 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff6e088b9a56a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

upfiles.com/wwRfHz

172.67.173.106

302 Found

90 kB

URL User Request GET HTTP/2
upfiles.com/wwRfHz
IP
172.67.173.106:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectupfiles.com
FingerprintBB:5D:77:2C:9D:25:DC:E0:6A:62:3E:05:E4:1B:2D:80:F1:63:22:F8
ValidityWed, 08 Nov 2023 14:21:14 GMT - Tue, 06 Feb 2024 14:21:13 GMT

File type

Size
90 kB (89839 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wwRfHz HTTP/1.1
Host: upfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sun, 03 Dec 2023 23:01:06 GMT
content-type: text/html; charset=UTF-8
location: https://upfilesurls.com/wwRfHz?token=eyJpdiI6IlorN3ZhS3lCTDRaZEh6TU5YNE56eHc9PSIsInZhbHVlIjoibXpUQ2owaDcyM2t3Y1hpMnVaKzZIUT09IiwibWFjIjoiNDBhNmFjMzkyNTM1NDEyNjkwMmVjZjUyMjdjODUxMzJlNTQ5OTMwMmUzMTdiNWU4M2IyNGY2YjgyZGIxODcyMSIsInRhZyI6IiJ9
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6IkIxcVhuM1dBejQzV2hoanZvbkZNbWc9PSIsInZhbHVlIjoiWXl2dnlnelorTEFjUFJxR1E5VUxIRTRHZkZnU29ldkpLRjJSeFYxRGkxSFE5ZmxWNHJYK3o4dnN0VG9KWHF1T09sU05HblBKcnhhYjBSUTRMdVFjMDNsTjlvSjB4TW1MKytwZzFZbW5XRi85cHpENC9hTUQwVGM0VllJd3JYMlUiLCJtYWMiOiI3MWE0NDQ5MTc3NjZkZDhjNjg4MDU2MGNjZDhmMjY2Y2ZkY2MxMGM1MWE4ZDI5NjU3ZTMxZDA0ZWE5NDQ3YzkzIiwidGFnIjoiIn0%3D; expires=Sun, 10-Dec-2023 23:01:06 GMT; Max-Age=604800; path=/; samesite=lax
upfiles_session=eyJpdiI6IkFTblNQZ0FNM200WXpIQWtPWHRwb3c9PSIsInZhbHVlIjoick1XdHNTY2JWeHhRdTErZUl4KzJ4NVhaM1JBVXRHVUhpcmZDcUpFNnlGLzIwaGpOYzh1VE1JUW11cUNWZ1A0cXVSNnRNOE5Oa01uTS9IV0x1clZuZ0JoR2JnNzNjR1AvZE1rL0Z3Y0dvcUZNUEg2b2ZnWlhXM2xLV2NtOWpLd0oiLCJtYWMiOiJmMTg0MTlmOGIyM2MyZTAwYzgyNDFmMmU4Njg0NGFhNGI4MGQyNzUwMzM4YzdkMTM5MWU3MjA4MDhmOTY3YmE0IiwidGFnIjoiIn0%3D; expires=Sun, 10-Dec-2023 23:01:06 GMT; Max-Age=604800; path=/; httponly; samesite=lax
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bDuYDfJMkSsFxDQnYBMAneDF%2BgUOxTaMNAbISSaPOjATCepSxCdbfZpq5cxVZNV9dh6xMan21Ih2PWVn%2BgNXX88xS6RA%2FwZT3iu7xmHmC7H5aQ7vwOV%2B8EW7LL9PLA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ff6df7ef19568f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-75C4L64NEB&l=dataLayer&cx=c

142.250.74.168

200 OK

229 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-75C4L64NEB&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://upfilesurls.com/wwRfHz
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (5955)
Size
229 kB (229433 bytes)
Hash
01dba953b3011cdd4b24713da7b775f1
d6298cd7b92fe6fd54a73031255f573af69b99f1
ea0121b122ceb7f7a32b6cde42a60cacfb5f9904d66a5d4c09f73f97e2e9abb9

HTTP Headers

GET /gtag/js?id=G-75C4L64NEB&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 03 Dec 2023 23:01:08 GMT
expires: Sun, 03 Dec 2023 23:01:08 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 81234
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (30)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN