www.googletagmanager.com/gtag/js?id=UA-197252557-1
200 OK 47 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=UA-197252557-1
IP
Requested by https://upfilesurls.com/YZNR
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintEB:A2:AF:B3:20:F1:B1:77:23:0B:85:D2:B1:16:33:A7:97:49:EE:51
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT
File type ASCII text, with very long lines (2271)
Hash 2d79876710c90bddbe09c5b0f263aead
8ff4cca6c64754585b7bb895553c801edfb5e405
a9a7b8ae7ecfb7f5d138e3cb853c875f8f3512b9f11317014bc79ad2bde61fe9
GET /gtag/js?id=UA-197252557-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 28 May 2023 14:35:52 GMT
expires: Sun, 28 May 2023 14:35:52 GMT
cache-control: private, max-age=900
last-modified: Sun, 28 May 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46898
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cschyogh.com/1clkn/34742
200 OK 26 B IP
Requested by https://upfilesurls.com/YZNR
Certificate IssuerLet's Encrypt
Subjectcschyogh.com
Fingerprint11:EA:50:D5:5D:23:86:84:0B:BF:DE:7F:B7:02:00:1B:51:CD:36:58
ValidityFri, 19 May 2023 23:43:21 GMT - Thu, 17 Aug 2023 23:43:20 GMT
File type ASCII text, with no line terminators
Hash 9082dc37e5e8046929da411544ad071a
41e0e3963ed94e59e8a2f115994c382712411537
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
GET /1clkn/34742 HTTP/1.1
Host: cschyogh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 28 May 2023 14:35:52 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Set-Cookie: GL_UI4=eJw9jU1Sg0AQhSH8RQ1oV3EAj8AQMcnSTVbegZphGhwD06lmQuLtHa3S3fteffVeEASr8hHCJY0husgGnl8aXe97Ve31tsZq34vda9UoIbp6u1PycIA7M7dOqhFdDOt5kuxat8SwGdAim67tSGMOT976a06WrjaGRLG0Oodk8saYQ6aYrjNyGUFs5YSQHQ1jTzdvyE9iiIQQPhvrc1jBiuYyKu4heTf2cis2aVAUaQAP51G6nnhqjfaYDCw1QvgG6046HIi%2FINM4nxydAWjU7b%2F%2Fe5qMP2uQalxM55HcB%2FI3ouZOdQ%3D%3D; expires=Mon, 29-May-2023 14:35:52 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJw9i8sKwjAURGuUYNVWBvwAf8D6QBdu1aXUhbgOtd6WYM0tTXzUr%2FcFruYwc8bzPDEIIXSJ3nIaLSfRfBZNF3M0c2KIeIdeylfjqlqZ5EKQMVf3pIasKNdsAnR%2FoFI%2BETrxbnQwZ8N38x8%2BtwCtVLs6gP%2BJrxu20dS2RLgq9GO45%2BLq3raFb8gpWxKd4K%2BTY0HjzX6L8N9%2Bz7KBtraqrPhRv7nv9IWebEhxlllyUqBxk%2BIFsdRBIw%3D%3D; expires=Mon, 29-May-2023 14:35:52 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
200 OK 38 kB URL GET HTTP/2 fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP
Requested by https://upfilesurls.com/YZNR
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 37924, version 1.0\012- data
Hash e08be6d5d433944f7ad52902e4d24db5
e2600c1d60d12d397b3ee44411a021231d71e974
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
GET /s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 37924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 May 2023 03:18:14 GMT
expires: Sun, 26 May 2024 03:18:14 GMT
cache-control: public, max-age=31536000
age: 127058
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
upfilesurls.com/YZNR?auth=eyJpdiI6ImNGK1krcEJrTDgweWFQbW90aGNZQ0E9PSIsInZhbHVlIjoiYzU0bVhLMXZ6RGtzV3huMjV0eGZLUT09IiwibWFjIjoiMjFjMzYwNzM5MmI5MDk5YWQzYjI4NDhmYmIyZDYzNzFlYjE3ZDFjZWI3NDUyNTZlZGUzZDNkNjk3MzYwNDQzMyIsInRhZyI6IiJ9
302 Found 38 kB URL User Request GET HTTP/2 upfilesurls.com/YZNR?auth=eyJpdiI6ImNGK1krcEJrTDgweWFQbW90aGNZQ0E9PSIsInZhbHVlIjoiYzU0bVhLMXZ6RGtzV3huMjV0eGZLUT09IiwibWFjIjoiMjFjMzYwNzM5MmI5MDk5YWQzYjI4NDhmYmIyZDYzNzFlYjE3ZDFjZWI3NDUyNTZlZGUzZDNkNjk3MzYwNDQzMyIsInRhZyI6IiJ9
IP
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
Hash 940d40277277c953f7bf604789d8b994
20592bbbddbfebe3ed9e255573035b1ed9ff560a
c0b2b62d002cb0ac2f71d02143fd24310eb22016b37b867df5a8dcf7ea513e9d
GET /YZNR?auth=eyJpdiI6ImNGK1krcEJrTDgweWFQbW90aGNZQ0E9PSIsInZhbHVlIjoiYzU0bVhLMXZ6RGtzV3huMjV0eGZLUT09IiwibWFjIjoiMjFjMzYwNzM5MmI5MDk5YWQzYjI4NDhmYmIyZDYzNzFlYjE3ZDFjZWI3NDUyNTZlZGUzZDNkNjk3MzYwNDQzMyIsInRhZyI6IiJ9 HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjhiVUx5OWd4TzVUajBPa0VPQ3pleXc9PSIsInZhbHVlIjoiVlpVeGVadHJGWkhHUEF6MmZuUm1WYWF5cHl3TVR2OUNzU0YyRjBsWVZGUC9FZDlIOW5UczVBTFl4YllFenVMZ0dNUVRXVkx6akIzQlE0T3JGUlM2b0diWTRvNklwNmxmalZTcWZXaS9mNHNTWWFGM2FOUTE5bmFmTDRhdmUzUkwiLCJtYWMiOiI1YzkwZmE0NzE4Nzk2YjFmZGU5Nzg3YWFlYzY2MzJiMTQxNTVmYjYzNTJlMTU4OWRlMDRmZGQ3ZDZhN2MzYzlhIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6IlhXYVdrbFhvZTRydUlXTElveXE1Q0E9PSIsInZhbHVlIjoielZWUFppWDhhZy9tamdFa25TV1VUNFdONHFKRGVQTktuTTZ6YXVDcWtuSkpqTlY4eXZWSVNFVUQ1ZVRaaDByTE4rMFhUUnNqVFNQc3BWbDM2KzVnYmZsYUFYMFk5SkN2RHZtWlhqb2R5UHhCUWRCcWZ6dDE5bXdUT2o4Y1FreU8iLCJtYWMiOiI1YjIwOWFlZDU5NTZjZDc4M2MzNTE5NTkxZjhmZTUwYzMwOGI2M2QxYTUxN2JhMDM5ZGEyNzM1NTA1MjFiZjVjIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
date: Sun, 28 May 2023 14:35:52 GMT
content-type: text/html; charset=UTF-8
location: https://upfilesurls.com/YZNR
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: auth=eyJpdiI6ImNGK1krcEJrTDgweWFQbW90aGNZQ0E9PSIsInZhbHVlIjoiYzU0bVhLMXZ6RGtzV3huMjV0eGZLUT09IiwibWFjIjoiMjFjMzYwNzM5MmI5MDk5YWQzYjI4NDhmYmIyZDYzNzFlYjE3ZDFjZWI3NDUyNTZlZGUzZDNkNjk3MzYwNDQzMyIsInRhZyI6IiJ9; path=/; secure; httponly; samesite=lax
XSRF-TOKEN=eyJpdiI6IkUreWNnNWlKRWNHTXdCNE1uTmdiMFE9PSIsInZhbHVlIjoicFJCSXREa3U0SVhxVVl6aU11aWltRFloOTAvTEFIMTQvMDlxOFduRU5zYi9yWkdFUUprRFZQeGkyTkxBY1hTcUZwRzZYWHZRNHdqRmgzaXBjcW5GV2kwM0tDOHhNUXBxRnRodVgyWkVycEM0dnFhNUlZM2pXUVdRRklUTnE0R24iLCJtYWMiOiI2MjNlMjM1M2EyZjZjMjQwMzJmNTJjNWY2YWNkZjNlNmIzNDVhOTE5Mzk2NjhkMDIyMGUxOTI5NzEyMDZlYjZjIiwidGFnIjoiIn0%3D; expires=Sun, 28-May-2023 16:35:52 GMT; Max-Age=7200; path=/; samesite=lax
upfiles_session=eyJpdiI6Ilh1cUxrblduOWhQRDNhVng4ZE15T2c9PSIsInZhbHVlIjoiV05GS1R4VVVIcFcwV0pOT2JkK0VBSVNRNHRjV1dPSi9xUFJmRWdKV3B6VmNFWlBJZzRYVHFkN0x4VEtGb1hucTNvbXJ3RFgvak9iY1FGRE9oTGdGWHQ5YmVaVjArekxkVHppS1F3Mm8vM3Y2a08yNlo5MGVWbzNEK2w2c0FkaXIiLCJtYWMiOiI1NTM2N2VkNWQyMmZkYWU5MjU1MDlhNTlhMjk2NzZiM2QyNjUwNjJiYjc4ZjQ1MWZhOGU0ZDkxOWM5NjAwYWY2IiwidGFnIjoiIn0%3D; expires=Sun, 28-May-2023 16:35:52 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nYW%2Bjap%2FMSkELWHBLXpRZKVaLWeyTD5id%2B46gWHhe7jYbFKYoaOBDJhW9HiWx9CgxxQDwhJjetKNv6MNA5KtgGYUTj8M9%2Bl%2F%2B3dSGu5XKogCOkxmvPzt2N8ipEf7U1f%2B%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce73a027a4bb503-OSL
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
Requested by https://upfilesurls.com/YZNR
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 May 2023 03:11:48 GMT
expires: Sun, 26 May 2024 03:11:48 GMT
cache-control: public, max-age=31536000
age: 127444
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
upfilesurls.com/css/frontend.css?id=2396ffb76e738e465b53
200 OK 64 kB URL GET HTTP/2 upfilesurls.com/css/frontend.css?id=2396ffb76e738e465b53
IP
Requested by https://upfilesurls.com/YZNR
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash cf7148de68c4ff76f21e2200b67fd8c4
ace4770fa2d643e676bccca417f7880c8a6565dd
e51161fcc5b2c4b90c3381e517152eb275d52a6c288954e502479d7421386240
GET /css/frontend.css?id=2396ffb76e738e465b53 HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/YZNR
Cookie: XSRF-TOKEN=eyJpdiI6Im1iWFlTcmdRd2NPZzJlMGtuNFZlWlE9PSIsInZhbHVlIjoicDZ6TWowTWJramVnMjg3RnltY0VDamhUVlQybVFKVlJFSkJUSXFoU2huYmJnL3ZEdXgrdDNOVXJBaDlwWjNUczczdGNac200TU5LNGVVeU12UG1laStxMHFpdGY2SGRQaXhEdkZUREs2TGF4YXVBQkR4RnVHeDFtbXNxNjZKbUYiLCJtYWMiOiJlY2M3M2NhMzFhMWY1MGU4YjcwZWNkYjFjNTg5MjlkYmQ3YjZhYzY2ZmIyZjA3MDM1MTk4ZmRmZGFjMTgxNTBhIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InV3OWZEZUw0ck82QndxS0NIQk1MMlE9PSIsInZhbHVlIjoiTlNZWEs2NVZvaURHQS9QaEV6VFVtRTNJMHF0ck5qRjJ6V2dCaTltYnk1eE5DclB3VkVrbTNUclluUzk5ajlPbHM1TVhuRGgvcDdxYjYwZkxDWmtMbFBtU0tNZzQ0U2Q0WS9mb09hV1JqaVRidlA1SmxSelVKZTNBY3hXOUNsQXAiLCJtYWMiOiI1ZjkzMWRhZjZlYjJjNGVjNzcxODVmNDY0YmEyNjM5NTQ4NzYzYjVkMTc2MzQwYzc4ZTEyNzA1MWQzMzAzMGNmIiwidGFnIjoiIn0%3D; auth=eyJpdiI6ImNGK1krcEJrTDgweWFQbW90aGNZQ0E9PSIsInZhbHVlIjoiYzU0bVhLMXZ6RGtzV3huMjV0eGZLUT09IiwibWFjIjoiMjFjMzYwNzM5MmI5MDk5YWQzYjI4NDhmYmIyZDYzNzFlYjE3ZDFjZWI3NDUyNTZlZGUzZDNkNjk3MzYwNDQzMyIsInRhZyI6IiJ9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 28 May 2023 14:35:52 GMT
content-type: text/css
cf-bgj: minify
etag: W/"63a354a4-3f918"
last-modified: Wed, 21 Dec 2022 18:47:00 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cache-control: max-age=14400
cf-cache-status: HIT
age: 13300974
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b3YueolrMWmYgMNmGlDFkJ9hD%2BdDHoFZJk3H0chtIwFjr2dtl1mVUsAiuslbMq%2Fk131a5VGWjiklmOAqIHPHWJMS%2FTSrVpmUetlA5nZG%2BNizh86vFtgOBs4SsC7XmPJ%2BVg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce73a062fd3b503-OSL
content-encoding: br
X-Firefox-Spdy: h2
d18kg2zy9x3t96.cloudfront.net/?yzgkd=978153
200 OK 116 kB URL GET HTTP/2 d18kg2zy9x3t96.cloudfront.net/?yzgkd=978153
IP
Requested by https://upfilesurls.com/YZNR
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (15948)
Size 116 kB (115487 bytes)
Hash 659f8a58486d12b5095d49757877f807
325c771da1471f074f0c685637a2e6088999ee07
70b880061bb5156780b478bdc6b3248e0c59fe349b00829d5abc0595a5fb5ccf
GET /?yzgkd=978153 HTTP/1.1
Host: d18kg2zy9x3t96.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 115487
date: Sun, 28 May 2023 14:35:52 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: W7TiSILW7w6vPvdHQG9zC58RRRfFkSyYnV0_2v7xyLBhtqgMEqnZwQ==
X-Firefox-Spdy: h2
live.demand.supply/up.js
200 OK 2.1 kB IP
Requested by https://upfilesurls.com/YZNR
Certificate IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (3472)
Hash 223119206df91baeb9af363703b21e43
6fffb030fd37d0b3f94f113470a408ed19b64d39
f5c9d8f24fab86cff3ea0e41bc297ff81c6c3f17e46a8881b373fc7dd72b18b4
GET /up.js HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 14:35:53 GMT
content-type: application/javascript; charset=UTF-8
cf-ray: 7ce73a075e6db4ed-OSL
cf-cache-status: HIT
age: 25
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
etag: W/"ad72f581a14aa3fbbf4827fac4449705-ssl-df"
link: <https://live.demand.supply/impl.v16.9.1.js>; rel=preload; as=script,<https://live.demand.supply/p4/v16-2-0/dXBmaWxlc3VybHMuY29tLw==>; rel=preload; as=script
vary: Accept-Encoding
cf-bgj: minify
cf-polished: origSize=4391
timing-allow-origin: *
x-nf-request-id: 01H0JH3JA8TSZ1S1CGSMZY0Q5D
set-cookie: demandSupplyTi=14f91c31-596e-488d-8585-4bd34b66c35a; demandSupplyTc = null; demandSupplyTcI = null; SameSite=None; Secure; Max-Age=63072000
__cf_bm=X0SCXh_bL6KLizK9T3DckyrUFaEEJaRT1rQFNDCTGwk-1685284553-0-Af24poEZWo/pRXE1ICvlzLDCkUcDrxX4grapoWks9ulp52WtZMKZZCb977WIqLKc2H+XnQ3P5nJ+ASmr+3SOVLw=; path=/; expires=Sun, 28-May-23 15:05:53 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
upfilesurls.com/images/arrow-down.png?c98e5283a69cb508d054d30256af43c6
200 OK 208 B URL GET HTTP/2 upfilesurls.com/images/arrow-down.png?c98e5283a69cb508d054d30256af43c6
IP
Requested by https://upfilesurls.com/YZNR
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
File type PNG image data, 6 x 12, 8-bit/color RGBA, non-interlaced\012- data
Hash 31f073499665afb237f3294219d2d7c6
c1ada0510e31f661dab66203c15a3d6c8f5468d0
59b7ad6d6f457b624e25d22959edc7c83af2ac52edba32fd6648c97af0d1780c
Analyzer Verdict Alert fortinet Malware
GET /images/arrow-down.png?c98e5283a69cb508d054d30256af43c6 HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/css/frontend.css?id=2396ffb76e738e465b53
Cookie: XSRF-TOKEN=eyJpdiI6Im1iWFlTcmdRd2NPZzJlMGtuNFZlWlE9PSIsInZhbHVlIjoicDZ6TWowTWJramVnMjg3RnltY0VDamhUVlQybVFKVlJFSkJUSXFoU2huYmJnL3ZEdXgrdDNOVXJBaDlwWjNUczczdGNac200TU5LNGVVeU12UG1laStxMHFpdGY2SGRQaXhEdkZUREs2TGF4YXVBQkR4RnVHeDFtbXNxNjZKbUYiLCJtYWMiOiJlY2M3M2NhMzFhMWY1MGU4YjcwZWNkYjFjNTg5MjlkYmQ3YjZhYzY2ZmIyZjA3MDM1MTk4ZmRmZGFjMTgxNTBhIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InV3OWZEZUw0ck82QndxS0NIQk1MMlE9PSIsInZhbHVlIjoiTlNZWEs2NVZvaURHQS9QaEV6VFVtRTNJMHF0ck5qRjJ6V2dCaTltYnk1eE5DclB3VkVrbTNUclluUzk5ajlPbHM1TVhuRGgvcDdxYjYwZkxDWmtMbFBtU0tNZzQ0U2Q0WS9mb09hV1JqaVRidlA1SmxSelVKZTNBY3hXOUNsQXAiLCJtYWMiOiI1ZjkzMWRhZjZlYjJjNGVjNzcxODVmNDY0YmEyNjM5NTQ4NzYzYjVkMTc2MzQwYzc4ZTEyNzA1MWQzMzAzMGNmIiwidGFnIjoiIn0%3D; auth=eyJpdiI6ImNGK1krcEJrTDgweWFQbW90aGNZQ0E9PSIsInZhbHVlIjoiYzU0bVhLMXZ6RGtzV3huMjV0eGZLUT09IiwibWFjIjoiMjFjMzYwNzM5MmI5MDk5YWQzYjI4NDhmYmIyZDYzNzFlYjE3ZDFjZWI3NDUyNTZlZGUzZDNkNjk3MzYwNDQzMyIsInRhZyI6IiJ9; ab=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 28 May 2023 14:35:53 GMT
content-type: image/png
content-length: 208
last-modified: Fri, 08 Apr 2022 10:55:45 GMT
etag: "625014b1-d0"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 339771
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9QskhypBV2ilCJVMyAaHaSWj8IcJJqqcowvAUms%2BXgFDd8j1hr4SsiG1Qw9aDdqvtHsckYt%2FyuIDO2tXIz%2B5BzDGEZFZjm2O5hCs78eRSwgTCti5uSER%2BuPsf5Bzm1StTA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce73a09ac61b503-OSL
X-Firefox-Spdy: h2
fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
200 OK 38 kB URL GET HTTP/2 fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP
Requested by https://upfilesurls.com/YZNR
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 37924, version 1.0\012- data
Hash e08be6d5d433944f7ad52902e4d24db5
e2600c1d60d12d397b3ee44411a021231d71e974
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
GET /s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 37924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 May 2023 03:18:14 GMT
expires: Sun, 26 May 2024 03:18:14 GMT
cache-control: public, max-age=31536000
age: 127059
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
Requested by https://upfilesurls.com/YZNR
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 21:39:40 GMT
expires: Wed, 22 May 2024 21:39:40 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 406573
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adthereissome.info/Nk1ER3pXLycqRVdwJmEPRCF5YkhwaHYBHgd1LyBITDR9P0lCdHJpGVoiMSMcRCIqM1RYKDBiSHAVFioOQi8CLBZ0DAkMIFwEBwQscConETRVGhM3HXcfcAM0TBcTDjlVaHYBMnB5dAsXAgAHAxJ9ARAwKmMLPGJIcAYjKD51fxYgPlEAFB0yUgMABh0BKHV+NnEOLzc7cAwdCxBvBwMVQgQDBQoiZSQzKSxRDAAOAw4FBRZLDikHdiNnICgtLWB8AQ4iUiwXAUJUFHUrHncJBSgyXhsOJklvGRIRFXEuAn4zbjUwLS1gfSELSHgUCAFLRit0ER5kFTx3LUFgKw01X30BFDwCKyABDlUVAytJYXw8DRsFFAoFOAJ1DQYrYB4TNDthITwjHgUXCgA8cCJiLQlZIzR6N30rHnIjdHoOJC8
200 OK 1.2 kB URL GET HTTP/2 adthereissome.info/Nk1ER3pXLycqRVdwJmEPRCF5YkhwaHYBHgd1LyBITDR9P0lCdHJpGVoiMSMcRCIqM1RYKDBiSHAVFioOQi8CLBZ0DAkMIFwEBwQscConETRVGhM3HXcfcAM0TBcTDjlVaHYBMnB5dAsXAgAHAxJ9ARAwKmMLPGJIcAYjKD51fxYgPlEAFB0yUgMABh0BKHV+NnEOLzc7cAwdCxBvBwMVQgQDBQoiZSQzKSxRDAAOAw4FBRZLDikHdiNnICgtLWB8AQ4iUiwXAUJUFHUrHncJBSgyXhsOJklvGRIRFXEuAn4zbjUwLS1gfSELSHgUCAFLRit0ER5kFTx3LUFgKw01X30BFDwCKyABDlUVAytJYXw8DRsFFAoFOAJ1DQYrYB4TNDthITwjHgUXCgA8cCJiLQlZIzR6N30rHnIjdHoOJC8
IP
Requested by https://upfilesurls.com/YZNR
Certificate IssuerAmazon
Subjectadthereissome.info
Fingerprint21:40:7C:A8:E9:22:33:8E:6F:E6:0A:C2:79:2F:18:FD:76:73:C9:7E
ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 02 Jun 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3018), with no line terminators
Hash d92cae3c29df1373190f37989505bc28
3ebaf93433ac2941416a9c059f5f0b2fee3e509f
fb2ab1ea7e062ffd3e847b41192b545d59dabd99b9141b534cb19e21518cbb99
GET /Nk1ER3pXLycqRVdwJmEPRCF5YkhwaHYBHgd1LyBITDR9P0lCdHJpGVoiMSMcRCIqM1RYKDBiSHAVFioOQi8CLBZ0DAkMIFwEBwQscConETRVGhM3HXcfcAM0TBcTDjlVaHYBMnB5dAsXAgAHAxJ9ARAwKmMLPGJIcAYjKD51fxYgPlEAFB0yUgMABh0BKHV+NnEOLzc7cAwdCxBvBwMVQgQDBQoiZSQzKSxRDAAOAw4FBRZLDikHdiNnICgtLWB8AQ4iUiwXAUJUFHUrHncJBSgyXhsOJklvGRIRFXEuAn4zbjUwLS1gfSELSHgUCAFLRit0ER5kFTx3LUFgKw01X30BFDwCKyABDlUVAytJYXw8DRsFFAoFOAJ1DQYrYB4TNDthITwjHgUXCgA8cCJiLQlZIzR6N30rHnIjdHoOJC8 HTTP/1.1
Host: adthereissome.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1175
date: Sun, 28 May 2023 14:35:53 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XGrYE8iomJ7hUVQLUUAJcd4rdQe8RqDn_wBPysBVwrcPBc_ZLXC73g==
X-Firefox-Spdy: h2
adthereissome.info/SmhvcmgrCgwfVytVDVQdOARSV1oMTV00DHtQBBVaMBFWCls+UVlcCyYHGhYOOAcBBkYkDRtXWgwrCyc5egtfPz8BWQAkDgstGyctf14+HCkJOTcWPAYDDBEkGz5aJVgLXSALGBwqBStRAT42NSYJKV0gPh9bKwspADldJzIAPgAnDiYlByUACE1dMDoNIjk0EQwhDDAhAiUXHR4JOQxCKhkyLjMrPSAjN10cJgcgXR06GEcgCQA2NwUQIC4VLi4LXjBaCC4cRToCPT0jKQw5CxU5LCMHARAeLjUKOh4fIiA6MiwMMC4LKTkwWggpKkM9AgxeIwYEJQ4VRRgJNRkMej0XKw8CARwgORs+JxYpHCwMQjp6KjkoEBg7JRYpGTE7OVgyPwwmJnsqOjgcGD8lMDwkIUkYGyUGH08HeRIhHAk/HScfCj8fOgAZ
200 OK 1.2 kB URL GET HTTP/2 adthereissome.info/SmhvcmgrCgwfVytVDVQdOARSV1oMTV00DHtQBBVaMBFWCls+UVlcCyYHGhYOOAcBBkYkDRtXWgwrCyc5egtfPz8BWQAkDgstGyctf14+HCkJOTcWPAYDDBEkGz5aJVgLXSALGBwqBStRAT42NSYJKV0gPh9bKwspADldJzIAPgAnDiYlByUACE1dMDoNIjk0EQwhDDAhAiUXHR4JOQxCKhkyLjMrPSAjN10cJgcgXR06GEcgCQA2NwUQIC4VLi4LXjBaCC4cRToCPT0jKQw5CxU5LCMHARAeLjUKOh4fIiA6MiwMMC4LKTkwWggpKkM9AgxeIwYEJQ4VRRgJNRkMej0XKw8CARwgORs+JxYpHCwMQjp6KjkoEBg7JRYpGTE7OVgyPwwmJnsqOjgcGD8lMDwkIUkYGyUGH08HeRIhHAk/HScfCj8fOgAZ
IP
Requested by https://upfilesurls.com/YZNR
Certificate IssuerAmazon
Subjectadthereissome.info
Fingerprint21:40:7C:A8:E9:22:33:8E:6F:E6:0A:C2:79:2F:18:FD:76:73:C9:7E
ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 02 Jun 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3030), with no line terminators
Hash 225f16156f85b9a05f6e6ebcc65d22af
bb9eb07252d2cd7a243906c11ac7ac171cc97d8a
cd5f0c800f5ec38463b725c6a41821b1745b0cdc53b0cbbc60b08a06d7fa2521
GET /SmhvcmgrCgwfVytVDVQdOARSV1oMTV00DHtQBBVaMBFWCls+UVlcCyYHGhYOOAcBBkYkDRtXWgwrCyc5egtfPz8BWQAkDgstGyctf14+HCkJOTcWPAYDDBEkGz5aJVgLXSALGBwqBStRAT42NSYJKV0gPh9bKwspADldJzIAPgAnDiYlByUACE1dMDoNIjk0EQwhDDAhAiUXHR4JOQxCKhkyLjMrPSAjN10cJgcgXR06GEcgCQA2NwUQIC4VLi4LXjBaCC4cRToCPT0jKQw5CxU5LCMHARAeLjUKOh4fIiA6MiwMMC4LKTkwWggpKkM9AgxeIwYEJQ4VRRgJNRkMej0XKw8CARwgORs+JxYpHCwMQjp6KjkoEBg7JRYpGTE7OVgyPwwmJnsqOjgcGD8lMDwkIUkYGyUGH08HeRIhHAk/HScfCj8fOgAZ HTTP/1.1
Host: adthereissome.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1181
date: Sun, 28 May 2023 14:35:53 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2XDfZFOsxNZU0SuaK1H8Z99xLrvc7MhMd4PyAqBJz2l9Gi7fx0PSdA==
X-Firefox-Spdy: h2
gforanythingamgl.info/ellMTFNVZi8/bjc3KAUELT4JHQsKKRs7HTg8CzwBODJ1ezEsNmo4Oh5kdXtrS2x/aiMTPXF9dQktLTgmCWR9ajoUPyNxdQxkfWJgTnd/fn1IfzlxYlwtPC00R2hqPCcONXF9ZUJsfnRnT2x+dGNC
204 No Content 0 B URL GET HTTP/2 gforanythingamgl.info/ellMTFNVZi8/bjc3KAUELT4JHQsKKRs7HTg8CzwBODJ1ezEsNmo4Oh5kdXtrS2x/aiMTPXF9dQktLTgmCWR9ajoUPyNxdQxkfWJgTnd/fn1IfzlxYlwtPC00R2hqPCcONXF9ZUJsfnRnT2x+dGNC
IP
Requested by https://upfilesurls.com/YZNR
Certificate IssuerGoogle Trust Services LLC
Subjectgforanythingamgl.info
Fingerprint5E:50:F4:C2:4F:D9:85:4E:40:F6:9A:2E:AC:04:DE:C2:79:BB:A8:74
ValidityFri, 05 May 2023 13:46:21 GMT - Thu, 03 Aug 2023 13:46:20 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /ellMTFNVZi8/bjc3KAUELT4JHQsKKRs7HTg8CzwBODJ1ezEsNmo4Oh5kdXtrS2x/aiMTPXF9dQktLTgmCWR9ajoUPyNxdQxkfWJgTnd/fn1IfzlxYlwtPC00R2hqPCcONXF9ZUJsfnRnT2x+dGNC HTTP/1.1
Host: gforanythingamgl.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Sun, 28 May 2023 14:35:53 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Haf40l6IcJn43bDp9sNdKrZsRQ86MojLzzi3m45TgyDSxItxuj3e3FCYOBU6uqb1RJAH%2FEApxiv8QMGabhpKTBPecfFkesAYtpOSdFO2tj3Lj3O%2BkUXhCMfGEpE62v%2FWol2D7KNwzfg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce73a09397f067b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
adthereissome.info/RHRMSmclFi8nWCVJLmwSNhhxb1UCUX4MA3VMJy1VPg11MlQwTXpkBCgbOS4BNhsiPkkqEThvVQIxGiAhDicJclYcHS8/BAc+FQY/EkYuLTFxESIiEBMOIyQuFy0BAiMzEhYNKgozf3JQBhl0cikQPQEvMHAeAntfMRAbIR0cDTx7ASo2HQY0NA0VIgR8PxQDUBweASIuPgQdKC8rPhUyXnEWFHsKAyAKfwEqOQ8JVXVNFiZXIz4mJRICPDh+KXZABAwJcUMvPS4IFhR7ChUOdT4BBhcNLz8CHBYiDzcRInIfEjcjIC4MOQgOVDRRfgw9MzJ5Lz99GgoCSjBABx5eADgPfgAIHB59IypBIgsgIEAtGSoJEQ1sDTcbIjpaEQAceDUAJ3wnUA
200 OK 1.2 kB URL GET HTTP/2 adthereissome.info/RHRMSmclFi8nWCVJLmwSNhhxb1UCUX4MA3VMJy1VPg11MlQwTXpkBCgbOS4BNhsiPkkqEThvVQIxGiAhDicJclYcHS8/BAc+FQY/EkYuLTFxESIiEBMOIyQuFy0BAiMzEhYNKgozf3JQBhl0cikQPQEvMHAeAntfMRAbIR0cDTx7ASo2HQY0NA0VIgR8PxQDUBweASIuPgQdKC8rPhUyXnEWFHsKAyAKfwEqOQ8JVXVNFiZXIz4mJRICPDh+KXZABAwJcUMvPS4IFhR7ChUOdT4BBhcNLz8CHBYiDzcRInIfEjcjIC4MOQgOVDRRfgw9MzJ5Lz99GgoCSjBABx5eADgPfgAIHB59IypBIgsgIEAtGSoJEQ1sDTcbIjpaEQAceDUAJ3wnUA
IP
Requested by https://upfilesurls.com/YZNR
Certificate IssuerAmazon
Subjectadthereissome.info
Fingerprint21:40:7C:A8:E9:22:33:8E:6F:E6:0A:C2:79:2F:18:FD:76:73:C9:7E
ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 02 Jun 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2995), with no line terminators
Hash 1b9638efc6a9577729dcfb687e5b8b47
90c0d83577e36b06e08802b97cc27cf0bc85fa38
18f6d226a4ecc2a397a22528f6f7d7a2200c520193308f673ed4d6804eb2018c
GET /RHRMSmclFi8nWCVJLmwSNhhxb1UCUX4MA3VMJy1VPg11MlQwTXpkBCgbOS4BNhsiPkkqEThvVQIxGiAhDicJclYcHS8/BAc+FQY/EkYuLTFxESIiEBMOIyQuFy0BAiMzEhYNKgozf3JQBhl0cikQPQEvMHAeAntfMRAbIR0cDTx7ASo2HQY0NA0VIgR8PxQDUBweASIuPgQdKC8rPhUyXnEWFHsKAyAKfwEqOQ8JVXVNFiZXIz4mJRICPDh+KXZABAwJcUMvPS4IFhR7ChUOdT4BBhcNLz8CHBYiDzcRInIfEjcjIC4MOQgOVDRRfgw9MzJ5Lz99GgoCSjBABx5eADgPfgAIHB59IypBIgsgIEAtGSoJEQ1sDTcbIjpaEQAceDUAJ3wnUA HTTP/1.1
Host: adthereissome.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1156
date: Sun, 28 May 2023 14:35:53 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 47ISEa-8q8cROi_i4M9iIU7QVVAxNljbaNl6hUvpho1ENW_HDrKWqQ==
X-Firefox-Spdy: h2
gforanythingamgl.info/aldIOUhFaCtKdSQSAnAcEA4GWgACYwlOAlgyew0HKx8eTi0dEm5NIQ5qcQF8WmV/HzgDM3UIcEwkPFg8HyR1CG4DOS5WdUwhdQhmWnl6F3tMInUIbh4nKV51W3E4TTwGankPcF9lcA19X2VwC3E
204 No Content 0 B URL GET HTTP/2 gforanythingamgl.info/aldIOUhFaCtKdSQSAnAcEA4GWgACYwlOAlgyew0HKx8eTi0dEm5NIQ5qcQF8WmV/HzgDM3UIcEwkPFg8HyR1CG4DOS5WdUwhdQhmWnl6F3tMInUIbh4nKV51W3E4TTwGankPcF9lcA19X2VwC3E
IP
Requested by https://upfilesurls.com/YZNR
Certificate IssuerGoogle Trust Services LLC
Subjectgforanythingamgl.info
Fingerprint5E:50:F4:C2:4F:D9:85:4E:40:F6:9A:2E:AC:04:DE:C2:79:BB:A8:74
ValidityFri, 05 May 2023 13:46:21 GMT - Thu, 03 Aug 2023 13:46:20 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /aldIOUhFaCtKdSQSAnAcEA4GWgACYwlOAlgyew0HKx8eTi0dEm5NIQ5qcQF8WmV/HzgDM3UIcEwkPFg8HyR1CG4DOS5WdUwhdQhmWnl6F3tMInUIbh4nKV51W3E4TTwGankPcF9lcA19X2VwC3E HTTP/1.1
Host: gforanythingamgl.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Sun, 28 May 2023 14:35:53 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hd2lJS24TzWRo%2Fo44N%2FuVh5S5QU%2B1vuySKJykAKEOiorSm4sGyjNrerupwF8A%2BGvPQZtH637lo7OU60Z6Gs54K74XrYJfRbLBirGOcrqp1qTRT3rOYH5BsxERfcf2y%2Bl2UnHNPT9V34%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce73a094995067b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
gforanythingamgl.info/bGNicjZDXAEBCw9RFhxhBjUkKmBZFyNCfDU2Dzt1PTVXI1cLNkQGXwheW0UCWlFWVEYFB19DEB8XAwZDH15TVF8CBQ1PEBpeU1wFWE1RQBheRRdPB0oXEhNRUVJEAkIYD19DAFRWUEoCWVZQSgRd
204 No Content 0 B URL GET HTTP/2 gforanythingamgl.info/bGNicjZDXAEBCw9RFhxhBjUkKmBZFyNCfDU2Dzt1PTVXI1cLNkQGXwheW0UCWlFWVEYFB19DEB8XAwZDH15TVF8CBQ1PEBpeU1wFWE1RQBheRRdPB0oXEhNRUVJEAkIYD19DAFRWUEoCWVZQSgRd
IP
Requested by https://upfilesurls.com/YZNR
Certificate IssuerGoogle Trust Services LLC
Subjectgforanythingamgl.info
Fingerprint5E:50:F4:C2:4F:D9:85:4E:40:F6:9A:2E:AC:04:DE:C2:79:BB:A8:74
ValidityFri, 05 May 2023 13:46:21 GMT - Thu, 03 Aug 2023 13:46:20 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /bGNicjZDXAEBCw9RFhxhBjUkKmBZFyNCfDU2Dzt1PTVXI1cLNkQGXwheW0UCWlFWVEYFB19DEB8XAwZDH15TVF8CBQ1PEBpeU1wFWE1RQBheRRdPB0oXEhNRUVJEAkIYD19DAFRWUEoCWVZQSgRd HTTP/1.1
Host: gforanythingamgl.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Sun, 28 May 2023 14:35:53 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LRIns8YJZqoMok4llX2A8cL5gUSslAS0bowPjT5Y2yhBZK8Nvl%2FqCdAk%2FJqn9Q1jMhPjX7OAnunMTxLqQZ4EMFm687sUk4viBWFt6m9SaIXFlv3BOyRlZ3gtXWklKKbHVsOhwSD9KrY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce73a094987067b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
live.demand.supply/x/e.js?ce=fs&dsReferer=dXBmaWxlc3VybHMuY29tL1laTlI=
200 OK 0 B URL HEAD HTTP/3 live.demand.supply/x/e.js?ce=fs&dsReferer=dXBmaWxlc3VybHMuY29tL1laTlI=
IP
Requested by https://upfilesurls.com/YZNR
Certificate IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /x/e.js?ce=fs&dsReferer=dXBmaWxlc3VybHMuY29tL1laTlI= HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 28 May 2023 14:35:53 GMT
content-type: application/javascript; charset=UTF-8
content-length: 1
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=2
etag: "dfe0abe17839ba4f36623d3c9332b694-ssl"
x-nf-request-id: 01H0WH53N5DXY1S5GWJ4J08TX0
cf-cache-status: HIT
age: 688332
accept-ranges: bytes
set-cookie: __cf_bm=ay2nj6yWJXXA9_01ytHqrHG1tslRybp4SEdcKSbRDHk-1685284553-0-Abw6fd6gNeBHKys/9YTX8xIaOIJr3xFxoNrKJ3Xqz/pHn+L5GVP4klM3LR3/Yo2vhzQLblO2k353aKTwqPxOUhE=; path=/; expires=Sun, 28-May-23 15:05:53 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce73a0afb84b505-OSL
alt-svc: h3=":443"; ma=86400
live.demand.supply/x/e.js?ce=bb&r=upfilesurls.com_auto_728x90_sticky_display_bottom&dsReferer=dXBmaWxlc3VybHMuY29tL1laTlI=
200 OK 0 B URL HEAD HTTP/3 live.demand.supply/x/e.js?ce=bb&r=upfilesurls.com_auto_728x90_sticky_display_bottom&dsReferer=dXBmaWxlc3VybHMuY29tL1laTlI=
IP
Requested by https://upfilesurls.com/YZNR
Certificate IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /x/e.js?ce=bb&r=upfilesurls.com_auto_728x90_sticky_display_bottom&dsReferer=dXBmaWxlc3VybHMuY29tL1laTlI= HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 28 May 2023 14:35:53 GMT
content-type: application/javascript; charset=UTF-8
content-length: 1
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=2
etag: "dfe0abe17839ba4f36623d3c9332b694-ssl"
x-nf-request-id: 01H0WH53N5DXY1S5GWJ4J08TX0
cf-cache-status: HIT
age: 688332
accept-ranges: bytes
set-cookie: __cf_bm=7Dbe8eTMXxRD_hfSZ5VMOXqAbzDFcvYoL1FJX6..lxc-1685284553-0-AbMU0EC0RmuUPRzOCE5EcWBk4MhmLfMSUMsL6JEgL1lgyMxkmZwlIymjFoq+1rGAXxiSH8eWBqRU73X1FWDkdW0=; path=/; expires=Sun, 28-May-23 15:05:53 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce73a0afb88b505-OSL
alt-svc: h3=":443"; ma=86400
live.demand.supply/impl.v16.9.1.js
200 OK 24 kB URL GET HTTP/3 live.demand.supply/impl.v16.9.1.js
IP
Requested by https://upfilesurls.com/YZNR
Certificate IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (27958)
Hash 20e3de9acd919eb7e518640761f616a6
a39badf38168691698ca2b2ea2aa070b34d01a3d
cdeda8658c3f891c883f5a83c5f2b5e20a18c2fa65658d77a1522fe440b6d0e0
GET /impl.v16.9.1.js HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Cookie: demandSupplyTi=14f91c31-596e-488d-8585-4bd34b66c35a; __cf_bm=X0SCXh_bL6KLizK9T3DckyrUFaEEJaRT1rQFNDCTGwk-1685284553-0-Af24poEZWo/pRXE1ICvlzLDCkUcDrxX4grapoWks9ulp52WtZMKZZCb977WIqLKc2H+XnQ3P5nJ+ASmr+3SOVLw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 28 May 2023 14:35:53 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=75573
etag: W/"a92236f0259b51d5fbe112e5ac680198-ssl-df"
timing-allow-origin: *
vary: Accept-Encoding
x-nf-request-id: 01H0JGE5H42NN0NCVBZSKPPTF4
cf-cache-status: HIT
age: 1036145
server: cloudflare
cf-ray: 7ce73a08ec151c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
d18kg2zy9x3t96.cloudfront.net/EVjFJSE81XicucCJYLXV2bgV5enhwWzonISYMHDwfZGMNG387Bm88NTIMeW4jN18udWkzXyp1fnBQLSpyYhc8KXI7XjMhIzpQbHoJYx95bX1mGTF5fnMCC219Zl0gJjouFHt4N24HFn57cwILbX1mQz9tfBcAeXFhZhhsen8xVCojIHMDD3p/ZwF5eX9nFH-t4KT9DLC4gLhR7Dn5nAGd4aSMMeA
192 B URL d18kg2zy9x3t96.cloudfront.net/EVjFJSE81XicucCJYLXV2bgV5enhwWzonISYMHDwfZGMNG387Bm88NTIMeW4jN18udWkzXyp1fnBQLSpyYhc8KXI7XjMhIzpQbHoJYx95bX1mGTF5fnMCC219Zl0gJjouFHt4N24HFn57cwILbX1mQz9tfBcAeXFhZhhsen8xVCojIHMDD3p/ZwF5eX9nFH-t4KT9DLC4gLhR7Dn5nAGd4aSMMeA
IP
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 307e0919b6ab6102d381d0cbe1d10fcc
5bf5dce524360d185bcfd41cc6493bf8b51fd3f9
599d51b7ae7485db24a4fb16d5ee74803e347b8ad4010d0da2957ab3fe90ec1d
GET /EVjFJSE81XicucCJYLXV2bgV5enhwWzonISYMHDwfZGMNG387Bm88NTIMeW4jN18udWkzXyp1fnBQLSpyYhc8KXI7XjMhIzpQbHoJYx95bX1mGTF5fnMCC219Zl0gJjouFHt4N24HFn57cwILbX1mQz9tfBcAeXFhZhhsen8xVCojIHMDD3p/ZwF5eX9nFH-t4KT9DLC4gLhR7Dn5nAGd4aSMMeA HTTP/1.1
Host: d18kg2zy9x3t96.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adthereissome.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 192
date: Sun, 28 May 2023 14:35:53 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: t4L_a3dapdM5nNAblM-gLzWndlY1jq84ryES_cWfNpz9Nax3CJ1qZQ==
X-Firefox-Spdy: h2
live.demand.supply/css/sdb.css
200 OK 2.2 kB URL GET HTTP/3 live.demand.supply/css/sdb.css
IP
Requested by https://upfilesurls.com/YZNR
Certificate IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (3765), with no line terminators
Hash 05937abfafb30dc374d6de75acf7b940
d8d47f032e9344f49aca58294b29f7456ef6a8c3
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
GET /css/sdb.css HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Cookie: demandSupplyTi=14f91c31-596e-488d-8585-4bd34b66c35a; __cf_bm=X0SCXh_bL6KLizK9T3DckyrUFaEEJaRT1rQFNDCTGwk-1685284553-0-Af24poEZWo/pRXE1ICvlzLDCkUcDrxX4grapoWks9ulp52WtZMKZZCb977WIqLKc2H+XnQ3P5nJ+ASmr+3SOVLw=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 28 May 2023 14:35:53 GMT
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-bgj: minify
etag: W/"281c43d3e253957887c3e1dad5bbb310-ssl-df"
vary: Accept-Encoding
x-nf-request-id: 01GZGR6SCB0Q49R1S22Y9RAR9T
cf-cache-status: HIT
age: 129276
server: cloudflare
cf-ray: 7ce73a0afdad1c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
d18kg2zy9x3t96.cloudfront.net/XRmttbFklBAMKZjICCVFgcVNcWWpgAR4DNzZWICc/HF40Lm4MCDhKLTwPUFx/KgoDC2RgDgMPZHdNDAg7e19LGCkpAFAYLjYJGR82NAMXSiwnVgADIy8HAQ18dC1YQmljWV1EIXdaSF8bY1ldADAoHhVJa3YTVVoGcF9IXxtjWV0eL2NYLF1pf0VdRXx0Ww-oJOi0ESF4fdFtcXGl3W1xJa3YNBB48IAQVSWsAWlxdd3ZNGFFo
595 B URL d18kg2zy9x3t96.cloudfront.net/XRmttbFklBAMKZjICCVFgcVNcWWpgAR4DNzZWICc/HF40Lm4MCDhKLTwPUFx/KgoDC2RgDgMPZHdNDAg7e19LGCkpAFAYLjYJGR82NAMXSiwnVgADIy8HAQ18dC1YQmljWV1EIXdaSF8bY1ldADAoHhVJa3YTVVoGcF9IXxtjWV0eL2NYLF1pf0VdRXx0Ww-oJOi0ESF4fdFtcXGl3W1xJa3YNBB48IAQVSWsAWlxdd3ZNGFFo
IP
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (831), with no line terminators
Hash 9b76067db1a653bd2cfc9002a71295a9
abd4beae0c9fdbcdf584d3ff6dc943443b3dbc63
8dc534303a1bff2733051c95c17e64a4953af6fba0e332d60fb0897c7143c6a9
GET /XRmttbFklBAMKZjICCVFgcVNcWWpgAR4DNzZWICc/HF40Lm4MCDhKLTwPUFx/KgoDC2RgDgMPZHdNDAg7e19LGCkpAFAYLjYJGR82NAMXSiwnVgADIy8HAQ18dC1YQmljWV1EIXdaSF8bY1ldADAoHhVJa3YTVVoGcF9IXxtjWV0eL2NYLF1pf0VdRXx0Ww-oJOi0ESF4fdFtcXGl3W1xJa3YNBB48IAQVSWsAWlxdd3ZNGFFo HTTP/1.1
Host: d18kg2zy9x3t96.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adthereissome.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 595
date: Sun, 28 May 2023 14:35:53 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: uPJVk-NIG0NJLXu6fCucYrGTnNDTxfDcrC0OwE8rqxN_FrER-zbNHA==
X-Firefox-Spdy: h2
www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
200 OK 586 B URL GET HTTP/2 www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
IP
Requested by https://upfilesurls.com/YZNR
Certificate IssuerGoogle Trust Services LLC
Subjectmisc.google.com
Fingerprint84:2B:3C:EA:5D:89:48:EC:DE:99:FD:C0:2A:32:C6:E3:35:2B:B5:44
ValidityMon, 08 May 2023 08:21:14 GMT - Mon, 31 Jul 2023 08:21:13 GMT
File type ASCII text, with very long lines (921), with no line terminators
Hash c0c5f1bc3dc1207fc4647a1971f7f8b2
a94949b5e56d94885045927d8d421d58297a8731
6813158c368d2541a76ab7284095e1987ec7ac6c39eed3a6312faf5f9a939249
GET /recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit HTTP/1.1
Host: www.recaptcha.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
expires: Sun, 28 May 2023 14:35:53 GMT
date: Sun, 28 May 2023 14:35:53 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 586
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
200 OK 0 B URL HEAD HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP
Requested by https://upfilesurls.com/YZNR
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint4D:38:FE:62:28:C3:2C:26:D3:E4:2A:D2:FD:07:5A:0E:7D:C6:AD:7C
ValidityMon, 08 May 2023 08:20:04 GMT - Mon, 31 Jul 2023 08:20:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 28 May 2023 14:35:53 GMT
expires: Sun, 28 May 2023 14:35:53 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 13715207099636959495
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 47245
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adthereissome.info/utx?cb=q4jhsxy5CFuB&top=upfilesurls.com&tid=978153
204 No Content 0 B URL GET HTTP/2 adthereissome.info/utx?cb=q4jhsxy5CFuB&top=upfilesurls.com&tid=978153
IP
Requested by https://upfilesurls.com/YZNR
Certificate IssuerAmazon
Subjectadthereissome.info
Fingerprint21:40:7C:A8:E9:22:33:8E:6F:E6:0A:C2:79:2F:18:FD:76:73:C9:7E
ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 02 Jun 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=q4jhsxy5CFuB&top=upfilesurls.com&tid=978153 HTTP/1.1
Host: adthereissome.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Sun, 28 May 2023 14:35:53 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://upfilesurls.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 28 May 2023 14:36:53 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KuB3cg5TE_DcFkDHDERTne5SAvEz9d-FB7XmETyGigl7qmATIRbPNw==
X-Firefox-Spdy: h2
adthereissome.info/utx?cb=K8ACS8xxOlA0&top=upfilesurls.com&tid=974624
204 No Content 0 B URL GET HTTP/2 adthereissome.info/utx?cb=K8ACS8xxOlA0&top=upfilesurls.com&tid=974624
IP
Requested by https://upfilesurls.com/YZNR
Certificate IssuerAmazon
Subjectadthereissome.info
Fingerprint21:40:7C:A8:E9:22:33:8E:6F:E6:0A:C2:79:2F:18:FD:76:73:C9:7E
ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 02 Jun 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=K8ACS8xxOlA0&top=upfilesurls.com&tid=974624 HTTP/1.1
Host: adthereissome.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Sun, 28 May 2023 14:35:53 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://upfilesurls.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 28 May 2023 14:36:53 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FSvmwG8cVzfhd1UJt5tSk7oVxMLAObXy6WsdiMC1UGK5AdJbrncyvg==
X-Firefox-Spdy: h2
d18kg2zy9x3t96.cloudfront.net/?yzgkd=978153
200 OK 116 kB URL GET HTTP/2 d18kg2zy9x3t96.cloudfront.net/?yzgkd=978153
IP
Requested by https://upfilesurls.com/YZNR
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (15948)
Size 116 kB (115485 bytes)
Hash 3c19d3c8e1cf1eae2b0cbba236a9204d
4abe0eb73c235beec42a20a2333f779b87bf2282
66b65650f50d63fb4dc609d172e19dbdb5e6b4d0e6922f994e4c643a2654cd85
GET /?yzgkd=978153 HTTP/1.1
Host: d18kg2zy9x3t96.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 115485
date: Sun, 28 May 2023 14:35:53 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://upfilesurls.com
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xswJH0HXE_RI6OV5MvwMQZmcf6pgkS28auhfJPiMmyfo65G8bSNQOQ==
X-Firefox-Spdy: h2
accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneGIBU0JJ1uWYpbQ6FovLT4mkbyOxX_ULUEKo2OqWB7PAupEbsFJLmxR7IRKJO7iWROhVy1XbA
302 Found 395 B URL GET HTTP/3 accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneGIBU0JJ1uWYpbQ6FovLT4mkbyOxX_ULUEKo2OqWB7PAupEbsFJLmxR7IRKJO7iWROhVy1XbA
IP
Requested by https://upfilesurls.com/YZNR
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (378)
Hash 350c72a0fd432f9f921207ceee8f2818
c44559f3a490ff6027a59f5c210599ba8f96c31a
f9a507cddd4eb223748e300c0d57670731ee9a241ce3bace4863f0cefc11fce1
GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneGIBU0JJ1uWYpbQ6FovLT4mkbyOxX_ULUEKo2OqWB7PAupEbsFJLmxR7IRKJO7iWROhVy1XbA HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:eOXT-O2p5JEcbjzKTrARLN8ZVYNB2Q:OtbLjwatYt0FdCKG;Path=/;Expires=Tue, 27-May-2025 14:35:54 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 28 May 2023 14:35:54 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-737251444%3A1685284554107886&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneGQU8cQz4WhnoYheR_M2lYw6RFglUr5jBehTANwh1F1Ed02WO2JuswD2hXiJRQT6L9WZ_PD&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-gFGcXsI7ohavywnZf-PMPQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 395
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pogothere.xyz/
200 OK 166 kB IP
Requested by https://upfilesurls.com/YZNR
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Size 166 kB (166478 bytes)
Hash 70936a1930a92a375195c28db2968be7
a4f6159cb62a50b6c02b8be3e42fc20d0908d318
5b0c37a6a257bd519eccd346b08f74e7f9de3918fab9cc44226cf5a06c851be7
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 14:35:53 GMT
content-type: text/plain
set-cookie: csu=867183127846910@1@1685284553; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://upfilesurls.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=edEdEbUu7FEHuBb8v9el3cUG%2B%2BvEjfsDOqEi7WdZ%2FVcSGT0OPePHPGWZSEmd91ZfKa%2FZWHLvoZZ1AgineyecG5U6W1QE7GZ5wJUmSoPq6ji3E49Kosibvns37I0D1r6r"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce73a0cbe387549-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneHFfWzA_5v4UIszcsaSvhzD3HRG-5a99p0TOIcapB-IoyLJI8331U4XDG9Ku-HJmfgT97jD4g
302 Found 397 B URL GET HTTP/3 accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneHFfWzA_5v4UIszcsaSvhzD3HRG-5a99p0TOIcapB-IoyLJI8331U4XDG9Ku-HJmfgT97jD4g
IP
Requested by https://upfilesurls.com/YZNR
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (383)
Hash 41b39d70622cd2c25d3a2981edb6b801
d28ec81da176d760410235b7cef7d355f6ea6342
2d97383e21bfbae32f18d1e79d7594822d5d42f9b3db0481840ba9615d11e5b8
GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneHFfWzA_5v4UIszcsaSvhzD3HRG-5a99p0TOIcapB-IoyLJI8331U4XDG9Ku-HJmfgT97jD4g HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:dAOWBP4zeL_ijcsS5CDbww8_d-Ykeg:dsTjvAk4l4e8U-y5;Path=/;Expires=Tue, 27-May-2025 14:35:54 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 28 May 2023 14:35:54 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1627085492%3A1685284554150384&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFM4dgQ7WsnbLjSrnrim7JfIwL3YCBk3zH7IE_iFH9V2BwkMVJgEoXh3TIkigwt_m3o9XJA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-MAlVfkAQ5VIXfKQ4Rsn__w' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 397
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
upfilesurls.com/cdn-cgi/challenge-platform/scripts/invisible.js
302 Found 0 B URL GET HTTP/2 upfilesurls.com/cdn-cgi/challenge-platform/scripts/invisible.js
IP
Requested by https://upfilesurls.com/YZNR
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /cdn-cgi/challenge-platform/scripts/invisible.js HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Im1iWFlTcmdRd2NPZzJlMGtuNFZlWlE9PSIsInZhbHVlIjoicDZ6TWowTWJramVnMjg3RnltY0VDamhUVlQybVFKVlJFSkJUSXFoU2huYmJnL3ZEdXgrdDNOVXJBaDlwWjNUczczdGNac200TU5LNGVVeU12UG1laStxMHFpdGY2SGRQaXhEdkZUREs2TGF4YXVBQkR4RnVHeDFtbXNxNjZKbUYiLCJtYWMiOiJlY2M3M2NhMzFhMWY1MGU4YjcwZWNkYjFjNTg5MjlkYmQ3YjZhYzY2ZmIyZjA3MDM1MTk4ZmRmZGFjMTgxNTBhIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InV3OWZEZUw0ck82QndxS0NIQk1MMlE9PSIsInZhbHVlIjoiTlNZWEs2NVZvaURHQS9QaEV6VFVtRTNJMHF0ck5qRjJ6V2dCaTltYnk1eE5DclB3VkVrbTNUclluUzk5ajlPbHM1TVhuRGgvcDdxYjYwZkxDWmtMbFBtU0tNZzQ0U2Q0WS9mb09hV1JqaVRidlA1SmxSelVKZTNBY3hXOUNsQXAiLCJtYWMiOiI1ZjkzMWRhZjZlYjJjNGVjNzcxODVmNDY0YmEyNjM5NTQ4NzYzYjVkMTc2MzQwYzc4ZTEyNzA1MWQzMzAzMGNmIiwidGFnIjoiIn0%3D; auth=eyJpdiI6ImNGK1krcEJrTDgweWFQbW90aGNZQ0E9PSIsInZhbHVlIjoiYzU0bVhLMXZ6RGtzV3huMjV0eGZLUT09IiwibWFjIjoiMjFjMzYwNzM5MmI5MDk5YWQzYjI4NDhmYmIyZDYzNzFlYjE3ZDFjZWI3NDUyNTZlZGUzZDNkNjk3MzYwNDQzMyIsInRhZyI6IiJ9; ab=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
date: Sun, 28 May 2023 14:35:53 GMT
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/938e2b5c/invisible.js
access-control-allow-origin: *
vary: accept-encoding
cache-control: max-age=300, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=famwfboZl2QWrbKlPh2H0RaiSDE1D6b5TkHIvV0f4BK4OuPUxKjZEZ%2FxtIdyY33yx21d%2B6v4IMY3Kba4jg8prm0vtMVUFBrOU37F9gHEnNsggLduYHJ2NEEUmV7wAJpiQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce73a0afe4db503-OSL
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S-1627085492%3A1685284554150384&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFM4dgQ7WsnbLjSrnrim7JfIwL3YCBk3zH7IE_iFH9V2BwkMVJgEoXh3TIkigwt_m3o9XJA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
403 Forbidden 843 B URL GET HTTP/3 accounts.google.com/v3/signin/identifier?dsh=S-1627085492%3A1685284554150384&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFM4dgQ7WsnbLjSrnrim7JfIwL3YCBk3zH7IE_iFH9V2BwkMVJgEoXh3TIkigwt_m3o9XJA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
IP
Requested by https://upfilesurls.com/YZNR
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT
File type gzip compressed data, max compression\012- data
Hash 28080a3ba4524d69214d685e012456cc
8e9c8e276050e271aafc5e81253700847aa934a0
de277f10c28c3f89e6f407b0bfafaaaba90d732960a189a7a53c22d9610240d1
GET /v3/signin/identifier?dsh=S-1627085492%3A1685284554150384&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFM4dgQ7WsnbLjSrnrim7JfIwL3YCBk3zH7IE_iFH9V2BwkMVJgEoXh3TIkigwt_m3o9XJA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 28 May 2023 14:35:54 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-security-policy: script-src 'nonce--o7es7_bhxeD_Z2MyR8V_Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pogothere.xyz/asd100.bin
200 OK 102 kB IP
Requested by https://upfilesurls.com/YZNR
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
Size 102 kB (102400 bytes)
Hash 4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 14:35:53 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://upfilesurls.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 3782
last-modified: Sun, 28 May 2023 13:32:51 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VB%2FVEppaC2%2BUlfRF6g8euYTLyr6HVOPj%2F2fWyHmH6h2qcNcdGX72HHxZLk5qjMDmgvNm3Gjg0e1ZHfGNUfndi9T3bbXj0xbHpK7amzdsNigLtCIBw0XEOCB9pgmJeSjN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce73a0c9e167549-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
live.demand.supply/e/e.js?e=ll&d=234&cs=c&dsReferer=dXBmaWxlc3VybHMuY29tL1laTlI=
200 OK 0 B URL HEAD HTTP/3 live.demand.supply/e/e.js?e=ll&d=234&cs=c&dsReferer=dXBmaWxlc3VybHMuY29tL1laTlI=
IP
Requested by https://upfilesurls.com/YZNR
Certificate IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /e/e.js?e=ll&d=234&cs=c&dsReferer=dXBmaWxlc3VybHMuY29tL1laTlI= HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 28 May 2023 14:35:53 GMT
content-type: application/javascript; charset=UTF-8
content-length: 1
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=2
etag: "dfe0abe17839ba4f36623d3c9332b694-ssl"
x-nf-request-id: 01H0WH535VZPRFR8SSXVB2WVS7
cf-cache-status: HIT
age: 688332
accept-ranges: bytes
set-cookie: __cf_bm=tWAPOE4jKiobajcco8y.TnHprwjE8cnV5mr2IX7SkT0-1685284553-0-Ab7+ageDMBLO0w2uDlViwfPlmv6cTV7flvsSNiJiIpxMoBa7epJfjaMqgEvDuxCabiLYxnttkGlVeFZrq6xyRuI=; path=/; expires=Sun, 28-May-23 15:05:53 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce73a08e89fb505-OSL
alt-svc: h3=":443"; ma=86400
fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap
200 OK 18 kB URL GET HTTP/2 fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap
IP
Requested by https://upfilesurls.com/YZNR
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C
ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT
Hash 95922663397e898c5aa9cb4d93dee59f
b127f295ee788d93d0348ae9a2aa6dfa39b0981e
33613d442dd3f6abef01c9bee884b9aa828f42820ee62da8b86ad5a9ea7f58f2
GET /css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 28 May 2023 14:35:52 GMT
date: Sun, 28 May 2023 14:35:52 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
upfilesurls.com/favicon.ico
200 OK 1.5 kB URL GET HTTP/2 upfilesurls.com/favicon.ico
IP
Requested by https://upfilesurls.com/YZNR
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
File type MS Windows icon resource - 1 icon, 32x32 with PNG image data, 32 x 32, 8-bit colormap, non-interlaced, 32 bits/pixel\012- data
Hash ba3a9d1041ae9a7a655f9632756b1e92
fbb065d1df15871da0b7df14ca22041a729dda88
180c85c0caca07f8411a77e2392751d979f74982f0ed7062a0093b322924f38f
GET /favicon.ico HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/YZNR
Cookie: XSRF-TOKEN=eyJpdiI6Im1iWFlTcmdRd2NPZzJlMGtuNFZlWlE9PSIsInZhbHVlIjoicDZ6TWowTWJramVnMjg3RnltY0VDamhUVlQybVFKVlJFSkJUSXFoU2huYmJnL3ZEdXgrdDNOVXJBaDlwWjNUczczdGNac200TU5LNGVVeU12UG1laStxMHFpdGY2SGRQaXhEdkZUREs2TGF4YXVBQkR4RnVHeDFtbXNxNjZKbUYiLCJtYWMiOiJlY2M3M2NhMzFhMWY1MGU4YjcwZWNkYjFjNTg5MjlkYmQ3YjZhYzY2ZmIyZjA3MDM1MTk4ZmRmZGFjMTgxNTBhIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InV3OWZEZUw0ck82QndxS0NIQk1MMlE9PSIsInZhbHVlIjoiTlNZWEs2NVZvaURHQS9QaEV6VFVtRTNJMHF0ck5qRjJ6V2dCaTltYnk1eE5DclB3VkVrbTNUclluUzk5ajlPbHM1TVhuRGgvcDdxYjYwZkxDWmtMbFBtU0tNZzQ0U2Q0WS9mb09hV1JqaVRidlA1SmxSelVKZTNBY3hXOUNsQXAiLCJtYWMiOiI1ZjkzMWRhZjZlYjJjNGVjNzcxODVmNDY0YmEyNjM5NTQ4NzYzYjVkMTc2MzQwYzc4ZTEyNzA1MWQzMzAzMGNmIiwidGFnIjoiIn0%3D; auth=eyJpdiI6ImNGK1krcEJrTDgweWFQbW90aGNZQ0E9PSIsInZhbHVlIjoiYzU0bVhLMXZ6RGtzV3huMjV0eGZLUT09IiwibWFjIjoiMjFjMzYwNzM5MmI5MDk5YWQzYjI4NDhmYmIyZDYzNzFlYjE3ZDFjZWI3NDUyNTZlZGUzZDNkNjk3MzYwNDQzMyIsInRhZyI6IiJ9; ab=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 14:35:53 GMT
content-type: image/x-icon
last-modified: Fri, 08 Apr 2022 10:55:45 GMT
vary: Accept-Encoding
etag: W/"625014b1-5b8"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 6928
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F2CsOOCrl1xlSmIU9ACJmd2TPq7YoZgaWE0ZGUcg2%2F9iMLuA7qB2DvL9b94TD%2BuCFKzh%2FZAJybC99NRfL3GgS%2F5SLOKDWnjAHZrP%2B%2F54Lt7GaSHDpQzi%2F%2BA2ntAY%2FIZ3EA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce73a0c0803b503-OSL
content-encoding: br
X-Firefox-Spdy: h2
upfilesurls.com/img/faqs-image.svg
200 OK 38 kB URL GET HTTP/2 upfilesurls.com/img/faqs-image.svg
IP
Requested by https://upfilesurls.com/YZNR
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (4190)
Hash a60b7216905928c625ae9592044476cd
e70c5be728c7bd1198100337487aafe126834ca3
9a717285429d468fadc4d25179fc6feb49e6335f3af1675fb6be1cb50e7e8322
Analyzer Verdict Alert fortinet Malware
GET /img/faqs-image.svg HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/YZNR
Cookie: XSRF-TOKEN=eyJpdiI6Im1iWFlTcmdRd2NPZzJlMGtuNFZlWlE9PSIsInZhbHVlIjoicDZ6TWowTWJramVnMjg3RnltY0VDamhUVlQybVFKVlJFSkJUSXFoU2huYmJnL3ZEdXgrdDNOVXJBaDlwWjNUczczdGNac200TU5LNGVVeU12UG1laStxMHFpdGY2SGRQaXhEdkZUREs2TGF4YXVBQkR4RnVHeDFtbXNxNjZKbUYiLCJtYWMiOiJlY2M3M2NhMzFhMWY1MGU4YjcwZWNkYjFjNTg5MjlkYmQ3YjZhYzY2ZmIyZjA3MDM1MTk4ZmRmZGFjMTgxNTBhIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InV3OWZEZUw0ck82QndxS0NIQk1MMlE9PSIsInZhbHVlIjoiTlNZWEs2NVZvaURHQS9QaEV6VFVtRTNJMHF0ck5qRjJ6V2dCaTltYnk1eE5DclB3VkVrbTNUclluUzk5ajlPbHM1TVhuRGgvcDdxYjYwZkxDWmtMbFBtU0tNZzQ0U2Q0WS9mb09hV1JqaVRidlA1SmxSelVKZTNBY3hXOUNsQXAiLCJtYWMiOiI1ZjkzMWRhZjZlYjJjNGVjNzcxODVmNDY0YmEyNjM5NTQ4NzYzYjVkMTc2MzQwYzc4ZTEyNzA1MWQzMzAzMGNmIiwidGFnIjoiIn0%3D; auth=eyJpdiI6ImNGK1krcEJrTDgweWFQbW90aGNZQ0E9PSIsInZhbHVlIjoiYzU0bVhLMXZ6RGtzV3huMjV0eGZLUT09IiwibWFjIjoiMjFjMzYwNzM5MmI5MDk5YWQzYjI4NDhmYmIyZDYzNzFlYjE3ZDFjZWI3NDUyNTZlZGUzZDNkNjk3MzYwNDQzMyIsInRhZyI6IiJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 14:35:52 GMT
content-type: image/svg+xml
last-modified: Fri, 13 Jan 2023 13:29:35 GMT
vary: Accept-Encoding
etag: W/"63c15cbf-95fb"
cache-control: max-age=2592000
cf-cache-status: HIT
age: 339773
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2BdrjYbR%2BPnZSUM%2BBOBsNr5voJ3MwnHPQbOSLGs2Wg7kwYwv5XVQPD7XjcLmVNmqPQweLfof8hd%2BZ0IdfcfW4z1kZm%2FZYMLwyhCgCpiOOEHzCFEuRKBpgTmsXOgHdO%2BsVg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce73a063fddb503-OSL
content-encoding: br
X-Firefox-Spdy: h2
upfilesurls.com/img/plane.svg
200 OK 684 B URL GET HTTP/2 upfilesurls.com/img/plane.svg
IP
Requested by https://upfilesurls.com/YZNR
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (701), with no line terminators
Hash 8e7c41bde9bc90def2171d239eb22f04
853c0fbf7ca55b313af83201d95d6f6f3d3225ba
9bc4e093793a06ba14d0505710aad5254212125573342fa92c228f873d05bfea
Analyzer Verdict Alert fortinet Malware
GET /img/plane.svg HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/YZNR
Cookie: XSRF-TOKEN=eyJpdiI6Im1iWFlTcmdRd2NPZzJlMGtuNFZlWlE9PSIsInZhbHVlIjoicDZ6TWowTWJramVnMjg3RnltY0VDamhUVlQybVFKVlJFSkJUSXFoU2huYmJnL3ZEdXgrdDNOVXJBaDlwWjNUczczdGNac200TU5LNGVVeU12UG1laStxMHFpdGY2SGRQaXhEdkZUREs2TGF4YXVBQkR4RnVHeDFtbXNxNjZKbUYiLCJtYWMiOiJlY2M3M2NhMzFhMWY1MGU4YjcwZWNkYjFjNTg5MjlkYmQ3YjZhYzY2ZmIyZjA3MDM1MTk4ZmRmZGFjMTgxNTBhIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InV3OWZEZUw0ck82QndxS0NIQk1MMlE9PSIsInZhbHVlIjoiTlNZWEs2NVZvaURHQS9QaEV6VFVtRTNJMHF0ck5qRjJ6V2dCaTltYnk1eE5DclB3VkVrbTNUclluUzk5ajlPbHM1TVhuRGgvcDdxYjYwZkxDWmtMbFBtU0tNZzQ0U2Q0WS9mb09hV1JqaVRidlA1SmxSelVKZTNBY3hXOUNsQXAiLCJtYWMiOiI1ZjkzMWRhZjZlYjJjNGVjNzcxODVmNDY0YmEyNjM5NTQ4NzYzYjVkMTc2MzQwYzc4ZTEyNzA1MWQzMzAzMGNmIiwidGFnIjoiIn0%3D; auth=eyJpdiI6ImNGK1krcEJrTDgweWFQbW90aGNZQ0E9PSIsInZhbHVlIjoiYzU0bVhLMXZ6RGtzV3huMjV0eGZLUT09IiwibWFjIjoiMjFjMzYwNzM5MmI5MDk5YWQzYjI4NDhmYmIyZDYzNzFlYjE3ZDFjZWI3NDUyNTZlZGUzZDNkNjk3MzYwNDQzMyIsInRhZyI6IiJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 14:35:52 GMT
content-type: image/svg+xml
last-modified: Fri, 13 Jan 2023 13:29:35 GMT
vary: Accept-Encoding
etag: W/"63c15cbf-2ac"
cache-control: max-age=2592000
cf-cache-status: HIT
age: 339773
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mol9DyXEYiXEdepL6bQ9ozc9ueCjVVWfeLcqPUneWuflaVLi23AfDjCC3ZcxJUwDWqW3qGWy%2Fs0%2FRFMrindRBlLl1ho05zPIdOLvw2k9KcRKPbWTyEMWfhzuW9swiqJJdw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce73a063fdfb503-OSL
content-encoding: br
X-Firefox-Spdy: h2
upfiles.com/authenticate/YZNR
302 Found 92 kB URL User Request GET HTTP/2 upfiles.com/authenticate/YZNR
IP
Certificate IssuerGoogle Trust Services LLC
Subjectupfiles.com
Fingerprint9E:09:AC:3C:B6:93:92:44:74:9D:D0:8F:D3:57:45:91:1B:B0:CC:7E
ValidityMon, 15 May 2023 04:04:52 GMT - Sun, 13 Aug 2023 04:04:51 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /authenticate/YZNR HTTP/1.1
Host: upfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sun, 28 May 2023 14:35:52 GMT
content-type: text/html; charset=UTF-8
location: https://upfilesurls.com/YZNR?auth=eyJpdiI6ImNGK1krcEJrTDgweWFQbW90aGNZQ0E9PSIsInZhbHVlIjoiYzU0bVhLMXZ6RGtzV3huMjV0eGZLUT09IiwibWFjIjoiMjFjMzYwNzM5MmI5MDk5YWQzYjI4NDhmYmIyZDYzNzFlYjE3ZDFjZWI3NDUyNTZlZGUzZDNkNjk3MzYwNDQzMyIsInRhZyI6IiJ9
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6IlQ5KzJockdyK0U4RFcwTnUwVDlMY0E9PSIsInZhbHVlIjoiWmgwVzd6S0FkQ0drMGdFS1BZeFZzd2ZTNnMxNWFXRUhwbHhHZjl0aVhaVjRYTWtWZEFHZEJNOGZtek9jdXYyT3BUcERmQ1NDQ0gzUzNJVW9ydnBCcm5ETUxRdkpwNkIxVER0U0R5dlRUeHhTZjVjR3ZxVmp3cHl3QlI4Y1BFdHQiLCJtYWMiOiJhOTVkNGUxYWY4M2ViZmI5YTc1ZmFhOGU1ZTczMjgyNDg5YWFlMTNmNWJiOTk4OWYxZWJkZWE3MjYzN2E3Nzk4IiwidGFnIjoiIn0%3D; expires=Sun, 28-May-2023 16:35:52 GMT; Max-Age=7200; path=/; samesite=lax
upfiles_session=eyJpdiI6IlpVUGI4OFVaN3dSM3YwSExGYzRDTnc9PSIsInZhbHVlIjoiZlhhWFNLUmgzNUg1QXc4QjY3WGZJcTJWcVdFUFVVcno1T2o2TzhjTXpuc1pRVE1Kcnd2WC9ZTzVsRmVPMkpPV1FyWFRsbmpxUFl5OE9uQzF3S2ExeGZlT3hyaWFhSFdqQmtKTjF2VWhGdWgxZHU4a1VQd3BOSHRrR29sSUhRbkwiLCJtYWMiOiJhODJkOGFjZjk3MWY3Mjg2MjExMDdlMWE4NjBjNTBjZmJlZDI0NWMzMWNkZDIwMTlmMGE3NWZhZTliNGZjYmI5IiwidGFnIjoiIn0%3D; expires=Sun, 28-May-2023 16:35:52 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B4gfqZebpm6ferXlakPdapyrerL%2BWEFhyHLkr0Vd1mLcFekJyat8Y1v2mnH%2BK%2BR58L70BuAGrlnjKNElmnS1bGhiNk9Purqbde9FnqiVSpRVX4SUKDwcNWCOzd%2FkWw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce73a01eb2fb4f4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdntechone.com/stattag.js
200 OK 18 kB URL GET HTTP/2 cdntechone.com/stattag.js
IP
Requested by https://upfilesurls.com/YZNR
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint22:B1:48:87:A8:EF:B2:9B:65:EB:D6:C6:FD:8D:EF:A7:A7:DE:52:29
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT
File type ASCII text, with very long lines (17871)
Hash 0fdff67feab23cc69ecfb6800fc54cb7
eb84c650e6d27e290795207b1f37dd7b67f2aa06
456e420aecd5ac679cc2bcb33daf7c063f54894fd076e99e05c06629234d3378
GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 14:35:52 GMT
content-type: application/javascript
last-modified: Fri, 19 May 2023 08:43:53 GMT
etag: W/"646736c9-4859"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 2116
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tpxZjQBhhck96wxUi8c4rgzvdoJCiUaB1UTKEKDWZRZdmxaCGS0WdzmD6DzkhRbkE3YjkP8JF6NI6yxHLGMYpGLT2unelvAFkMASnYvP7pVfR7FgeCCYI5MxvN8j8r5iHg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce73a075dc30b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
upfilesurls.com/cdn-cgi/challenge-platform/h/b/cv/result/7ce73a030b84b503
200 OK 2 B URL POST HTTP/2 upfilesurls.com/cdn-cgi/challenge-platform/h/b/cv/result/7ce73a030b84b503
IP
Requested by https://upfilesurls.com/YZNR
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Analyzer Verdict Alert fortinet Malware
POST /cdn-cgi/challenge-platform/h/b/cv/result/7ce73a030b84b503 HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12376
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/YZNR
Cookie: XSRF-TOKEN=eyJpdiI6Im1iWFlTcmdRd2NPZzJlMGtuNFZlWlE9PSIsInZhbHVlIjoicDZ6TWowTWJramVnMjg3RnltY0VDamhUVlQybVFKVlJFSkJUSXFoU2huYmJnL3ZEdXgrdDNOVXJBaDlwWjNUczczdGNac200TU5LNGVVeU12UG1laStxMHFpdGY2SGRQaXhEdkZUREs2TGF4YXVBQkR4RnVHeDFtbXNxNjZKbUYiLCJtYWMiOiJlY2M3M2NhMzFhMWY1MGU4YjcwZWNkYjFjNTg5MjlkYmQ3YjZhYzY2ZmIyZjA3MDM1MTk4ZmRmZGFjMTgxNTBhIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InV3OWZEZUw0ck82QndxS0NIQk1MMlE9PSIsInZhbHVlIjoiTlNZWEs2NVZvaURHQS9QaEV6VFVtRTNJMHF0ck5qRjJ6V2dCaTltYnk1eE5DclB3VkVrbTNUclluUzk5ajlPbHM1TVhuRGgvcDdxYjYwZkxDWmtMbFBtU0tNZzQ0U2Q0WS9mb09hV1JqaVRidlA1SmxSelVKZTNBY3hXOUNsQXAiLCJtYWMiOiI1ZjkzMWRhZjZlYjJjNGVjNzcxODVmNDY0YmEyNjM5NTQ4NzYzYjVkMTc2MzQwYzc4ZTEyNzA1MWQzMzAzMGNmIiwidGFnIjoiIn0%3D; auth=eyJpdiI6ImNGK1krcEJrTDgweWFQbW90aGNZQ0E9PSIsInZhbHVlIjoiYzU0bVhLMXZ6RGtzV3huMjV0eGZLUT09IiwibWFjIjoiMjFjMzYwNzM5MmI5MDk5YWQzYjI4NDhmYmIyZDYzNzFlYjE3ZDFjZWI3NDUyNTZlZGUzZDNkNjk3MzYwNDQzMyIsInRhZyI6IiJ9; ab=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 14:35:54 GMT
content-type: text/plain; charset=UTF-8
set-cookie: __cf_bm=z4fWtE5SPerO_vRXEMrs5U00GuXO_LEA48x_sW0hMJM-1685284554-0-AbMl7zY6zW+mJQcPro/HeH0y3xehMxxsDjqsMKoGQc4B9ejwJXuQuy2HC+YJwuNWhDHzCoLYgg1+3UQHYsg37u07+525FL9Y5ESJwa1zujC8; path=/; expires=Sun, 28-May-23 15:05:54 GMT; domain=.upfilesurls.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2FG6P8gFo3lJMq7BoHIabtd%2Bpo47E1eQxk1g7wMuEL6EfVWQjHKPV2Hgyb73SuDOVUUWqhBWCVisPiQzp%2FYGYGC7OOVwnHEvbRcA%2FKDjSZHHlrMnYruelEU5SvEdXsKpVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce73a0eec6eb503-OSL
content-encoding: br
X-Firefox-Spdy: h2
datatechone.com/log/add?cid=099bff94-57af-4b2b-a42c-300c65c51697
200 OK 2 B URL POST HTTP/1.1 datatechone.com/log/add?cid=099bff94-57af-4b2b-a42c-300c65c51697
IP
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://upfilesurls.com/YZNR
Certificate IssuerSectigo Limited
Subjectdatatechone.com
Fingerprint8E:B7:22:E4:97:95:3C:60:FC:7C:41:39:A6:B7:B7:E2:48:B2:D0:18
ValiditySun, 18 Dec 2022 00:00:00 GMT - Sun, 24 Dec 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /log/add?cid=099bff94-57af-4b2b-a42c-300c65c51697 HTTP/1.1
Host: datatechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1345
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sun, 28 May 2023 14:35:53 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://upfilesurls.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
302 Found 0 B URL GET HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
Requested by https://upfilesurls.com/YZNR
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint6C:C9:34:01:32:00:11:F3:7A:E2:AA:FC:7C:E3:13:17:3D:17:71:8A
ValidityMon, 08 May 2023 08:25:19 GMT - Mon, 31 Jul 2023 08:25:18 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
set-cookie: __Host-GAPS=1:3Xqm5h6Dm3sLa9UOjRZWQO0H2dUVxg:4vtbHuPGvV221vhq; Expires=Tue, 27-May-2025 14:35:53 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 28 May 2023 14:35:53 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneHFfWzA_5v4UIszcsaSvhzD3HRG-5a99p0TOIcapB-IoyLJI8331U4XDG9Ku-HJmfgT97jD4g
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce--f0rTv66rHNCVY5B6zSfrg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy: unsafe-none
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
content-type: application/binary
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
live.demand.supply/p4/v16-2-0/dXBmaWxlc3VybHMuY29tL1laTlI=
200 OK 984 B URL GET HTTP/3 live.demand.supply/p4/v16-2-0/dXBmaWxlc3VybHMuY29tL1laTlI=
IP
Requested by https://upfilesurls.com/YZNR
Certificate IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (1122), with no line terminators
Hash f6e3a38577bd475effc0a54ecebcedaf
223d3e9189b9d64a1e8500e361fb196502b74ec6
52378ed522477893ab73c236f8519923cedd5995e478895de94598f6f6341e73
GET /p4/v16-2-0/dXBmaWxlc3VybHMuY29tL1laTlI= HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Cookie: demandSupplyTi=14f91c31-596e-488d-8585-4bd34b66c35a; __cf_bm=X0SCXh_bL6KLizK9T3DckyrUFaEEJaRT1rQFNDCTGwk-1685284553-0-Af24poEZWo/pRXE1ICvlzLDCkUcDrxX4grapoWks9ulp52WtZMKZZCb977WIqLKc2H+XnQ3P5nJ+ASmr+3SOVLw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 28 May 2023 14:35:53 GMT
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce73a08ec141c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js
200 OK 417 kB URL GET HTTP/2 www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js
IP
Requested by https://upfilesurls.com/YZNR
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type ASCII text, with very long lines (660)
Size 417 kB (416807 bytes)
Hash 95a32a4d8f8be968bc15d6ab9b9491d1
fbfbcb40c8d8997096cd2ea3d8cfc3dee1981015
a41096fbcf982d79bf075bf2378c9c0c2e8ada5bdc94bd7cc794454135ccf981
GET /recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166449
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 22 May 2023 23:49:29 GMT
expires: Tue, 21 May 2024 23:49:29 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 May 2023 20:58:33 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 485185
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S-737251444%3A1685284554107886&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneGQU8cQz4WhnoYheR_M2lYw6RFglUr5jBehTANwh1F1Ed02WO2JuswD2hXiJRQT6L9WZ_PD&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
403 Forbidden 0 B URL GET HTTP/3 accounts.google.com/v3/signin/identifier?dsh=S-737251444%3A1685284554107886&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneGQU8cQz4WhnoYheR_M2lYw6RFglUr5jBehTANwh1F1Ed02WO2JuswD2hXiJRQT6L9WZ_PD&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
IP
Requested by https://upfilesurls.com/YZNR
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/signin/identifier?dsh=S-737251444%3A1685284554107886&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneGQU8cQz4WhnoYheR_M2lYw6RFglUr5jBehTANwh1F1Ed02WO2JuswD2hXiJRQT6L9WZ_PD&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 28 May 2023 14:35:54 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-security-policy: script-src 'nonce-WsTuna-Jy3ihrsg5I-l0LQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
Requested by https://upfilesurls.com/YZNR
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 May 2023 07:44:41 GMT
expires: Sun, 26 May 2024 07:44:41 GMT
cache-control: public, max-age=31536000
age: 111071
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
gforanythingamgl.info/popunder.gif
200 OK 35 B URL GET HTTP/3 gforanythingamgl.info/popunder.gif
IP
Requested by https://upfilesurls.com/YZNR
Certificate IssuerGoogle Trust Services LLC
Subjectgforanythingamgl.info
Fingerprint5E:50:F4:C2:4F:D9:85:4E:40:F6:9A:2E:AC:04:DE:C2:79:BB:A8:74
ValidityFri, 05 May 2023 13:46:21 GMT - Thu, 03 Aug 2023 13:46:20 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Analyzer Verdict Alert quad9 Sinkholed
GET /popunder.gif HTTP/1.1
Host: gforanythingamgl.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 28 May 2023 14:35:54 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 570692
last-modified: Mon, 22 May 2023 00:04:22 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UMrKl9IRnqQGpnx94IprnL0uLmbmmIY7DLLqiXYpSLYtniAkVvshusuGxkHXKesXtCDXi2rJoER9h5yQzn3evya%2FsPfXRFx3xJM%2FLn%2B2XhrHp%2FptuILR2EqoootYUmhlUZ2%2BDOU2aWA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce73a11f9fcb511-OSL
alt-svc: h3=":443"; ma=86400
302 Found 92 kB URL User Request GET HTTP/2 IP
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /YZNR HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sun, 28 May 2023 14:35:51 GMT
content-type: text/html; charset=UTF-8
location: https://upfiles.com/authenticate/YZNR
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6IjhiVUx5OWd4TzVUajBPa0VPQ3pleXc9PSIsInZhbHVlIjoiVlpVeGVadHJGWkhHUEF6MmZuUm1WYWF5cHl3TVR2OUNzU0YyRjBsWVZGUC9FZDlIOW5UczVBTFl4YllFenVMZ0dNUVRXVkx6akIzQlE0T3JGUlM2b0diWTRvNklwNmxmalZTcWZXaS9mNHNTWWFGM2FOUTE5bmFmTDRhdmUzUkwiLCJtYWMiOiI1YzkwZmE0NzE4Nzk2YjFmZGU5Nzg3YWFlYzY2MzJiMTQxNTVmYjYzNTJlMTU4OWRlMDRmZGQ3ZDZhN2MzYzlhIiwidGFnIjoiIn0%3D; expires=Sun, 28-May-2023 16:35:51 GMT; Max-Age=7200; path=/; samesite=lax
upfiles_session=eyJpdiI6IlhXYVdrbFhvZTRydUlXTElveXE1Q0E9PSIsInZhbHVlIjoielZWUFppWDhhZy9tamdFa25TV1VUNFdONHFKRGVQTktuTTZ6YXVDcWtuSkpqTlY4eXZWSVNFVUQ1ZVRaaDByTE4rMFhUUnNqVFNQc3BWbDM2KzVnYmZsYUFYMFk5SkN2RHZtWlhqb2R5UHhCUWRCcWZ6dDE5bXdUT2o4Y1FreU8iLCJtYWMiOiI1YjIwOWFlZDU5NTZjZDc4M2MzNTE5NTkxZjhmZTUwYzMwOGI2M2QxYTUxN2JhMDM5ZGEyNzM1NTA1MjFiZjVjIiwidGFnIjoiIn0%3D; expires=Sun, 28-May-2023 16:35:51 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mrci2bwGcXjb8DBlws9Rg23WYv7xhtJOWWoyTgHj7zfbdNmu277%2FTlJztTv0XN2yBBC7yStOO54vqtiW85r6FGgsS%2Fk67v89lbvPfduoQFOTd2StauXyTBD7s9cpKCXcoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce73a009f5bb503-OSL
X-Firefox-Spdy: h2
upfilesurls.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/938e2b5c/invisible.js
200 OK 29 kB URL GET HTTP/2 upfilesurls.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/938e2b5c/invisible.js
IP
Requested by https://upfilesurls.com/YZNR
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
File type ASCII text, with very long lines (29089), with no line terminators
Hash 1c9bf352cac578f8ca5aab1fd8b4ba3a
1823616e0ebae15a421d1ce25c3b08172529052e
7771b66ab71f902bdf81498c644e2ead122f07e164c050e50bcefe2fc928879f
Analyzer Verdict Alert fortinet Malware
GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/938e2b5c/invisible.js HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Im1iWFlTcmdRd2NPZzJlMGtuNFZlWlE9PSIsInZhbHVlIjoicDZ6TWowTWJramVnMjg3RnltY0VDamhUVlQybVFKVlJFSkJUSXFoU2huYmJnL3ZEdXgrdDNOVXJBaDlwWjNUczczdGNac200TU5LNGVVeU12UG1laStxMHFpdGY2SGRQaXhEdkZUREs2TGF4YXVBQkR4RnVHeDFtbXNxNjZKbUYiLCJtYWMiOiJlY2M3M2NhMzFhMWY1MGU4YjcwZWNkYjFjNTg5MjlkYmQ3YjZhYzY2ZmIyZjA3MDM1MTk4ZmRmZGFjMTgxNTBhIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InV3OWZEZUw0ck82QndxS0NIQk1MMlE9PSIsInZhbHVlIjoiTlNZWEs2NVZvaURHQS9QaEV6VFVtRTNJMHF0ck5qRjJ6V2dCaTltYnk1eE5DclB3VkVrbTNUclluUzk5ajlPbHM1TVhuRGgvcDdxYjYwZkxDWmtMbFBtU0tNZzQ0U2Q0WS9mb09hV1JqaVRidlA1SmxSelVKZTNBY3hXOUNsQXAiLCJtYWMiOiI1ZjkzMWRhZjZlYjJjNGVjNzcxODVmNDY0YmEyNjM5NTQ4NzYzYjVkMTc2MzQwYzc4ZTEyNzA1MWQzMzAzMGNmIiwidGFnIjoiIn0%3D; auth=eyJpdiI6ImNGK1krcEJrTDgweWFQbW90aGNZQ0E9PSIsInZhbHVlIjoiYzU0bVhLMXZ6RGtzV3huMjV0eGZLUT09IiwibWFjIjoiMjFjMzYwNzM5MmI5MDk5YWQzYjI4NDhmYmIyZDYzNzFlYjE3ZDFjZWI3NDUyNTZlZGUzZDNkNjk3MzYwNDQzMyIsInRhZyI6IiJ9; ab=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 14:35:53 GMT
content-type: application/javascript; charset=UTF-8
vary: accept-encoding
x-content-type-options: nosniff
cache-control: max-age=14400, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FZMfyQtuqzu8MmcwyInogD17noL0vAlx5MKwlzKAqsACcQLzUA%2Fmxx5AMK4P0BVw12CuBZx3WzOBpc4sYVMfShmUPlPgqqxgLHtvolvBYpj4Yr9nqsHaP1e4OuO3SOMeTg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce73a0b3edbb503-OSL
content-encoding: br
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
200 OK 102 kB IP
Requested by https://upfilesurls.com/YZNR
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
Size 102 kB (102400 bytes)
Hash 4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 14:35:53 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://upfilesurls.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 3782
last-modified: Sun, 28 May 2023 13:32:51 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QQE6TGw6qeu8cPQlHjGPmCb%2F5hdZebhorkRJodRXRIPflC54cw2wy8F6c090m8qyL9GpApWVcW1CCMRxq4ZxtSIp%2F3X8KFxQzAmd08wzaAqM941394niZY8Mtm%2FxdMx4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce73a0cbe357549-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
upfilesurls.com/img/menu.svg
200 OK 1.8 kB URL GET HTTP/2 upfilesurls.com/img/menu.svg
IP
Requested by https://upfilesurls.com/YZNR
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
File type SVG Scalable Vector Graphics image\012- XML document, ASCII text, with very long lines (1993), with no line terminators
Hash 384fec65fc108518c176b62a88b40a1f
d6c42c0b2dbdfef2d8468fc91f6c5611596075ef
00e2d83eb75a29fcfbf8e8373352d2e566d143764ddc05d982f46c85bb58517f
Analyzer Verdict Alert fortinet Malware
GET /img/menu.svg HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/YZNR
Cookie: XSRF-TOKEN=eyJpdiI6Im1iWFlTcmdRd2NPZzJlMGtuNFZlWlE9PSIsInZhbHVlIjoicDZ6TWowTWJramVnMjg3RnltY0VDamhUVlQybVFKVlJFSkJUSXFoU2huYmJnL3ZEdXgrdDNOVXJBaDlwWjNUczczdGNac200TU5LNGVVeU12UG1laStxMHFpdGY2SGRQaXhEdkZUREs2TGF4YXVBQkR4RnVHeDFtbXNxNjZKbUYiLCJtYWMiOiJlY2M3M2NhMzFhMWY1MGU4YjcwZWNkYjFjNTg5MjlkYmQ3YjZhYzY2ZmIyZjA3MDM1MTk4ZmRmZGFjMTgxNTBhIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InV3OWZEZUw0ck82QndxS0NIQk1MMlE9PSIsInZhbHVlIjoiTlNZWEs2NVZvaURHQS9QaEV6VFVtRTNJMHF0ck5qRjJ6V2dCaTltYnk1eE5DclB3VkVrbTNUclluUzk5ajlPbHM1TVhuRGgvcDdxYjYwZkxDWmtMbFBtU0tNZzQ0U2Q0WS9mb09hV1JqaVRidlA1SmxSelVKZTNBY3hXOUNsQXAiLCJtYWMiOiI1ZjkzMWRhZjZlYjJjNGVjNzcxODVmNDY0YmEyNjM5NTQ4NzYzYjVkMTc2MzQwYzc4ZTEyNzA1MWQzMzAzMGNmIiwidGFnIjoiIn0%3D; auth=eyJpdiI6ImNGK1krcEJrTDgweWFQbW90aGNZQ0E9PSIsInZhbHVlIjoiYzU0bVhLMXZ6RGtzV3huMjV0eGZLUT09IiwibWFjIjoiMjFjMzYwNzM5MmI5MDk5YWQzYjI4NDhmYmIyZDYzNzFlYjE3ZDFjZWI3NDUyNTZlZGUzZDNkNjk3MzYwNDQzMyIsInRhZyI6IiJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 14:35:52 GMT
content-type: image/svg+xml
last-modified: Tue, 24 Jan 2023 16:39:42 GMT
vary: Accept-Encoding
etag: W/"63d009ce-72e"
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 339773
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BF5O6lAXy3p9rOIPHNu3loOHXm29pP2wlbXXdpyoNXbHgmSw7jqKcEvLjAV07WpygghDxknGdbyswD%2BaJPaoJwF5IREqKsNMI%2BdUBT6%2FQoP1znksHuez7E4ErPUMG6yD5g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce73a063fd8b503-OSL
content-encoding: br
X-Firefox-Spdy: h2
upfilesurls.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
200 OK 5.7 kB URL GET HTTP/2 upfilesurls.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
IP
Requested by https://upfilesurls.com/YZNR
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
File type ASCII text, with very long lines (5712), with no line terminators
Hash 2421e9f638a5ca9520c9093d31a97e95
ec4e8ab9fb21599f3d8c85a4c75efad568238f00
709f2f5da37345077483a6393d67cca1797f04d47a379c55c6cdd867872e78e3
Analyzer Verdict Alert fortinet Malware
GET /cdn-cgi/challenge-platform/h/b/scripts/pica.js HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/YZNR
Cookie: XSRF-TOKEN=eyJpdiI6Im1iWFlTcmdRd2NPZzJlMGtuNFZlWlE9PSIsInZhbHVlIjoicDZ6TWowTWJramVnMjg3RnltY0VDamhUVlQybVFKVlJFSkJUSXFoU2huYmJnL3ZEdXgrdDNOVXJBaDlwWjNUczczdGNac200TU5LNGVVeU12UG1laStxMHFpdGY2SGRQaXhEdkZUREs2TGF4YXVBQkR4RnVHeDFtbXNxNjZKbUYiLCJtYWMiOiJlY2M3M2NhMzFhMWY1MGU4YjcwZWNkYjFjNTg5MjlkYmQ3YjZhYzY2ZmIyZjA3MDM1MTk4ZmRmZGFjMTgxNTBhIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InV3OWZEZUw0ck82QndxS0NIQk1MMlE9PSIsInZhbHVlIjoiTlNZWEs2NVZvaURHQS9QaEV6VFVtRTNJMHF0ck5qRjJ6V2dCaTltYnk1eE5DclB3VkVrbTNUclluUzk5ajlPbHM1TVhuRGgvcDdxYjYwZkxDWmtMbFBtU0tNZzQ0U2Q0WS9mb09hV1JqaVRidlA1SmxSelVKZTNBY3hXOUNsQXAiLCJtYWMiOiI1ZjkzMWRhZjZlYjJjNGVjNzcxODVmNDY0YmEyNjM5NTQ4NzYzYjVkMTc2MzQwYzc4ZTEyNzA1MWQzMzAzMGNmIiwidGFnIjoiIn0%3D; auth=eyJpdiI6ImNGK1krcEJrTDgweWFQbW90aGNZQ0E9PSIsInZhbHVlIjoiYzU0bVhLMXZ6RGtzV3huMjV0eGZLUT09IiwibWFjIjoiMjFjMzYwNzM5MmI5MDk5YWQzYjI4NDhmYmIyZDYzNzFlYjE3ZDFjZWI3NDUyNTZlZGUzZDNkNjk3MzYwNDQzMyIsInRhZyI6IiJ9; ab=1
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 14:35:53 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-content-type-options: nosniff
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PO1j6EekT4zNAA2wiOnN40jvGpvwjgV9FNvCQbrun5RjEZ7orE0XCWTx8CuBjyVKswOL%2Fu%2BLlikXXoDLPWCyNTSrTFWXV4V7LGp%2Fh%2BVM2HuvrAWeVQiOMGoIY2BIsn3Khw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce73a0bbf99b503-OSL
content-encoding: br
X-Firefox-Spdy: h2
200 OK 92 kB URL User Request GET HTTP/2 IP
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /YZNR HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkUreWNnNWlKRWNHTXdCNE1uTmdiMFE9PSIsInZhbHVlIjoicFJCSXREa3U0SVhxVVl6aU11aWltRFloOTAvTEFIMTQvMDlxOFduRU5zYi9yWkdFUUprRFZQeGkyTkxBY1hTcUZwRzZYWHZRNHdqRmgzaXBjcW5GV2kwM0tDOHhNUXBxRnRodVgyWkVycEM0dnFhNUlZM2pXUVdRRklUTnE0R24iLCJtYWMiOiI2MjNlMjM1M2EyZjZjMjQwMzJmNTJjNWY2YWNkZjNlNmIzNDVhOTE5Mzk2NjhkMDIyMGUxOTI5NzEyMDZlYjZjIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6Ilh1cUxrblduOWhQRDNhVng4ZE15T2c9PSIsInZhbHVlIjoiV05GS1R4VVVIcFcwV0pOT2JkK0VBSVNRNHRjV1dPSi9xUFJmRWdKV3B6VmNFWlBJZzRYVHFkN0x4VEtGb1hucTNvbXJ3RFgvak9iY1FGRE9oTGdGWHQ5YmVaVjArekxkVHppS1F3Mm8vM3Y2a08yNlo5MGVWbzNEK2w2c0FkaXIiLCJtYWMiOiI1NTM2N2VkNWQyMmZkYWU5MjU1MDlhNTlhMjk2NzZiM2QyNjUwNjJiYjc4ZjQ1MWZhOGU0ZDkxOWM5NjAwYWY2IiwidGFnIjoiIn0%3D; auth=eyJpdiI6ImNGK1krcEJrTDgweWFQbW90aGNZQ0E9PSIsInZhbHVlIjoiYzU0bVhLMXZ6RGtzV3huMjV0eGZLUT09IiwibWFjIjoiMjFjMzYwNzM5MmI5MDk5YWQzYjI4NDhmYmIyZDYzNzFlYjE3ZDFjZWI3NDUyNTZlZGUzZDNkNjk3MzYwNDQzMyIsInRhZyI6IiJ9
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 14:35:52 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6Im1iWFlTcmdRd2NPZzJlMGtuNFZlWlE9PSIsInZhbHVlIjoicDZ6TWowTWJramVnMjg3RnltY0VDamhUVlQybVFKVlJFSkJUSXFoU2huYmJnL3ZEdXgrdDNOVXJBaDlwWjNUczczdGNac200TU5LNGVVeU12UG1laStxMHFpdGY2SGRQaXhEdkZUREs2TGF4YXVBQkR4RnVHeDFtbXNxNjZKbUYiLCJtYWMiOiJlY2M3M2NhMzFhMWY1MGU4YjcwZWNkYjFjNTg5MjlkYmQ3YjZhYzY2ZmIyZjA3MDM1MTk4ZmRmZGFjMTgxNTBhIiwidGFnIjoiIn0%3D; expires=Sun, 28-May-2023 16:35:52 GMT; Max-Age=7200; path=/; samesite=lax
upfiles_session=eyJpdiI6InV3OWZEZUw0ck82QndxS0NIQk1MMlE9PSIsInZhbHVlIjoiTlNZWEs2NVZvaURHQS9QaEV6VFVtRTNJMHF0ck5qRjJ6V2dCaTltYnk1eE5DclB3VkVrbTNUclluUzk5ajlPbHM1TVhuRGgvcDdxYjYwZkxDWmtMbFBtU0tNZzQ0U2Q0WS9mb09hV1JqaVRidlA1SmxSelVKZTNBY3hXOUNsQXAiLCJtYWMiOiI1ZjkzMWRhZjZlYjJjNGVjNzcxODVmNDY0YmEyNjM5NTQ4NzYzYjVkMTc2MzQwYzc4ZTEyNzA1MWQzMzAzMGNmIiwidGFnIjoiIn0%3D; expires=Sun, 28-May-2023 16:35:52 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Lsc5AMMNgarQ2iRedEYhurv6mfeVtiPp2uhtJ%2FO8sjIV66cD85RSGhUYBrKNsCrfGaTBVOGtq%2FT%2FBMSAlQVoJCCs7MHgVpdkEHmzUh9BtirSXj1QaIglEDrl8eSCn5bug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce73a030b84b503-OSL
content-encoding: br
X-Firefox-Spdy: h2
upfilesurls.com/js/frontend.js?id=88f283c744d8a6e43cfb
200 OK 981 kB URL GET HTTP/2 upfilesurls.com/js/frontend.js?id=88f283c744d8a6e43cfb
IP
Requested by https://upfilesurls.com/YZNR
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
Size 981 kB (980828 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /js/frontend.js?id=88f283c744d8a6e43cfb HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/YZNR
Cookie: XSRF-TOKEN=eyJpdiI6Im1iWFlTcmdRd2NPZzJlMGtuNFZlWlE9PSIsInZhbHVlIjoicDZ6TWowTWJramVnMjg3RnltY0VDamhUVlQybVFKVlJFSkJUSXFoU2huYmJnL3ZEdXgrdDNOVXJBaDlwWjNUczczdGNac200TU5LNGVVeU12UG1laStxMHFpdGY2SGRQaXhEdkZUREs2TGF4YXVBQkR4RnVHeDFtbXNxNjZKbUYiLCJtYWMiOiJlY2M3M2NhMzFhMWY1MGU4YjcwZWNkYjFjNTg5MjlkYmQ3YjZhYzY2ZmIyZjA3MDM1MTk4ZmRmZGFjMTgxNTBhIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InV3OWZEZUw0ck82QndxS0NIQk1MMlE9PSIsInZhbHVlIjoiTlNZWEs2NVZvaURHQS9QaEV6VFVtRTNJMHF0ck5qRjJ6V2dCaTltYnk1eE5DclB3VkVrbTNUclluUzk5ajlPbHM1TVhuRGgvcDdxYjYwZkxDWmtMbFBtU0tNZzQ0U2Q0WS9mb09hV1JqaVRidlA1SmxSelVKZTNBY3hXOUNsQXAiLCJtYWMiOiI1ZjkzMWRhZjZlYjJjNGVjNzcxODVmNDY0YmEyNjM5NTQ4NzYzYjVkMTc2MzQwYzc4ZTEyNzA1MWQzMzAzMGNmIiwidGFnIjoiIn0%3D; auth=eyJpdiI6ImNGK1krcEJrTDgweWFQbW90aGNZQ0E9PSIsInZhbHVlIjoiYzU0bVhLMXZ6RGtzV3huMjV0eGZLUT09IiwibWFjIjoiMjFjMzYwNzM5MmI5MDk5YWQzYjI4NDhmYmIyZDYzNzFlYjE3ZDFjZWI3NDUyNTZlZGUzZDNkNjk3MzYwNDQzMyIsInRhZyI6IiJ9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 14:35:52 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=980842
etag: W/"63baab19-ef76a"
last-modified: Sun, 08 Jan 2023 11:38:01 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Accept-Encoding
cf-cache-status: HIT
age: 12104421
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=feAOyx0oPDmm4tNU%2F6ZjrB08aJAZIwW%2FDS9stdEQZLISTGp%2FrxyYl3%2FNJYZdyZvf0YZTjIUgFoMbaBr%2BOaP2yEskj3KIUKMa4ejdWz5LWROfYV3p3beX7zRQIvl6n88SeA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce73a063fe2b503-OSL
content-encoding: br
X-Firefox-Spdy: h2
live.demand.supply/ds.2.html
200 OK 413 B URL GET HTTP/3 live.demand.supply/ds.2.html
IP
Requested by https://upfilesurls.com/YZNR
Certificate IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (430), with no line terminators
Hash 68dce237203af5e16657b39e1f2e7b46
8084ece9e2500c1a0731aaf8f33290744b174b9c
8534d0076676e85517a298ded722e84bb64abf655fbc565588f76a7e26ad4680
GET /ds.2.html HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 28 May 2023 14:35:53 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
x-nf-request-id: 01GZ1TRE6JCM1Y4N530MF91ECS
cf-cache-status: HIT
age: 617973
set-cookie: __cf_bm=_zKidvWeec2P5uoE1IaD3tUMS6T1kuHfiOZVSz1YCDk-1685284553-0-Ab/TWuE3F2+Xx+37FX3F/cfpM5W+TL7JntB+IA1qyPdmgVnKbSQ4aA6QU9OlaR84SU5c6DxjbJg4Pg5uhKO/Zdc=; path=/; expires=Sun, 28-May-23 15:05:53 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce73a08ec161c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
302 Found 0 B URL GET HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
Requested by https://upfilesurls.com/YZNR
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint6C:C9:34:01:32:00:11:F3:7A:E2:AA:FC:7C:E3:13:17:3D:17:71:8A
ValidityMon, 08 May 2023 08:25:19 GMT - Mon, 31 Jul 2023 08:25:18 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
set-cookie: __Host-GAPS=1:jHl49pGtx0GTyLnSCd_PMNdWX9CN4w:jfzUilcATizfcGAS; Expires=Tue, 27-May-2025 14:35:53 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 28 May 2023 14:35:53 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneGIBU0JJ1uWYpbQ6FovLT4mkbyOxX_ULUEKo2OqWB7PAupEbsFJLmxR7IRKJO7iWROhVy1XbA
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy: unsafe-none
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-QRX9FLLbRhYKxT0hBdQAgQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-type: application/binary
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
upfilesurls.com/img/logo.svg
200 OK 22 kB URL GET HTTP/2 upfilesurls.com/img/logo.svg
IP
Requested by https://upfilesurls.com/YZNR
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1361)
Hash 1e28749acbd90e7e99a883c1890327cd
638b4525d3f0ed776db136ca1025a8961f46c9e0
d526da1f4d4af45cefd2a0d140abec2beddc3150d13c47d3de893eaa278a369d
Analyzer Verdict Alert fortinet Malware
GET /img/logo.svg HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/YZNR
Cookie: XSRF-TOKEN=eyJpdiI6Im1iWFlTcmdRd2NPZzJlMGtuNFZlWlE9PSIsInZhbHVlIjoicDZ6TWowTWJramVnMjg3RnltY0VDamhUVlQybVFKVlJFSkJUSXFoU2huYmJnL3ZEdXgrdDNOVXJBaDlwWjNUczczdGNac200TU5LNGVVeU12UG1laStxMHFpdGY2SGRQaXhEdkZUREs2TGF4YXVBQkR4RnVHeDFtbXNxNjZKbUYiLCJtYWMiOiJlY2M3M2NhMzFhMWY1MGU4YjcwZWNkYjFjNTg5MjlkYmQ3YjZhYzY2ZmIyZjA3MDM1MTk4ZmRmZGFjMTgxNTBhIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InV3OWZEZUw0ck82QndxS0NIQk1MMlE9PSIsInZhbHVlIjoiTlNZWEs2NVZvaURHQS9QaEV6VFVtRTNJMHF0ck5qRjJ6V2dCaTltYnk1eE5DclB3VkVrbTNUclluUzk5ajlPbHM1TVhuRGgvcDdxYjYwZkxDWmtMbFBtU0tNZzQ0U2Q0WS9mb09hV1JqaVRidlA1SmxSelVKZTNBY3hXOUNsQXAiLCJtYWMiOiI1ZjkzMWRhZjZlYjJjNGVjNzcxODVmNDY0YmEyNjM5NTQ4NzYzYjVkMTc2MzQwYzc4ZTEyNzA1MWQzMzAzMGNmIiwidGFnIjoiIn0%3D; auth=eyJpdiI6ImNGK1krcEJrTDgweWFQbW90aGNZQ0E9PSIsInZhbHVlIjoiYzU0bVhLMXZ6RGtzV3huMjV0eGZLUT09IiwibWFjIjoiMjFjMzYwNzM5MmI5MDk5YWQzYjI4NDhmYmIyZDYzNzFlYjE3ZDFjZWI3NDUyNTZlZGUzZDNkNjk3MzYwNDQzMyIsInRhZyI6IiJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 14:35:52 GMT
content-type: image/svg+xml
last-modified: Fri, 08 Apr 2022 10:55:45 GMT
etag: W/"625014b1-56e8"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 339773
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5I%2FdbXaq0Iz7BFskEifwPgnAquZIrx0e26xgPjCwH%2BeKhSWbRxshwKBdBRUMPwbGHs6pkbvmEd71bPDIIx7Vrc7lJBeZGb6rTnRreOSPz5v2LkkwFu01ibDS6eQlBHYpwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce73a063fd6b503-OSL
content-encoding: br
X-Firefox-Spdy: h2
upfilesurls.com/js/ads.js
200 OK 1.5 kB URL GET HTTP/2 upfilesurls.com/js/ads.js
IP
Requested by https://upfilesurls.com/YZNR
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
File type ASCII text, with very long lines (1551), with no line terminators
Hash 18062be5f40e561d47292c4c3e16e968
a527704208e4e365d0119360f6dd5fb1ce8eb3c8
63e619bf91f115635c5f302e9352cca845a7c498eaef9c2fee9b50a16001be37
Analyzer Verdict Alert fortinet Malware
GET /js/ads.js HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/YZNR
Cookie: XSRF-TOKEN=eyJpdiI6Im1iWFlTcmdRd2NPZzJlMGtuNFZlWlE9PSIsInZhbHVlIjoicDZ6TWowTWJramVnMjg3RnltY0VDamhUVlQybVFKVlJFSkJUSXFoU2huYmJnL3ZEdXgrdDNOVXJBaDlwWjNUczczdGNac200TU5LNGVVeU12UG1laStxMHFpdGY2SGRQaXhEdkZUREs2TGF4YXVBQkR4RnVHeDFtbXNxNjZKbUYiLCJtYWMiOiJlY2M3M2NhMzFhMWY1MGU4YjcwZWNkYjFjNTg5MjlkYmQ3YjZhYzY2ZmIyZjA3MDM1MTk4ZmRmZGFjMTgxNTBhIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InV3OWZEZUw0ck82QndxS0NIQk1MMlE9PSIsInZhbHVlIjoiTlNZWEs2NVZvaURHQS9QaEV6VFVtRTNJMHF0ck5qRjJ6V2dCaTltYnk1eE5DclB3VkVrbTNUclluUzk5ajlPbHM1TVhuRGgvcDdxYjYwZkxDWmtMbFBtU0tNZzQ0U2Q0WS9mb09hV1JqaVRidlA1SmxSelVKZTNBY3hXOUNsQXAiLCJtYWMiOiI1ZjkzMWRhZjZlYjJjNGVjNzcxODVmNDY0YmEyNjM5NTQ4NzYzYjVkMTc2MzQwYzc4ZTEyNzA1MWQzMzAzMGNmIiwidGFnIjoiIn0%3D; auth=eyJpdiI6ImNGK1krcEJrTDgweWFQbW90aGNZQ0E9PSIsInZhbHVlIjoiYzU0bVhLMXZ6RGtzV3huMjV0eGZLUT09IiwibWFjIjoiMjFjMzYwNzM5MmI5MDk5YWQzYjI4NDhmYmIyZDYzNzFlYjE3ZDFjZWI3NDUyNTZlZGUzZDNkNjk3MzYwNDQzMyIsInRhZyI6IiJ9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 14:35:52 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-bgj: minify
etag: W/"63baab19-608"
last-modified: Sun, 08 Jan 2023 11:38:01 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding
cf-cache-status: HIT
age: 499969
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gg2%2BrBYjOr1wYNBVbuAM%2FSX6clHE5H4ZLno0rJe0sAkdQPMTUKn%2BP9ZIR%2BzLwf6%2FmrJg2oViBm%2Fkg4uKRO0un2qf08Eq3Fw35RYfKhQetpshexvjkxYnmBgFM18frvCsvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce73a063fe0b503-OSL
content-encoding: br
X-Firefox-Spdy: h2
gforanythingamgl.info/d2dxUFdYWBIjai4yEmE2GRcpMwYTBiIGFQ8lJzwTIT9JFw8cAFckPhNaSGdvRlJCdiceA0xhcQQTECQiBFpCYGdGQRg+MRhaQWBnRkEHbWZZVEV+ZEVJQ3YiSlRDY2RGVUZpYkFRR2ZjR0EFIDYQWkB2JwMTHW1mQV9EYm9DUkRkZUVf
204 No Content 0 B URL GET HTTP/3 gforanythingamgl.info/d2dxUFdYWBIjai4yEmE2GRcpMwYTBiIGFQ8lJzwTIT9JFw8cAFckPhNaSGdvRlJCdiceA0xhcQQTECQiBFpCYGdGQRg+MRhaQWBnRkEHbWZZVEV+ZEVJQ3YiSlRDY2RGVUZpYkFRR2ZjR0EFIDYQWkB2JwMTHW1mQV9EYm9DUkRkZUVf
IP
Requested by https://upfilesurls.com/YZNR
Certificate IssuerGoogle Trust Services LLC
Subjectgforanythingamgl.info
Fingerprint5E:50:F4:C2:4F:D9:85:4E:40:F6:9A:2E:AC:04:DE:C2:79:BB:A8:74
ValidityFri, 05 May 2023 13:46:21 GMT - Thu, 03 Aug 2023 13:46:20 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /d2dxUFdYWBIjai4yEmE2GRcpMwYTBiIGFQ8lJzwTIT9JFw8cAFckPhNaSGdvRlJCdiceA0xhcQQTECQiBFpCYGdGQRg+MRhaQWBnRkEHbWZZVEV+ZEVJQ3YiSlRDY2RGVUZpYkFRR2ZjR0EFIDYQWkB2JwMTHW1mQV9EYm9DUkRkZUVf HTTP/1.1
Host: gforanythingamgl.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 204 No Content
date: Sun, 28 May 2023 14:35:54 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hm7mOLl0zbcfWh4c2av0mv9xz%2BiUfOI3O%2BWNdVCFHTSXhauAtosNb6UKlCMtRECj5mIK55kOTpFbVsHwmfFdIq34DIR0jiA3LWmcMPmbweKYXdoJNZn8Ngz8qIik%2BxEDa4Hg7M%2FyU2w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce73a11fa00b511-OSL
alt-svc: h3=":443"; ma=86400
172.67.71.90
172.255.6.58
104.16.134.22
188.114.96.1
0.0.0.0