www.googletagmanager.com/gtag/js?id=UA-197252557-1
142.250.74.40200 OK 47 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=UA-197252557-1
IP 142.250.74.40:443
Requested by https://upfilesurls.com/A9Vhu
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintEB:A2:AF:B3:20:F1:B1:77:23:0B:85:D2:B1:16:33:A7:97:49:EE:51
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT
File type ASCII text, with very long lines (2271)
Hash 1398eeed957bf5b76bb4423ee05fb4c5
96f050f5b1c669a7c6cfc68da0534fd9a4374dcb
55ac06d7640f47c4abecdc173a0a3517c46f9e37131df92486a5866f16c0565e
GET /gtag/js?id=UA-197252557-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 27 May 2023 20:35:26 GMT
expires: Sat, 27 May 2023 20:35:26 GMT
cache-control: private, max-age=900
last-modified: Sat, 27 May 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46896
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
d18kg2zy9x3t96.cloudfront.net/?yzgkd=978153
54.230.245.164200 OK 116 kB URL GET HTTP/2 d18kg2zy9x3t96.cloudfront.net/?yzgkd=978153
IP 54.230.245.164:443
Requested by https://upfilesurls.com/A9Vhu
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (15948)
Size 116 kB (115477 bytes)
Hash a25022a1387539badb18e866ec8bfb32
53983e6dc0b3c4e637aec0965c408b36b23e2951
3dd843c214f2ccedf7b317fa7751da0d3aee90633b8892b6d29d1fde7de770f6
GET /?yzgkd=978153 HTTP/1.1
Host: d18kg2zy9x3t96.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 115477
date: Sat, 27 May 2023 20:35:08 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 58VBSPO9YLgQyMtXESAnxsVsFNhhUKou8ue4Smfpan8ZJvT-e232tQ==
age: 18
X-Firefox-Spdy: h2
cschyogh.com/1clkn/34742
142.91.159.188200 OK 26 B IP 142.91.159.188:443
Requested by https://upfilesurls.com/A9Vhu
Certificate IssuerLet's Encrypt
Subjectcschyogh.com
Fingerprint11:EA:50:D5:5D:23:86:84:0B:BF:DE:7F:B7:02:00:1B:51:CD:36:58
ValidityFri, 19 May 2023 23:43:21 GMT - Thu, 17 Aug 2023 23:43:20 GMT
File type ASCII text, with no line terminators
Hash 9082dc37e5e8046929da411544ad071a
41e0e3963ed94e59e8a2f115994c382712411537
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
GET /1clkn/34742 HTTP/1.1
Host: cschyogh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 27 May 2023 20:35:26 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Set-Cookie: GL_UI4=eJw9jU1Sg0AQhSH8RQ1oV3EAj8AQMcnSTVbegZphGhwD06lmQuLtHa3S3fteffVeEASr8hHCJY0husgGnl8aXe97Ve31tsZq34vda9UoIbp6u1PycIA7M7dOqhFdDOt5kuxat8SwGdAim67tSGMOT976a06WrjaGRLG0Oodk8saYQ6aYrjNyGUFs5YSQHQ1jTzdvyE9iiIQQPhvrc1jBiuYyKu4heTf2cis2aVAUaQAP51G6nnhqjfaYDCw1QvgG6046HIi%2FINM4nxydAWjU7b%2F%2Fe5qMP2uQalxM55HcB%2FI3ouZOdQ%3D%3D; expires=Sun, 28-May-2023 20:35:26 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJw9i8sKwjAURGuUYNVWBvwAf8D6QBdu1aXUhbgOtd6WYM0tTXzUr%2FcFruYwc8bzPDEIIXSJ3nIaLSfRfBZNF3M0c2KIeIdeylfjqlqZ5EKQMVf3pIasKNdsAnR%2FoFI%2BETrxbnQwZ8N38x8%2BtwCtVLs6gP%2BJrxu20dS2RLgq9GO45%2BLq3raFb8gpWxKd4K%2BTY0HjzX6L8N9%2Bz7KBtraqrPhRv7nv9IWebEhxlllyUqBxk%2BIFsdRBIw%3D%3D; expires=Sun, 28-May-2023 20:35:26 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:443
Requested by https://upfilesurls.com/A9Vhu
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 May 2023 07:44:41 GMT
expires: Sun, 26 May 2024 07:44:41 GMT
cache-control: public, max-age=31536000
age: 46245
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
142.250.74.35200 OK 38 kB URL GET HTTP/2 fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP 142.250.74.35:443
Requested by https://upfilesurls.com/A9Vhu
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 37924, version 1.0\012- data
Hash e08be6d5d433944f7ad52902e4d24db5
e2600c1d60d12d397b3ee44411a021231d71e974
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
GET /s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 37924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 May 2023 03:18:14 GMT
expires: Sun, 26 May 2024 03:18:14 GMT
cache-control: public, max-age=31536000
age: 62232
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
142.250.74.35200 OK 38 kB URL GET HTTP/2 fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP 142.250.74.35:443
Requested by https://upfilesurls.com/A9Vhu
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 37924, version 1.0\012- data
Hash e08be6d5d433944f7ad52902e4d24db5
e2600c1d60d12d397b3ee44411a021231d71e974
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
GET /s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 37924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 May 2023 03:18:14 GMT
expires: Sun, 26 May 2024 03:18:14 GMT
cache-control: public, max-age=31536000
age: 62232
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.35200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.35:443
Requested by https://upfilesurls.com/A9Vhu
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 May 2023 03:11:48 GMT
expires: Sun, 26 May 2024 03:11:48 GMT
cache-control: public, max-age=31536000
age: 62618
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
gforanythingamgl.info/akYyT0VFeVE8eDkoYBcmPgALHSgoBXAHdCgcZyQADwN8OhQNLRQ7LA57C3dxWnQFaTUDIg9+fUw1Ri4xHzUPfmMDKFQgeEwwD35rWmgAYXZMMw9+Yx42Uyh4W2BCOzEGewN5fV90A3ZyWHABdnY
104.21.93.237204 No Content 0 B URL GET HTTP/2 gforanythingamgl.info/akYyT0VFeVE8eDkoYBcmPgALHSgoBXAHdCgcZyQADwN8OhQNLRQ7LA57C3dxWnQFaTUDIg9+fUw1Ri4xHzUPfmMDKFQgeEwwD35rWmgAYXZMMw9+Yx42Uyh4W2BCOzEGewN5fV90A3ZyWHABdnY
IP 104.21.93.237:443
Requested by https://upfilesurls.com/A9Vhu
Certificate IssuerGoogle Trust Services LLC
Subjectgforanythingamgl.info
Fingerprint5E:50:F4:C2:4F:D9:85:4E:40:F6:9A:2E:AC:04:DE:C2:79:BB:A8:74
ValidityFri, 05 May 2023 13:46:21 GMT - Thu, 03 Aug 2023 13:46:20 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /akYyT0VFeVE8eDkoYBcmPgALHSgoBXAHdCgcZyQADwN8OhQNLRQ7LA57C3dxWnQFaTUDIg9+fUw1Ri4xHzUPfmMDKFQgeEwwD35rWmgAYXZMMw9+Yx42Uyh4W2BCOzEGewN5fV90A3ZyWHABdnY HTTP/1.1
Host: gforanythingamgl.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Sat, 27 May 2023 20:35:26 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Hf8KwUxoG5FJcvsouMxRBdaQHy7LZuWSH4zJsdP7E0imHyVQoNZkNrbjA4cfflvW7rEemha9G2a4%2BRuH%2BfPNOVRlOXYSl0gXQy9%2BJiRpdw0CuiT2RcFM327FuxLkTRXxalrhr0MeqQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce10b5c38911c0e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap
142.250.74.106200 OK 962 B URL GET HTTP/2 fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap
IP 142.250.74.106:443
Requested by https://upfilesurls.com/A9Vhu
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C
ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT
Hash 95922663397e898c5aa9cb4d93dee59f
b127f295ee788d93d0348ae9a2aa6dfa39b0981e
33613d442dd3f6abef01c9bee884b9aa828f42820ee62da8b86ad5a9ea7f58f2
GET /css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 27 May 2023 20:35:26 GMT
date: Sat, 27 May 2023 20:35:26 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
etheappyrincea.info/NmRERnlXBicrRldZJmAMRAh5Y0twQXYAHQdcLyFLTB19PkpCXXJoGloLMSIfRAsqMldYATBjS3AtIQFNTD0vNRt3MnQDHXcTDBBIDx0VABZyMQw+HHQhBQgzZwwQFBBZBxQQSE4vFQMQeQwRETRkHBAHSWcKAxc7Yzx2dh13IgYgHFpQFBAOdFYQAxFxJXcfL3cxLwozTjUUABV3KhATOHI2dyowZA8wEhxaVSAlLFJRFwczVyAAcjhlEwIVNAYmHSQ/ZEF2ACFgVTwUSlotDAMvfgEAKh93VTAqKnMHExMxRQIHdzh8LgJ3GlIyBnEqYFAAE0pCLhcxVHA3CBQ8VTIjFxJ3ITcEM34UDh4BBzcmF0hiJSNgE0ULKjZEQywTA0p0Lw4cLQ
54.230.111.56200 OK 1.2 kB URL GET HTTP/2 etheappyrincea.info/NmRERnlXBicrRldZJmAMRAh5Y0twQXYAHQdcLyFLTB19PkpCXXJoGloLMSIfRAsqMldYATBjS3AtIQFNTD0vNRt3MnQDHXcTDBBIDx0VABZyMQw+HHQhBQgzZwwQFBBZBxQQSE4vFQMQeQwRETRkHBAHSWcKAxc7Yzx2dh13IgYgHFpQFBAOdFYQAxFxJXcfL3cxLwozTjUUABV3KhATOHI2dyowZA8wEhxaVSAlLFJRFwczVyAAcjhlEwIVNAYmHSQ/ZEF2ACFgVTwUSlotDAMvfgEAKh93VTAqKnMHExMxRQIHdzh8LgJ3GlIyBnEqYFAAE0pCLhcxVHA3CBQ8VTIjFxJ3ITcEM34UDh4BBzcmF0hiJSNgE0ULKjZEQywTA0p0Lw4cLQ
IP 54.230.111.56:443
Requested by https://upfilesurls.com/A9Vhu
Certificate IssuerAmazon
Subjectetheappyrincea.info
FingerprintCA:17:98:7B:06:0A:D6:B9:7E:AA:96:FD:C8:F2:25:18:71:71:A8:4E
ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 02 Jun 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2995), with no line terminators
Hash dba5836a85a981e3ae2bc027a65b5948
a5be35b3ed5d26a0c1642e582bf3aa594a81fde7
964f48d4b9bc6c14d79acbefdc97b47b39e0cd98a4688a03f306b00fc85b1b6c
GET /NmRERnlXBicrRldZJmAMRAh5Y0twQXYAHQdcLyFLTB19PkpCXXJoGloLMSIfRAsqMldYATBjS3AtIQFNTD0vNRt3MnQDHXcTDBBIDx0VABZyMQw+HHQhBQgzZwwQFBBZBxQQSE4vFQMQeQwRETRkHBAHSWcKAxc7Yzx2dh13IgYgHFpQFBAOdFYQAxFxJXcfL3cxLwozTjUUABV3KhATOHI2dyowZA8wEhxaVSAlLFJRFwczVyAAcjhlEwIVNAYmHSQ/ZEF2ACFgVTwUSlotDAMvfgEAKh93VTAqKnMHExMxRQIHdzh8LgJ3GlIyBnEqYFAAE0pCLhcxVHA3CBQ8VTIjFxJ3ITcEM34UDh4BBzcmF0hiJSNgE0ULKjZEQywTA0p0Lw4cLQ HTTP/1.1
Host: etheappyrincea.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1152
date: Sat, 27 May 2023 20:35:26 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gWD1CjMZ--gj3MsUkS8Iy-AHrKquwSf87IMFxQ2Wg_NCwHTwLwqThg==
X-Firefox-Spdy: h2
etheappyrincea.info/VFBKZFI1MikJbTVtKEInJjx3QWASdXgiNmVoIQNgLilzHGEgaXxKMTg/PwA0Jj8kEHw6NT5BYBI/Hwo6PTUODyoSJz0BED0JGCY5AREQMRAABBsUYhE4DzwELRoMJxdsHgswMQAAJgM+GgYHBQQMAQcjECMVEwhmGxccB2MGBRsABC4WDDFjYQkEDCIyBAhcPxcRejAQFwErJjUkMgMMahEUDF1iEAEEIgQQYAknKgYGB1VjBQAtHGoHFS4vEQw/CzFiPzMTMCIcAy0Pd2YSDzUlGgESABkBNwsmCBc0HzAQLDgFDzYfExklHQZgPlALZDgoMjU4ZxIyfxYZEg4xNhMYBzENFH81ARU4IzcUGhkJLDYfBSJRAx0SeiEUZBZ5NzsGGgkjHAMFJlEfNmAhQjgnPyQUbz5nfjcdJRYrEx9lMiY
54.230.111.56200 OK 1.2 kB URL GET HTTP/2 etheappyrincea.info/VFBKZFI1MikJbTVtKEInJjx3QWASdXgiNmVoIQNgLilzHGEgaXxKMTg/PwA0Jj8kEHw6NT5BYBI/Hwo6PTUODyoSJz0BED0JGCY5AREQMRAABBsUYhE4DzwELRoMJxdsHgswMQAAJgM+GgYHBQQMAQcjECMVEwhmGxccB2MGBRsABC4WDDFjYQkEDCIyBAhcPxcRejAQFwErJjUkMgMMahEUDF1iEAEEIgQQYAknKgYGB1VjBQAtHGoHFS4vEQw/CzFiPzMTMCIcAy0Pd2YSDzUlGgESABkBNwsmCBc0HzAQLDgFDzYfExklHQZgPlALZDgoMjU4ZxIyfxYZEg4xNhMYBzENFH81ARU4IzcUGhkJLDYfBSJRAx0SeiEUZBZ5NzsGGgkjHAMFJlEfNmAhQjgnPyQUbz5nfjcdJRYrEx9lMiY
IP 54.230.111.56:443
Requested by https://upfilesurls.com/A9Vhu
Certificate IssuerAmazon
Subjectetheappyrincea.info
FingerprintCA:17:98:7B:06:0A:D6:B9:7E:AA:96:FD:C8:F2:25:18:71:71:A8:4E
ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 02 Jun 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3023), with no line terminators
Hash e6850d9953b74589488ba61104aca81a
7f0633ec3629003a608f59a65700a01f653841f2
6a5930f697f6c7d790be92b53f7245508d2b373c696cd983123e5f5736316639
GET /VFBKZFI1MikJbTVtKEInJjx3QWASdXgiNmVoIQNgLilzHGEgaXxKMTg/PwA0Jj8kEHw6NT5BYBI/Hwo6PTUODyoSJz0BED0JGCY5AREQMRAABBsUYhE4DzwELRoMJxdsHgswMQAAJgM+GgYHBQQMAQcjECMVEwhmGxccB2MGBRsABC4WDDFjYQkEDCIyBAhcPxcRejAQFwErJjUkMgMMahEUDF1iEAEEIgQQYAknKgYGB1VjBQAtHGoHFS4vEQw/CzFiPzMTMCIcAy0Pd2YSDzUlGgESABkBNwsmCBc0HzAQLDgFDzYfExklHQZgPlALZDgoMjU4ZxIyfxYZEg4xNhMYBzENFH81ARU4IzcUGhkJLDYfBSJRAx0SeiEUZBZ5NzsGGgkjHAMFJlEfNmAhQjgnPyQUbz5nfjcdJRYrEx9lMiY HTTP/1.1
Host: etheappyrincea.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1179
date: Sat, 27 May 2023 20:35:26 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pyF6lSXjeRZKIPrUDoHmMxhn995Q4BlGzF8fTgqWAqCHKmOZttBcyw==
X-Firefox-Spdy: h2
etheappyrincea.info/ZEtrNG0FKQhZUgV2CRIYFidWEV8ibllyCVVzAFNfHjJSTF4Qcl0aDggkHlALFiQFQEMKLh8RXyJzJlk4VSgsDT8nJxhjOCESJmE4VRwpYiggGgdHOCB7MlIsMQEybhUtIA53AUF5LWQ8CCcqWgIzDDllPzAzOWcsDwUxcTwiHTx2IDIKPXI0Jg0yezsDKCJmKAgMLWICBh4AZSUxGiJ6PAMBP3YsDx4ucj8qCgcECzwJHHA4VAojegELKD1mLycTE1sJJg4tfyw3KDplAV0uL3IeIg0TUDUmGgNsLyAkL2YoCwkhTC8nE1t1OSEOJkEsVR4mbAFcKTp1QAAKKHIOIxMDDSYlCCZ8PCJ/KGI8NgozXAk8CTltKjUKKWAlHCgzYl4qCTNTIygJPW0MIHo6EgcXJAVEUDYpIH4hLgYNYworLR0
54.230.111.56200 OK 1.2 kB URL GET HTTP/2 etheappyrincea.info/ZEtrNG0FKQhZUgV2CRIYFidWEV8ibllyCVVzAFNfHjJSTF4Qcl0aDggkHlALFiQFQEMKLh8RXyJzJlk4VSgsDT8nJxhjOCESJmE4VRwpYiggGgdHOCB7MlIsMQEybhUtIA53AUF5LWQ8CCcqWgIzDDllPzAzOWcsDwUxcTwiHTx2IDIKPXI0Jg0yezsDKCJmKAgMLWICBh4AZSUxGiJ6PAMBP3YsDx4ucj8qCgcECzwJHHA4VAojegELKD1mLycTE1sJJg4tfyw3KDplAV0uL3IeIg0TUDUmGgNsLyAkL2YoCwkhTC8nE1t1OSEOJkEsVR4mbAFcKTp1QAAKKHIOIxMDDSYlCCZ8PCJ/KGI8NgozXAk8CTltKjUKKWAlHCgzYl4qCTNTIygJPW0MIHo6EgcXJAVEUDYpIH4hLgYNYworLR0
IP 54.230.111.56:443
Requested by https://upfilesurls.com/A9Vhu
Certificate IssuerAmazon
Subjectetheappyrincea.info
FingerprintCA:17:98:7B:06:0A:D6:B9:7E:AA:96:FD:C8:F2:25:18:71:71:A8:4E
ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 02 Jun 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3023), with no line terminators
Hash a6a5044cae27bd66ff3a6e1fce949ead
7384c47453553eaeb479ad4d005e3012aa5d7ea9
8a31a454408bd3e1d78fcb6fa7ad7d2b1a100da4f4adcefd22786de06a0245f8
GET /ZEtrNG0FKQhZUgV2CRIYFidWEV8ibllyCVVzAFNfHjJSTF4Qcl0aDggkHlALFiQFQEMKLh8RXyJzJlk4VSgsDT8nJxhjOCESJmE4VRwpYiggGgdHOCB7MlIsMQEybhUtIA53AUF5LWQ8CCcqWgIzDDllPzAzOWcsDwUxcTwiHTx2IDIKPXI0Jg0yezsDKCJmKAgMLWICBh4AZSUxGiJ6PAMBP3YsDx4ucj8qCgcECzwJHHA4VAojegELKD1mLycTE1sJJg4tfyw3KDplAV0uL3IeIg0TUDUmGgNsLyAkL2YoCwkhTC8nE1t1OSEOJkEsVR4mbAFcKTp1QAAKKHIOIxMDDSYlCCZ8PCJ/KGI8NgozXAk8CTltKjUKKWAlHCgzYl4qCTNTIygJPW0MIHo6EgcXJAVEUDYpIH4hLgYNYworLR0 HTTP/1.1
Host: etheappyrincea.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1176
date: Sat, 27 May 2023 20:35:26 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZXqSL5sFf6baDSGpr2NYR1uDBSQOHvstGOvmy5_icWZjUJv_QT1pNQ==
X-Firefox-Spdy: h2
upfilesurls.com/images/arrow-down.png?c98e5283a69cb508d054d30256af43c6
104.26.8.138200 OK 208 B URL GET HTTP/2 upfilesurls.com/images/arrow-down.png?c98e5283a69cb508d054d30256af43c6
IP 104.26.8.138:443
Requested by https://upfilesurls.com/A9Vhu
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
File type PNG image data, 6 x 12, 8-bit/color RGBA, non-interlaced\012- data
Hash 31f073499665afb237f3294219d2d7c6
c1ada0510e31f661dab66203c15a3d6c8f5468d0
59b7ad6d6f457b624e25d22959edc7c83af2ac52edba32fd6648c97af0d1780c
Analyzer Verdict Alert fortinet Malware
GET /images/arrow-down.png?c98e5283a69cb508d054d30256af43c6 HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/css/frontend.css?id=2396ffb76e738e465b53
Cookie: auth=eyJpdiI6IlBnejdMaWIvQ2VrZlUwT0hCWkN6SFE9PSIsInZhbHVlIjoieXhPSUw5WnNPc0dIV051Tlc2RllyQT09IiwibWFjIjoiZWYyZTBlYjU1NzhiZDU5YjIyN2U1NmU0NzMwYTdjY2I4OTRmZWIzYzlhZGU1NzVmYzNiMGMzYmI3OGVhYzBkMSIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6InRiWjZLbmNYWldpVHdPcm5uQ0ZDUVE9PSIsInZhbHVlIjoiaEt1MkE4VU5CTi9mai9NQWpZbjhEenR3Q3FOWW0yZ0NNcTBXWW45V2ZyTUZYTjhpQlh4ZUIwcVBTZzAxUmFHWldFaWl2ZG13LzhQQS9FWXZnRkN3YWJPM2VyT00vQXV5bzIzaEpHcU9GbldYaGdTS0dSTFUwMTBDNUQrbGVzdHAiLCJtYWMiOiIyZTVhMDVlY2E1MDVkZjQyOTQ0MTcyMzM2ZWVjNTNmMjY0NmY4MTJiYTgxYmI0ZDIyZmRkMWIxMmEwNmVmMjY5IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InhsMkNaeUgwajhYaFQzdVZibyt1YkE9PSIsInZhbHVlIjoiR1lOMDJReU11L3Y4Ty9acVIvd3dBY0x6dDU0Z1NyVklad0lQeklLcUcvN2h5R2NGalV2eW80Zk5Cam1sUERFcGZBdEJ0TWFKMjVlNzJsSkxvUjZMbkR2Rkh3NEdtWWpWczhDUFFpUVJWQlI2WVA1OXZGRHB1WjZmdnM2b0xOMi8iLCJtYWMiOiIzOWI3NDM2NmQ4ZmYzMjQ1YzA4YTNjNTI3Zjk3MTIwZWI2YWZhNGM4MGU1MWY5ODIyZGE1NjZmNDY0MGI3NzUwIiwidGFnIjoiIn0%3D; ab=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 27 May 2023 20:35:26 GMT
content-type: image/png
content-length: 208
last-modified: Fri, 08 Apr 2022 10:55:45 GMT
etag: "625014b1-d0"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 274944
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QQmL9E6UjQG5Rk%2BIvZZO9ZWHHcTTo19MtDemCVTFdCvLcZN44ga%2FxtyX%2BTTXr5GhXukR4oTEBujn5F8DmEPoHKXyALIkl0qmdyrl1HgOH%2FONZWjEGJh1KyDQK69C%2FtKGpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce10b5d1dd20b3d-OSL
X-Firefox-Spdy: h2
gforanythingamgl.info/bUtIYTlCdCsSBAkmJxldNScYNF4rCBskfw4JeFB0Pw1wJm0oLG4VUAl2cVYNW3l8R0kEL3VQHx4/KRVMHnZ5R1ADLSdcHxt2eU8KWWV7UxdfbT1cCEs/OABeUHpuEU0ZJ3VQD1V+elAAWnl+UgFe
104.21.93.237204 No Content 0 B URL GET HTTP/2 gforanythingamgl.info/bUtIYTlCdCsSBAkmJxldNScYNF4rCBskfw4JeFB0Pw1wJm0oLG4VUAl2cVYNW3l8R0kEL3VQHx4/KRVMHnZ5R1ADLSdcHxt2eU8KWWV7UxdfbT1cCEs/OABeUHpuEU0ZJ3VQD1V+elAAWnl+UgFe
IP 104.21.93.237:443
Requested by https://upfilesurls.com/A9Vhu
Certificate IssuerGoogle Trust Services LLC
Subjectgforanythingamgl.info
Fingerprint5E:50:F4:C2:4F:D9:85:4E:40:F6:9A:2E:AC:04:DE:C2:79:BB:A8:74
ValidityFri, 05 May 2023 13:46:21 GMT - Thu, 03 Aug 2023 13:46:20 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /bUtIYTlCdCsSBAkmJxldNScYNF4rCBskfw4JeFB0Pw1wJm0oLG4VUAl2cVYNW3l8R0kEL3VQHx4/KRVMHnZ5R1ADLSdcHxt2eU8KWWV7UxdfbT1cCEs/OABeUHpuEU0ZJ3VQD1V+elAAWnl+UgFe HTTP/1.1
Host: gforanythingamgl.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Sat, 27 May 2023 20:35:26 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LM%2F5vGBg7ed9uD1%2BZmR3fZaxNpxsOlc2NLjxfZ0T6O%2BuHyAo70CIMOVqhJBmBSIsZLctSp%2BaJij%2BdRmT82LXichXxBPc%2BVZzdHu2kLG4tyQSO5ZddH%2FfqbIyTR8vpcN7ZzbnW9D442U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce10b5c78d81c0e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
142.250.74.35200 OK 38 kB URL GET HTTP/2 fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP 142.250.74.35:443
Requested by https://upfilesurls.com/A9Vhu
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 37924, version 1.0\012- data
Hash e08be6d5d433944f7ad52902e4d24db5
e2600c1d60d12d397b3ee44411a021231d71e974
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
GET /s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 37924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 May 2023 03:18:14 GMT
expires: Sun, 26 May 2024 03:18:14 GMT
cache-control: public, max-age=31536000
age: 62232
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:443
Requested by https://upfilesurls.com/A9Vhu
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 21:39:40 GMT
expires: Wed, 22 May 2024 21:39:40 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 341746
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
live.demand.supply/e/e.js?e=ll&d=240&cs=c&dsReferer=dXBmaWxlc3VybHMuY29tL0E5Vmh1
104.16.134.22200 OK 0 B URL HEAD HTTP/3 live.demand.supply/e/e.js?e=ll&d=240&cs=c&dsReferer=dXBmaWxlc3VybHMuY29tL0E5Vmh1
IP 104.16.134.22:443
Requested by https://upfilesurls.com/A9Vhu
Certificate IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /e/e.js?e=ll&d=240&cs=c&dsReferer=dXBmaWxlc3VybHMuY29tL0E5Vmh1 HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 27 May 2023 20:35:27 GMT
content-type: application/javascript; charset=UTF-8
content-length: 1
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=2
etag: "dfe0abe17839ba4f36623d3c9332b694-ssl"
x-nf-request-id: 01H0WH535VZPRFR8SSXVB2WVS7
cf-cache-status: HIT
age: 623506
accept-ranges: bytes
set-cookie: __cf_bm=sodulEPfRamYdwJ3Fk3.hbThWL6OlHJND1KxDZjMv14-1685219727-0-AQkWVlHxA/9xlcrylFh+jW3d0ZuJUpTOElgfSQv5YQWaWJBjyI7EuEUUu/zGDalDuldhIioE0W6XYbjrgIM3/FA=; path=/; expires=Sat, 27-May-23 21:05:27 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce10b5e3dc4b515-OSL
alt-svc: h3=":443"; ma=86400
live.demand.supply/x/e.js?ce=fs&dsReferer=dXBmaWxlc3VybHMuY29tL0E5Vmh1
104.16.134.22200 OK 0 B URL HEAD HTTP/3 live.demand.supply/x/e.js?ce=fs&dsReferer=dXBmaWxlc3VybHMuY29tL0E5Vmh1
IP 104.16.134.22:443
Requested by https://upfilesurls.com/A9Vhu
Certificate IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /x/e.js?ce=fs&dsReferer=dXBmaWxlc3VybHMuY29tL0E5Vmh1 HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 27 May 2023 20:35:27 GMT
content-type: application/javascript; charset=UTF-8
content-length: 1
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=2
etag: "dfe0abe17839ba4f36623d3c9332b694-ssl"
x-nf-request-id: 01H0WH53N5DXY1S5GWJ4J08TX0
cf-cache-status: HIT
age: 623506
accept-ranges: bytes
set-cookie: __cf_bm=VF5_sGNNt3.Bf6YoBee6cQWLP90.i3OeiAsjpAxggDY-1685219727-0-AertbkEI2CkHZ9SsMsXtkVkUKTGk/EbgbMYqn3XjKu49/YBCIGw4HALGLqxTHGXkoI/gVCmV3pdBmpwFHsf7UyE=; path=/; expires=Sat, 27-May-23 21:05:27 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce10b5ebe8bb515-OSL
alt-svc: h3=":443"; ma=86400
live.demand.supply/p4/v16-2-0/dXBmaWxlc3VybHMuY29tL0E5Vmh1
104.16.134.22200 OK 485 B URL GET HTTP/3 live.demand.supply/p4/v16-2-0/dXBmaWxlc3VybHMuY29tL0E5Vmh1
IP 104.16.134.22:443
Requested by https://upfilesurls.com/A9Vhu
Certificate IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (984), with no line terminators
Hash 24decb3e365e373caacbadcbe6065afc
9430ad899d688d0739b35fcd80e2b6825061d9f9
a768912ba0e7adc98f5ef4f3f7efdf7e088b68bda6f2d212f87870d058998d66
GET /p4/v16-2-0/dXBmaWxlc3VybHMuY29tL0E5Vmh1 HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Cookie: demandSupplyTi=5d7c3eb1-2f6f-4a26-a7ad-8f0a6cbe7c3b; __cf_bm=C0.TBXOrPhpoR21hMIxKZTMH77yNIbeOm5VBmMNgugo-1685219726-0-AXgflqGUf0agbEkI9nx+5gGbtBs2f4cutv/HnFyDAzeFNVQlTUDUufyo5hOg01FwUI05HwM/k69tPV/aoLrMqgE=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 27 May 2023 20:35:27 GMT
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce10b5e3867b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
live.demand.supply/impl.v16.9.1.js
104.16.134.22200 OK 24 kB URL GET HTTP/3 live.demand.supply/impl.v16.9.1.js
IP 104.16.134.22:443
Requested by https://upfilesurls.com/A9Vhu
Certificate IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (27958)
Hash 20e3de9acd919eb7e518640761f616a6
a39badf38168691698ca2b2ea2aa070b34d01a3d
cdeda8658c3f891c883f5a83c5f2b5e20a18c2fa65658d77a1522fe440b6d0e0
GET /impl.v16.9.1.js HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Cookie: demandSupplyTi=5d7c3eb1-2f6f-4a26-a7ad-8f0a6cbe7c3b; __cf_bm=C0.TBXOrPhpoR21hMIxKZTMH77yNIbeOm5VBmMNgugo-1685219726-0-AXgflqGUf0agbEkI9nx+5gGbtBs2f4cutv/HnFyDAzeFNVQlTUDUufyo5hOg01FwUI05HwM/k69tPV/aoLrMqgE=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 27 May 2023 20:35:27 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=75573
etag: W/"a92236f0259b51d5fbe112e5ac680198-ssl-df"
timing-allow-origin: *
vary: Accept-Encoding
x-nf-request-id: 01H0JGE5H42NN0NCVBZSKPPTF4
cf-cache-status: HIT
age: 971319
server: cloudflare
cf-ray: 7ce10b5e285eb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
d18kg2zy9x3t96.cloudfront.net/oUnhieDkxFwweBiYRBkUAZUBTTQp0EhEXVyJFCE8NATcTPlglNVMaVXQMGBwEYl4OGVc1RUQdVzFFU15YNhpfTB8mCA0TBCQaBgpbIh8EDF90DQNFVD0CCxRVM11QPgx8SEdKCXoAU0kcYTpHSgk+EQwNQXdKUgABZCdUTBxhOkdKCSAOR0t4Y0hbVgl7XV-BIXjcbCRccYD5QSAhiSFNICHdKUh5QIB0EF0F3SiRJCGNWUl5Mb0k
54.230.245.164 580 B URL d18kg2zy9x3t96.cloudfront.net/oUnhieDkxFwweBiYRBkUAZUBTTQp0EhEXVyJFCE8NATcTPlglNVMaVXQMGBwEYl4OGVc1RUQdVzFFU15YNhpfTB8mCA0TBCQaBgpbIh8EDF90DQNFVD0CCxRVM11QPgx8SEdKCXoAU0kcYTpHSgk+EQwNQXdKUgABZCdUTBxhOkdKCSAOR0t4Y0hbVgl7XV-BIXjcbCRccYD5QSAhiSFNICHdKUh5QIB0EF0F3SiRJCGNWUl5Mb0k
IP 54.230.245.164:0
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (833), with no line terminators
Hash 1b14e35e4272e62738a8a527c1874ea7
4f71ae7521380907b2a7ace022f7639ac8fb7218
4fd36c41c456a1ae798df4366daeba4a255dd478b42ad0a62e0d09d1ee3d8cb3
GET /oUnhieDkxFwweBiYRBkUAZUBTTQp0EhEXVyJFCE8NATcTPlglNVMaVXQMGBwEYl4OGVc1RUQdVzFFU15YNhpfTB8mCA0TBCQaBgpbIh8EDF90DQNFVD0CCxRVM11QPgx8SEdKCXoAU0kcYTpHSgk+EQwNQXdKUgABZCdUTBxhOkdKCSAOR0t4Y0hbVgl7XV-BIXjcbCRccYD5QSAhiSFNICHdKUh5QIB0EF0F3SiRJCGNWUl5Mb0k HTTP/1.1
Host: d18kg2zy9x3t96.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://etheappyrincea.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 580
date: Sat, 27 May 2023 20:35:27 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: k6p6PKJI71kG-Vdl2mgu-HAtsPH6XUguovnhYNeeyl25MDMmfdVW9Q==
X-Firefox-Spdy: h2
cdntechone.com/stattag.js
104.21.29.183200 OK 7.6 kB URL GET HTTP/2 cdntechone.com/stattag.js
IP 104.21.29.183:443
Requested by https://upfilesurls.com/A9Vhu
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint22:B1:48:87:A8:EF:B2:9B:65:EB:D6:C6:FD:8D:EF:A7:A7:DE:52:29
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT
File type ASCII text, with very long lines (17871)
Hash 0fdff67feab23cc69ecfb6800fc54cb7
eb84c650e6d27e290795207b1f37dd7b67f2aa06
456e420aecd5ac679cc2bcb33daf7c063f54894fd076e99e05c06629234d3378
GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 27 May 2023 20:35:26 GMT
content-type: application/javascript
last-modified: Fri, 19 May 2023 08:43:53 GMT
etag: W/"646736c9-4859"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 2104
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZgidL20iSM4hEdlR%2B5HI9Z8IzPQCMozeWHEQmCkvE6aMkx6ip3EwMdtdSBgLEjiGyCJjv8a3zD40zMApF%2FeYDJkh8nyBF%2Fw446W7kfzs9qefvd%2Bn4ImJSZfYN0Of0CwyuA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce10b5bafe9b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
d18kg2zy9x3t96.cloudfront.net/8MmU1cG9RClsWUEYMUU1WBVEDQlsUD0YfAUJYZxIkeCl/PQllAnoWGRQRTxRSAkNZEQFVWBMVAVFYBFYOVgcIRElGFVobUkQHUQINQgJTBAkUEFRNAl0fXBwDU0AHNlocVRBCXxodBEFKAScQQl9eDFsFFxdXBQhXBDoDREoBJxBCX0ATEEMuA1UMXl8bQA-dACFcGXh9KACMHQF4CVQRAXhdXBRYGQABTHxcXV3NBXgNLBVYaD1Q
54.230.245.164 604 B URL d18kg2zy9x3t96.cloudfront.net/8MmU1cG9RClsWUEYMUU1WBVEDQlsUD0YfAUJYZxIkeCl/PQllAnoWGRQRTxRSAkNZEQFVWBMVAVFYBFYOVgcIRElGFVobUkQHUQINQgJTBAkUEFRNAl0fXBwDU0AHNlocVRBCXxodBEFKAScQQl9eDFsFFxdXBQhXBDoDREoBJxBCX0ATEEMuA1UMXl8bQA-dACFcGXh9KACMHQF4CVQRAXhdXBRYGQABTHxcXV3NBXgNLBVYaD1Q
IP 54.230.245.164:0
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (841), with no line terminators
Hash 3166bced97c87156e5c37657edb25afa
48ca6a5afa22a52a7fed814e6caacbc49aebc215
b54f6e9b8d4673c9286e6e6424a5dfa29589dbe5e898b00dfdb33b979f06315f
GET /8MmU1cG9RClsWUEYMUU1WBVEDQlsUD0YfAUJYZxIkeCl/PQllAnoWGRQRTxRSAkNZEQFVWBMVAVFYBFYOVgcIRElGFVobUkQHUQINQgJTBAkUEFRNAl0fXBwDU0AHNlocVRBCXxodBEFKAScQQl9eDFsFFxdXBQhXBDoDREoBJxBCX0ATEEMuA1UMXl8bQA-dACFcGXh9KACMHQF4CVQRAXhdXBRYGQABTHxcXV3NBXgNLBVYaD1Q HTTP/1.1
Host: d18kg2zy9x3t96.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://etheappyrincea.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 604
date: Sat, 27 May 2023 20:35:27 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xy-T6QIBdr8Ggc1j6Sy63h7M4LN2FXIWOfQGwttmPtiedEFdkpndXQ==
X-Firefox-Spdy: h2
live.demand.supply/css/sdb.css
104.16.134.22200 OK 117 kB URL GET HTTP/3 live.demand.supply/css/sdb.css
IP 104.16.134.22:443
Requested by https://upfilesurls.com/A9Vhu
Certificate IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (3765), with no line terminators
Size 117 kB (117125 bytes)
Hash 05937abfafb30dc374d6de75acf7b940
d8d47f032e9344f49aca58294b29f7456ef6a8c3
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
GET /css/sdb.css HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Cookie: demandSupplyTi=5d7c3eb1-2f6f-4a26-a7ad-8f0a6cbe7c3b; __cf_bm=C0.TBXOrPhpoR21hMIxKZTMH77yNIbeOm5VBmMNgugo-1685219726-0-AXgflqGUf0agbEkI9nx+5gGbtBs2f4cutv/HnFyDAzeFNVQlTUDUufyo5hOg01FwUI05HwM/k69tPV/aoLrMqgE=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 27 May 2023 20:35:27 GMT
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-bgj: minify
etag: W/"281c43d3e253957887c3e1dad5bbb310-ssl-df"
vary: Accept-Encoding
x-nf-request-id: 01GZGR6SCB0Q49R1S22Y9RAR9T
cf-cache-status: HIT
age: 64450
server: cloudflare
cf-ray: 7ce10b5f0972b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
142.250.74.3200 OK 586 B URL GET HTTP/2 www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
IP 142.250.74.3:443
Requested by https://upfilesurls.com/A9Vhu
Certificate IssuerGoogle Trust Services LLC
Subjectmisc.google.com
Fingerprint84:2B:3C:EA:5D:89:48:EC:DE:99:FD:C0:2A:32:C6:E3:35:2B:B5:44
ValidityMon, 08 May 2023 08:21:14 GMT - Mon, 31 Jul 2023 08:21:13 GMT
File type ASCII text, with very long lines (921), with no line terminators
Hash c0c5f1bc3dc1207fc4647a1971f7f8b2
a94949b5e56d94885045927d8d421d58297a8731
6813158c368d2541a76ab7284095e1987ec7ac6c39eed3a6312faf5f9a939249
GET /recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit HTTP/1.1
Host: www.recaptcha.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
expires: Sat, 27 May 2023 20:35:27 GMT
date: Sat, 27 May 2023 20:35:27 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 586
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
upfilesurls.com/img/menu.svg
104.26.8.138200 OK 414 B URL GET HTTP/2 upfilesurls.com/img/menu.svg
IP 104.26.8.138:443
Requested by https://upfilesurls.com/A9Vhu
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text
Hash e194fab3eea9f00d5a3814c4df00ac8c
4a9760c8ec110364d025527e26730e78ae0b3ac0
3d3e6705b468cecdd78fb9a1ee6688d60e1d2c1caa0db7baa88db460315dccea
Analyzer Verdict Alert fortinet Malware
GET /img/menu.svg HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/A9Vhu
Cookie: auth=eyJpdiI6IlBnejdMaWIvQ2VrZlUwT0hCWkN6SFE9PSIsInZhbHVlIjoieXhPSUw5WnNPc0dIV051Tlc2RllyQT09IiwibWFjIjoiZWYyZTBlYjU1NzhiZDU5YjIyN2U1NmU0NzMwYTdjY2I4OTRmZWIzYzlhZGU1NzVmYzNiMGMzYmI3OGVhYzBkMSIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6InRiWjZLbmNYWldpVHdPcm5uQ0ZDUVE9PSIsInZhbHVlIjoiaEt1MkE4VU5CTi9mai9NQWpZbjhEenR3Q3FOWW0yZ0NNcTBXWW45V2ZyTUZYTjhpQlh4ZUIwcVBTZzAxUmFHWldFaWl2ZG13LzhQQS9FWXZnRkN3YWJPM2VyT00vQXV5bzIzaEpHcU9GbldYaGdTS0dSTFUwMTBDNUQrbGVzdHAiLCJtYWMiOiIyZTVhMDVlY2E1MDVkZjQyOTQ0MTcyMzM2ZWVjNTNmMjY0NmY4MTJiYTgxYmI0ZDIyZmRkMWIxMmEwNmVmMjY5IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InhsMkNaeUgwajhYaFQzdVZibyt1YkE9PSIsInZhbHVlIjoiR1lOMDJReU11L3Y4Ty9acVIvd3dBY0x6dDU0Z1NyVklad0lQeklLcUcvN2h5R2NGalV2eW80Zk5Cam1sUERFcGZBdEJ0TWFKMjVlNzJsSkxvUjZMbkR2Rkh3NEdtWWpWczhDUFFpUVJWQlI2WVA1OXZGRHB1WjZmdnM2b0xOMi8iLCJtYWMiOiIzOWI3NDM2NmQ4ZmYzMjQ1YzA4YTNjNTI3Zjk3MTIwZWI2YWZhNGM4MGU1MWY5ODIyZGE1NjZmNDY0MGI3NzUwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 27 May 2023 20:35:26 GMT
content-type: image/svg+xml
last-modified: Tue, 24 Jan 2023 16:39:42 GMT
vary: Accept-Encoding
etag: W/"63d009ce-72e"
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 274947
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AaMdN%2BMy01B0sx1w3CH%2FP1rTfwD95OhgXs8xiAZ%2FbaWCKUlWrVAMkgCcqU6meVytVBDEgkZvRdj4XHeL4vOKVfERw0vV0oQtQ8FUOTknAmo3jNlXlVPRP9pxNccblxQ0WA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce10b5a4af60b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.130200 OK 0 B URL HEAD HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.130:443
Requested by https://upfilesurls.com/A9Vhu
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint4D:38:FE:62:28:C3:2C:26:D3:E4:2A:D2:FD:07:5A:0E:7D:C6:AD:7C
ValidityMon, 08 May 2023 08:20:04 GMT - Mon, 31 Jul 2023 08:20:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 27 May 2023 20:35:27 GMT
expires: Sat, 27 May 2023 20:35:27 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 14606049170407605144
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 47130
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
etheappyrincea.info/utx?cb=myiNEIe98b2J&top=upfilesurls.com&tid=974624
54.230.111.56204 No Content 0 B URL GET HTTP/2 etheappyrincea.info/utx?cb=myiNEIe98b2J&top=upfilesurls.com&tid=974624
IP 54.230.111.56:443
Requested by https://upfilesurls.com/A9Vhu
Certificate IssuerAmazon
Subjectetheappyrincea.info
FingerprintCA:17:98:7B:06:0A:D6:B9:7E:AA:96:FD:C8:F2:25:18:71:71:A8:4E
ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 02 Jun 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=myiNEIe98b2J&top=upfilesurls.com&tid=974624 HTTP/1.1
Host: etheappyrincea.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Sat, 27 May 2023 20:35:27 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://upfilesurls.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sat, 27 May 2023 20:36:27 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pwYb_dqtUlb-V8CVk8OULwoU_eBUVBuase9zW9tgFoh8Te4y016LzA==
X-Firefox-Spdy: h2
accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneF1VfoPge7V7trQAf66dHSFqrflUO7Pq7VGuR6uzcVn-RFMXpCKPsYBG9ogSGDgXDJpvkrkgQ
216.58.207.237302 Found 396 B URL GET HTTP/3 accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneF1VfoPge7V7trQAf66dHSFqrflUO7Pq7VGuR6uzcVn-RFMXpCKPsYBG9ogSGDgXDJpvkrkgQ
IP 216.58.207.237:443
Requested by https://upfilesurls.com/A9Vhu
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (380)
Hash 684b6338ab3ab97a9f6cc11eb31a13f2
8c6deb9524141fd0d0d41a1553df9a6de0aa64f1
d1436f5fbd4614a8e6337c8251ce7f4d2c43cc632fef7333013aaacee45188c5
GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneF1VfoPge7V7trQAf66dHSFqrflUO7Pq7VGuR6uzcVn-RFMXpCKPsYBG9ogSGDgXDJpvkrkgQ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:6xvuLPUVs69M1cROkkdnWliDWLtSfg:gGZscqjrnjO6mvPP;Path=/;Expires=Mon, 26-May-2025 20:35:27 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 27 May 2023 20:35:27 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-267388407%3A1685219727911737&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneEgtl9KWaiI8vyHbJgZbpNCYr3SYCHe6ig3O8VQ3_ZuHbveDv3grL1KQIs8Zq2q6B-1JThlZw&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: script-src 'nonce-TPWhjp1GrZM1hWhjeCevnA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 396
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js
216.58.211.3200 OK 166 kB URL GET HTTP/2 www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js
IP 216.58.211.3:443
Requested by https://upfilesurls.com/A9Vhu
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type ASCII text, with very long lines (660)
Size 166 kB (166449 bytes)
Hash 95a32a4d8f8be968bc15d6ab9b9491d1
fbfbcb40c8d8997096cd2ea3d8cfc3dee1981015
a41096fbcf982d79bf075bf2378c9c0c2e8ada5bdc94bd7cc794454135ccf981
GET /recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166449
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 22 May 2023 23:49:29 GMT
expires: Tue, 21 May 2024 23:49:29 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 May 2023 20:58:33 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 420358
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneHlp73CUWrMSi3ylNQzxvnXAHAIL0AsS3T2dYYM16Xr47A7SG6JuP6tantDYzIk-00kzPbjOg
216.58.207.237302 Found 398 B URL GET HTTP/3 accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneHlp73CUWrMSi3ylNQzxvnXAHAIL0AsS3T2dYYM16Xr47A7SG6JuP6tantDYzIk-00kzPbjOg
IP 216.58.207.237:443
Requested by https://upfilesurls.com/A9Vhu
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (385)
Hash df4ee57c5803a15f96ff7853cded3978
fae23a6af1077ff7f3bee01bab1fbcc4c8b38f94
0cdcde0801a181568947b93ff8b008456ca0172b17b3cb6853d92d1637aca0af
GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneHlp73CUWrMSi3ylNQzxvnXAHAIL0AsS3T2dYYM16Xr47A7SG6JuP6tantDYzIk-00kzPbjOg HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:1pg8I9Pc3JRgGqVl3FRSYhtka-yM9A:MwEhoaQ4IRZ3AKJz;Path=/;Expires=Mon, 26-May-2025 20:35:27 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 27 May 2023 20:35:27 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1408296721%3A1685219727968447&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneEhOoWNAk1xmf7JnB-a9AJ3TKLGYg01NDpbODZOJaPVmntIk99ISJDiGizR48JSe6oO1yihbw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: script-src 'nonce-tBI555YdQ2-WdgSzd50fYA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 398
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.130200 OK 0 B URL HEAD HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.130:443
Requested by https://upfilesurls.com/A9Vhu
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint4D:38:FE:62:28:C3:2C:26:D3:E4:2A:D2:FD:07:5A:0E:7D:C6:AD:7C
ValidityMon, 08 May 2023 08:20:04 GMT - Mon, 31 Jul 2023 08:20:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 27 May 2023 20:35:28 GMT
expires: Sat, 27 May 2023 20:35:28 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 4871561670679049176
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 47251
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
upfilesurls.com/img/logo.svg
104.26.8.138200 OK 22 kB URL GET HTTP/2 upfilesurls.com/img/logo.svg
IP 104.26.8.138:443
Requested by https://upfilesurls.com/A9Vhu
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1361)
Hash 1e28749acbd90e7e99a883c1890327cd
638b4525d3f0ed776db136ca1025a8961f46c9e0
d526da1f4d4af45cefd2a0d140abec2beddc3150d13c47d3de893eaa278a369d
Analyzer Verdict Alert fortinet Malware
GET /img/logo.svg HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/A9Vhu
Cookie: auth=eyJpdiI6IlBnejdMaWIvQ2VrZlUwT0hCWkN6SFE9PSIsInZhbHVlIjoieXhPSUw5WnNPc0dIV051Tlc2RllyQT09IiwibWFjIjoiZWYyZTBlYjU1NzhiZDU5YjIyN2U1NmU0NzMwYTdjY2I4OTRmZWIzYzlhZGU1NzVmYzNiMGMzYmI3OGVhYzBkMSIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6InRiWjZLbmNYWldpVHdPcm5uQ0ZDUVE9PSIsInZhbHVlIjoiaEt1MkE4VU5CTi9mai9NQWpZbjhEenR3Q3FOWW0yZ0NNcTBXWW45V2ZyTUZYTjhpQlh4ZUIwcVBTZzAxUmFHWldFaWl2ZG13LzhQQS9FWXZnRkN3YWJPM2VyT00vQXV5bzIzaEpHcU9GbldYaGdTS0dSTFUwMTBDNUQrbGVzdHAiLCJtYWMiOiIyZTVhMDVlY2E1MDVkZjQyOTQ0MTcyMzM2ZWVjNTNmMjY0NmY4MTJiYTgxYmI0ZDIyZmRkMWIxMmEwNmVmMjY5IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InhsMkNaeUgwajhYaFQzdVZibyt1YkE9PSIsInZhbHVlIjoiR1lOMDJReU11L3Y4Ty9acVIvd3dBY0x6dDU0Z1NyVklad0lQeklLcUcvN2h5R2NGalV2eW80Zk5Cam1sUERFcGZBdEJ0TWFKMjVlNzJsSkxvUjZMbkR2Rkh3NEdtWWpWczhDUFFpUVJWQlI2WVA1OXZGRHB1WjZmdnM2b0xOMi8iLCJtYWMiOiIzOWI3NDM2NmQ4ZmYzMjQ1YzA4YTNjNTI3Zjk3MTIwZWI2YWZhNGM4MGU1MWY5ODIyZGE1NjZmNDY0MGI3NzUwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 27 May 2023 20:35:26 GMT
content-type: image/svg+xml
last-modified: Fri, 08 Apr 2022 10:55:45 GMT
etag: W/"625014b1-56e8"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 274947
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EFTzRfx1FrqihA%2B0ZLr7RQ8kzkyYjeOIys1B16zd82YIAvFkRJlfLAPbKsYguBrtCno0dJxb%2BI5upYyLmjHfmCmCP%2BnZHIrECyu6IXiK4Tb%2FBWzFSRT1RhQM9GA7u9Ymfw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce10b5a4af50b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
live.demand.supply/x/e.js?ce=bb&r=upfilesurls.com_auto_728x90_sticky_display_bottom&dsReferer=dXBmaWxlc3VybHMuY29tL0E5Vmh1
104.16.134.22200 OK 0 B URL HEAD HTTP/3 live.demand.supply/x/e.js?ce=bb&r=upfilesurls.com_auto_728x90_sticky_display_bottom&dsReferer=dXBmaWxlc3VybHMuY29tL0E5Vmh1
IP 104.16.134.22:443
Requested by https://upfilesurls.com/A9Vhu
Certificate IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /x/e.js?ce=bb&r=upfilesurls.com_auto_728x90_sticky_display_bottom&dsReferer=dXBmaWxlc3VybHMuY29tL0E5Vmh1 HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 27 May 2023 20:35:27 GMT
content-type: application/javascript; charset=UTF-8
content-length: 1
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=2
etag: "dfe0abe17839ba4f36623d3c9332b694-ssl"
x-nf-request-id: 01H0WH53N5DXY1S5GWJ4J08TX0
cf-cache-status: HIT
age: 623506
accept-ranges: bytes
set-cookie: __cf_bm=pDaV0QzkFMj2Bc3LEqndLpgkDSdhZZOyZlGjsTfm00Y-1685219727-0-AQG0P+qbAHRnbugpAUVNVOjKTKNYEKdDJTcJmjcfVJHM1uRFOCRuRdk0RAO2UMTIgyHwLxofLpCCMBTqyHK8RfU=; path=/; expires=Sat, 27-May-23 21:05:27 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce10b5f0eeab515-OSL
alt-svc: h3=":443"; ma=86400
upfilesurls.com/A9Vhu?auth=eyJpdiI6IlBnejdMaWIvQ2VrZlUwT0hCWkN6SFE9PSIsInZhbHVlIjoieXhPSUw5WnNPc0dIV051Tlc2RllyQT09IiwibWFjIjoiZWYyZTBlYjU1NzhiZDU5YjIyN2U1NmU0NzMwYTdjY2I4OTRmZWIzYzlhZGU1NzVmYzNiMGMzYmI3OGVhYzBkMSIsInRhZyI6IiJ9
104.26.8.138302 Found 94 kB URL User Request GET HTTP/2 upfilesurls.com/A9Vhu?auth=eyJpdiI6IlBnejdMaWIvQ2VrZlUwT0hCWkN6SFE9PSIsInZhbHVlIjoieXhPSUw5WnNPc0dIV051Tlc2RllyQT09IiwibWFjIjoiZWYyZTBlYjU1NzhiZDU5YjIyN2U1NmU0NzMwYTdjY2I4OTRmZWIzYzlhZGU1NzVmYzNiMGMzYmI3OGVhYzBkMSIsInRhZyI6IiJ9
IP 104.26.8.138:443
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /A9Vhu?auth=eyJpdiI6IlBnejdMaWIvQ2VrZlUwT0hCWkN6SFE9PSIsInZhbHVlIjoieXhPSUw5WnNPc0dIV051Tlc2RllyQT09IiwibWFjIjoiZWYyZTBlYjU1NzhiZDU5YjIyN2U1NmU0NzMwYTdjY2I4OTRmZWIzYzlhZGU1NzVmYzNiMGMzYmI3OGVhYzBkMSIsInRhZyI6IiJ9 HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sat, 27 May 2023 20:35:25 GMT
content-type: text/html; charset=UTF-8
location: https://upfilesurls.com/A9Vhu
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: auth=eyJpdiI6IlBnejdMaWIvQ2VrZlUwT0hCWkN6SFE9PSIsInZhbHVlIjoieXhPSUw5WnNPc0dIV051Tlc2RllyQT09IiwibWFjIjoiZWYyZTBlYjU1NzhiZDU5YjIyN2U1NmU0NzMwYTdjY2I4OTRmZWIzYzlhZGU1NzVmYzNiMGMzYmI3OGVhYzBkMSIsInRhZyI6IiJ9; path=/; secure; httponly; samesite=lax
XSRF-TOKEN=eyJpdiI6IkZUUkhLUVc0MitiWk4vVEFMdGh6dkE9PSIsInZhbHVlIjoiWFJobnh6eldPa1ZxRjV1SEdGM2ZrQmJCNzdwL3YvNUVMN05JTFVvamloc0xPUXovNVBpMUViVlhsV2FURFBFSGRHQThSYlZxRDI0TXlSMEpsNFBrenIvVlBacGtxYWUzb1NpSEdaZElGT1JaRTBOVXR0SE1mWXBnU0tvdDl4OC8iLCJtYWMiOiIyZTI0ZDhjNDg3MDJmYWEwNjFiMjA5Yjc5NmMxYzYxMTVlNDA1OTUwN2RkN2U0M2NjZTFjYTNhODhkNTkwZDM0IiwidGFnIjoiIn0%3D; expires=Sat, 27-May-2023 22:35:25 GMT; Max-Age=7200; path=/; samesite=lax
upfiles_session=eyJpdiI6Ik1GU3haUXpCNXFsSDdHNUpiRWNPTVE9PSIsInZhbHVlIjoibEN2UXRiRGFBa0FLYkJnVTY3b3B5bGs2OGY5WWx3S3dZek95aGtFWDB4VWlzSG1XMGVhL0NBUTdkOE5qTTBEVkh3eC9VYXU1SEUwTkxRWmdQQkIvYW5Fb3Q3aTdseHYyNkp6WFZZbjNiWkR6TFYxVGQwZFVNbDA0bE44WC9tbngiLCJtYWMiOiI4NzY2NDZkOTM4ODU0ZDFmZTA5MTY1N2FkNjcxNGQxZGU5YTEzOTgxYzhkMzRjMjJmZDA0ODY5NTNmNWI5ZjY3IiwidGFnIjoiIn0%3D; expires=Sat, 27-May-2023 22:35:25 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZSjnxKv4GzRJYG5oQYfPgbCxKsd2dxSWhbVt1E2OtLx4jWpW4QGsi1UP636YQ2WQNY%2FeCi%2F9nSL4S%2FQc4ALrjoFdMV0Btvi4vQ2ID4k3AWiexqDwnhIwp0PUAvLer32gDg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce10b564ec60b3d-OSL
X-Firefox-Spdy: h2
upfilesurls.com/css/frontend.css?id=2396ffb76e738e465b53
104.26.8.138200 OK 261 kB URL GET HTTP/2 upfilesurls.com/css/frontend.css?id=2396ffb76e738e465b53
IP 104.26.8.138:443
Requested by https://upfilesurls.com/A9Vhu
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
Size 261 kB (261253 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /css/frontend.css?id=2396ffb76e738e465b53 HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/A9Vhu
Cookie: auth=eyJpdiI6IlBnejdMaWIvQ2VrZlUwT0hCWkN6SFE9PSIsInZhbHVlIjoieXhPSUw5WnNPc0dIV051Tlc2RllyQT09IiwibWFjIjoiZWYyZTBlYjU1NzhiZDU5YjIyN2U1NmU0NzMwYTdjY2I4OTRmZWIzYzlhZGU1NzVmYzNiMGMzYmI3OGVhYzBkMSIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6InRiWjZLbmNYWldpVHdPcm5uQ0ZDUVE9PSIsInZhbHVlIjoiaEt1MkE4VU5CTi9mai9NQWpZbjhEenR3Q3FOWW0yZ0NNcTBXWW45V2ZyTUZYTjhpQlh4ZUIwcVBTZzAxUmFHWldFaWl2ZG13LzhQQS9FWXZnRkN3YWJPM2VyT00vQXV5bzIzaEpHcU9GbldYaGdTS0dSTFUwMTBDNUQrbGVzdHAiLCJtYWMiOiIyZTVhMDVlY2E1MDVkZjQyOTQ0MTcyMzM2ZWVjNTNmMjY0NmY4MTJiYTgxYmI0ZDIyZmRkMWIxMmEwNmVmMjY5IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InhsMkNaeUgwajhYaFQzdVZibyt1YkE9PSIsInZhbHVlIjoiR1lOMDJReU11L3Y4Ty9acVIvd3dBY0x6dDU0Z1NyVklad0lQeklLcUcvN2h5R2NGalV2eW80Zk5Cam1sUERFcGZBdEJ0TWFKMjVlNzJsSkxvUjZMbkR2Rkh3NEdtWWpWczhDUFFpUVJWQlI2WVA1OXZGRHB1WjZmdnM2b0xOMi8iLCJtYWMiOiIzOWI3NDM2NmQ4ZmYzMjQ1YzA4YTNjNTI3Zjk3MTIwZWI2YWZhNGM4MGU1MWY5ODIyZGE1NjZmNDY0MGI3NzUwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 27 May 2023 20:35:26 GMT
content-type: text/css
cf-bgj: minify
etag: W/"63a354a4-3f918"
last-modified: Wed, 21 Dec 2022 18:47:00 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cache-control: max-age=14400
cf-cache-status: HIT
age: 13236148
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C02vkXAWsKxy83GIQnVHTncZoS3OLCUjt8CD7%2BfyJ0z9RZw1ONt11LBKp6fkv3ycCOZZpE72IevDrOHeTHz%2F3prrALbxCl9WKUjLP%2BnvvzU6DJWeKuiMMz1L0gmTUxqv5w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce10b5a4af20b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
upfilesurls.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
104.26.8.138200 OK 5.7 kB URL GET HTTP/2 upfilesurls.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
IP 104.26.8.138:443
Requested by https://upfilesurls.com/A9Vhu
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
File type ASCII text, with very long lines (5718), with no line terminators
Hash 7f66d0cabe366e2b189af543781b5371
927059c8f8dcd69e6e53d941295e42f361e68009
185f1fd23a017a1bb3498fa7f105c9f48354226915dfd97b65b71324a0573301
Analyzer Verdict Alert fortinet Malware
GET /cdn-cgi/challenge-platform/h/b/scripts/pica.js HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/A9Vhu
Cookie: auth=eyJpdiI6IlBnejdMaWIvQ2VrZlUwT0hCWkN6SFE9PSIsInZhbHVlIjoieXhPSUw5WnNPc0dIV051Tlc2RllyQT09IiwibWFjIjoiZWYyZTBlYjU1NzhiZDU5YjIyN2U1NmU0NzMwYTdjY2I4OTRmZWIzYzlhZGU1NzVmYzNiMGMzYmI3OGVhYzBkMSIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6InRiWjZLbmNYWldpVHdPcm5uQ0ZDUVE9PSIsInZhbHVlIjoiaEt1MkE4VU5CTi9mai9NQWpZbjhEenR3Q3FOWW0yZ0NNcTBXWW45V2ZyTUZYTjhpQlh4ZUIwcVBTZzAxUmFHWldFaWl2ZG13LzhQQS9FWXZnRkN3YWJPM2VyT00vQXV5bzIzaEpHcU9GbldYaGdTS0dSTFUwMTBDNUQrbGVzdHAiLCJtYWMiOiIyZTVhMDVlY2E1MDVkZjQyOTQ0MTcyMzM2ZWVjNTNmMjY0NmY4MTJiYTgxYmI0ZDIyZmRkMWIxMmEwNmVmMjY5IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InhsMkNaeUgwajhYaFQzdVZibyt1YkE9PSIsInZhbHVlIjoiR1lOMDJReU11L3Y4Ty9acVIvd3dBY0x6dDU0Z1NyVklad0lQeklLcUcvN2h5R2NGalV2eW80Zk5Cam1sUERFcGZBdEJ0TWFKMjVlNzJsSkxvUjZMbkR2Rkh3NEdtWWpWczhDUFFpUVJWQlI2WVA1OXZGRHB1WjZmdnM2b0xOMi8iLCJtYWMiOiIzOWI3NDM2NmQ4ZmYzMjQ1YzA4YTNjNTI3Zjk3MTIwZWI2YWZhNGM4MGU1MWY5ODIyZGE1NjZmNDY0MGI3NzUwIiwidGFnIjoiIn0%3D; ab=1
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 27 May 2023 20:35:27 GMT
content-type: application/javascript; charset=UTF-8
vary: accept-encoding
cache-control: max-age=14400, public
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JWqr6oxd6c2XBejlEKwcPEUa3i7Mm3H0jCTe%2FnpWeqS1wxvnKn4XpK45qMUf2tL9aiy0p%2FgvgamYoFbOTz5Ok719%2Fk91qJtLUD25nCyJ6rrDCtp9Ucsmp7P%2BIlmKJZMQVg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce10b5effc80b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
datatechone.com/log/add?cid=099bff94-57af-4b2b-a42c-300c65c51697
139.45.195.253200 OK 2 B URL POST HTTP/1.1 datatechone.com/log/add?cid=099bff94-57af-4b2b-a42c-300c65c51697
IP 139.45.195.253:443
Requested by https://upfilesurls.com/A9Vhu
Certificate IssuerSectigo Limited
Subjectdatatechone.com
Fingerprint8E:B7:22:E4:97:95:3C:60:FC:7C:41:39:A6:B7:B7:E2:48:B2:D0:18
ValiditySun, 18 Dec 2022 00:00:00 GMT - Sun, 24 Dec 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /log/add?cid=099bff94-57af-4b2b-a42c-300c65c51697 HTTP/1.1
Host: datatechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1347
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sat, 27 May 2023 20:35:27 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://upfilesurls.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
gforanythingamgl.info/popunder.gif
104.21.93.237200 OK 35 B URL GET HTTP/3 gforanythingamgl.info/popunder.gif
IP 104.21.93.237:443
Requested by https://upfilesurls.com/A9Vhu
Certificate IssuerGoogle Trust Services LLC
Subjectgforanythingamgl.info
Fingerprint5E:50:F4:C2:4F:D9:85:4E:40:F6:9A:2E:AC:04:DE:C2:79:BB:A8:74
ValidityFri, 05 May 2023 13:46:21 GMT - Thu, 03 Aug 2023 13:46:20 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Analyzer Verdict Alert quad9 Sinkholed
GET /popunder.gif HTTP/1.1
Host: gforanythingamgl.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 27 May 2023 20:35:28 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 505866
last-modified: Mon, 22 May 2023 00:04:22 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XTImbDUJKPkSq%2B7U%2BAUfKFLOHUqqIZmuRev4Yswz7OfJhbHTzY50TK%2BUIMOsp1bJ54akgjWBatYMLzzkN07hlbjkig2sI2NQsqOfrXMQmSFSEehM4y6rip5Uk%2BCTZXAYar2EOUILLQE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce10b64efc8b517-OSL
alt-svc: h3=":443"; ma=86400
accounts.google.com/v3/signin/identifier?dsh=S-267388407%3A1685219727911737&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneEgtl9KWaiI8vyHbJgZbpNCYr3SYCHe6ig3O8VQ3_ZuHbveDv3grL1KQIs8Zq2q6B-1JThlZw&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
216.58.207.237403 Forbidden 0 B URL GET HTTP/3 accounts.google.com/v3/signin/identifier?dsh=S-267388407%3A1685219727911737&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneEgtl9KWaiI8vyHbJgZbpNCYr3SYCHe6ig3O8VQ3_ZuHbveDv3grL1KQIs8Zq2q6B-1JThlZw&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
IP 216.58.207.237:443
Requested by https://upfilesurls.com/A9Vhu
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/signin/identifier?dsh=S-267388407%3A1685219727911737&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneEgtl9KWaiI8vyHbJgZbpNCYr3SYCHe6ig3O8VQ3_ZuHbveDv3grL1KQIs8Zq2q6B-1JThlZw&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 27 May 2023 20:35:27 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-security-policy: script-src 'nonce-yoO_NSAZbNIgdmmU4PYLNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
accounts.google.com/v3/signin/identifier?dsh=S-1408296721%3A1685219727968447&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneEhOoWNAk1xmf7JnB-a9AJ3TKLGYg01NDpbODZOJaPVmntIk99ISJDiGizR48JSe6oO1yihbw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
216.58.207.237403 Forbidden 0 B URL GET HTTP/3 accounts.google.com/v3/signin/identifier?dsh=S-1408296721%3A1685219727968447&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneEhOoWNAk1xmf7JnB-a9AJ3TKLGYg01NDpbODZOJaPVmntIk99ISJDiGizR48JSe6oO1yihbw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
IP 216.58.207.237:443
Requested by https://upfilesurls.com/A9Vhu
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/signin/identifier?dsh=S-1408296721%3A1685219727968447&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneEhOoWNAk1xmf7JnB-a9AJ3TKLGYg01NDpbODZOJaPVmntIk99ISJDiGizR48JSe6oO1yihbw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 27 May 2023 20:35:28 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-Hl5ILXyRSsn9jXtpSygA9g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
104.26.8.138200 OK 94 kB URL User Request GET HTTP/2 IP 104.26.8.138:443
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /A9Vhu HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: auth=eyJpdiI6IlBnejdMaWIvQ2VrZlUwT0hCWkN6SFE9PSIsInZhbHVlIjoieXhPSUw5WnNPc0dIV051Tlc2RllyQT09IiwibWFjIjoiZWYyZTBlYjU1NzhiZDU5YjIyN2U1NmU0NzMwYTdjY2I4OTRmZWIzYzlhZGU1NzVmYzNiMGMzYmI3OGVhYzBkMSIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6IkZUUkhLUVc0MitiWk4vVEFMdGh6dkE9PSIsInZhbHVlIjoiWFJobnh6eldPa1ZxRjV1SEdGM2ZrQmJCNzdwL3YvNUVMN05JTFVvamloc0xPUXovNVBpMUViVlhsV2FURFBFSGRHQThSYlZxRDI0TXlSMEpsNFBrenIvVlBacGtxYWUzb1NpSEdaZElGT1JaRTBOVXR0SE1mWXBnU0tvdDl4OC8iLCJtYWMiOiIyZTI0ZDhjNDg3MDJmYWEwNjFiMjA5Yjc5NmMxYzYxMTVlNDA1OTUwN2RkN2U0M2NjZTFjYTNhODhkNTkwZDM0IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6Ik1GU3haUXpCNXFsSDdHNUpiRWNPTVE9PSIsInZhbHVlIjoibEN2UXRiRGFBa0FLYkJnVTY3b3B5bGs2OGY5WWx3S3dZek95aGtFWDB4VWlzSG1XMGVhL0NBUTdkOE5qTTBEVkh3eC9VYXU1SEUwTkxRWmdQQkIvYW5Fb3Q3aTdseHYyNkp6WFZZbjNiWkR6TFYxVGQwZFVNbDA0bE44WC9tbngiLCJtYWMiOiI4NzY2NDZkOTM4ODU0ZDFmZTA5MTY1N2FkNjcxNGQxZGU5YTEzOTgxYzhkMzRjMjJmZDA0ODY5NTNmNWI5ZjY3IiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 27 May 2023 20:35:26 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6InRiWjZLbmNYWldpVHdPcm5uQ0ZDUVE9PSIsInZhbHVlIjoiaEt1MkE4VU5CTi9mai9NQWpZbjhEenR3Q3FOWW0yZ0NNcTBXWW45V2ZyTUZYTjhpQlh4ZUIwcVBTZzAxUmFHWldFaWl2ZG13LzhQQS9FWXZnRkN3YWJPM2VyT00vQXV5bzIzaEpHcU9GbldYaGdTS0dSTFUwMTBDNUQrbGVzdHAiLCJtYWMiOiIyZTVhMDVlY2E1MDVkZjQyOTQ0MTcyMzM2ZWVjNTNmMjY0NmY4MTJiYTgxYmI0ZDIyZmRkMWIxMmEwNmVmMjY5IiwidGFnIjoiIn0%3D; expires=Sat, 27-May-2023 22:35:26 GMT; Max-Age=7200; path=/; samesite=lax
upfiles_session=eyJpdiI6InhsMkNaeUgwajhYaFQzdVZibyt1YkE9PSIsInZhbHVlIjoiR1lOMDJReU11L3Y4Ty9acVIvd3dBY0x6dDU0Z1NyVklad0lQeklLcUcvN2h5R2NGalV2eW80Zk5Cam1sUERFcGZBdEJ0TWFKMjVlNzJsSkxvUjZMbkR2Rkh3NEdtWWpWczhDUFFpUVJWQlI2WVA1OXZGRHB1WjZmdnM2b0xOMi8iLCJtYWMiOiIzOWI3NDM2NmQ4ZmYzMjQ1YzA4YTNjNTI3Zjk3MTIwZWI2YWZhNGM4MGU1MWY5ODIyZGE1NjZmNDY0MGI3NzUwIiwidGFnIjoiIn0%3D; expires=Sat, 27-May-2023 22:35:26 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cd78UkbRriA9LWtCOCCyHXQ1gucZ%2BMYePam1mgdqa99nirUzRUIRvAn1Sqej%2BFcfBJaIBhwgG%2BkVCniUKaM8g1WnzAJFkDyT7DXsNC6WgzzeWK6RLiStq4fzcx8OkJwOIw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce10b56ef460b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
upfilesurls.com/js/frontend.js?id=88f283c744d8a6e43cfb
104.26.8.138200 OK 981 kB URL GET HTTP/2 upfilesurls.com/js/frontend.js?id=88f283c744d8a6e43cfb
IP 104.26.8.138:443
Requested by https://upfilesurls.com/A9Vhu
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
Size 981 kB (980828 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /js/frontend.js?id=88f283c744d8a6e43cfb HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/A9Vhu
Cookie: auth=eyJpdiI6IlBnejdMaWIvQ2VrZlUwT0hCWkN6SFE9PSIsInZhbHVlIjoieXhPSUw5WnNPc0dIV051Tlc2RllyQT09IiwibWFjIjoiZWYyZTBlYjU1NzhiZDU5YjIyN2U1NmU0NzMwYTdjY2I4OTRmZWIzYzlhZGU1NzVmYzNiMGMzYmI3OGVhYzBkMSIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6InRiWjZLbmNYWldpVHdPcm5uQ0ZDUVE9PSIsInZhbHVlIjoiaEt1MkE4VU5CTi9mai9NQWpZbjhEenR3Q3FOWW0yZ0NNcTBXWW45V2ZyTUZYTjhpQlh4ZUIwcVBTZzAxUmFHWldFaWl2ZG13LzhQQS9FWXZnRkN3YWJPM2VyT00vQXV5bzIzaEpHcU9GbldYaGdTS0dSTFUwMTBDNUQrbGVzdHAiLCJtYWMiOiIyZTVhMDVlY2E1MDVkZjQyOTQ0MTcyMzM2ZWVjNTNmMjY0NmY4MTJiYTgxYmI0ZDIyZmRkMWIxMmEwNmVmMjY5IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InhsMkNaeUgwajhYaFQzdVZibyt1YkE9PSIsInZhbHVlIjoiR1lOMDJReU11L3Y4Ty9acVIvd3dBY0x6dDU0Z1NyVklad0lQeklLcUcvN2h5R2NGalV2eW80Zk5Cam1sUERFcGZBdEJ0TWFKMjVlNzJsSkxvUjZMbkR2Rkh3NEdtWWpWczhDUFFpUVJWQlI2WVA1OXZGRHB1WjZmdnM2b0xOMi8iLCJtYWMiOiIzOWI3NDM2NmQ4ZmYzMjQ1YzA4YTNjNTI3Zjk3MTIwZWI2YWZhNGM4MGU1MWY5ODIyZGE1NjZmNDY0MGI3NzUwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 27 May 2023 20:35:26 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=980842
etag: W/"63baab19-ef76a"
last-modified: Sun, 08 Jan 2023 11:38:01 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Accept-Encoding
cf-cache-status: HIT
age: 12039595
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OWUBcpIRnGlcz5mp8nLaCczeCGbEti6B4uyktdLbXWlmtSMJhqRz6OZKslZIv%2F6RYZGu69z3AjUlotTK9wFLKkTtPHc%2FYslcFJil3TExIZElV8fK7BNenz3XqTyaVyWJ8A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce10b5a5b070b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
live.demand.supply/ds.2.html
104.16.134.22200 OK 413 B URL GET HTTP/3 live.demand.supply/ds.2.html
IP 104.16.134.22:443
Requested by https://upfilesurls.com/A9Vhu
Certificate IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (430), with no line terminators
Hash 68dce237203af5e16657b39e1f2e7b46
8084ece9e2500c1a0731aaf8f33290744b174b9c
8534d0076676e85517a298ded722e84bb64abf655fbc565588f76a7e26ad4680
GET /ds.2.html HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 27 May 2023 20:35:27 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
x-nf-request-id: 01GZ1TRE6JCM1Y4N530MF91ECS
cf-cache-status: HIT
age: 553147
set-cookie: __cf_bm=uYUsOnF9GQHNoqNCvER8quWniARqFSd34Qy3jvOI.Ms-1685219727-0-AevPWisBteiaPYhEHPC+zzEOsXuU2/cSudtMuYLztJNpWlSzLsk8Fsg/qcIPFxM7S1UggTXPJgMCRWHAu+o6OOY=; path=/; expires=Sat, 27-May-23 21:05:27 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce10b5e3868b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
gforanythingamgl.info/SFdlWTlnaAYqBBw8N21YJgFQPVIKNDQBTTEEI2h9Lh8jEmF4AkMtUCxqXG4BeWJWf0khM1hoHzsjBC1MO2pUf1AmMQpkHz5qVHcKfHlWaxd6cRBkCG4jFThedWZDKU08O1hoD3BiV2gAf2VTag97
104.21.93.237204 No Content 0 B URL GET HTTP/2 gforanythingamgl.info/SFdlWTlnaAYqBBw8N21YJgFQPVIKNDQBTTEEI2h9Lh8jEmF4AkMtUCxqXG4BeWJWf0khM1hoHzsjBC1MO2pUf1AmMQpkHz5qVHcKfHlWaxd6cRBkCG4jFThedWZDKU08O1hoD3BiV2gAf2VTag97
IP 104.21.93.237:443
Requested by https://upfilesurls.com/A9Vhu
Certificate IssuerGoogle Trust Services LLC
Subjectgforanythingamgl.info
Fingerprint5E:50:F4:C2:4F:D9:85:4E:40:F6:9A:2E:AC:04:DE:C2:79:BB:A8:74
ValidityFri, 05 May 2023 13:46:21 GMT - Thu, 03 Aug 2023 13:46:20 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /SFdlWTlnaAYqBBw8N21YJgFQPVIKNDQBTTEEI2h9Lh8jEmF4AkMtUCxqXG4BeWJWf0khM1hoHzsjBC1MO2pUf1AmMQpkHz5qVHcKfHlWaxd6cRBkCG4jFThedWZDKU08O1hoD3BiV2gAf2VTag97 HTTP/1.1
Host: gforanythingamgl.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Sat, 27 May 2023 20:35:26 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yNpE6QU%2FO4qmKj4prg0unn7DAj5IUO70C8Hy4waXVJ3pGR4v73KGEUJqSBX8YxiJIacfjGsCosGrFGCJJUq6q82JREjLhFVVLvotpZEu2cfgzGjtQZve6HvbN5x4Vf%2FDPhVbpgyt86I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce10b5c38901c0e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
upfilesurls.com/favicon.ico
104.26.8.138200 OK 1.5 kB URL GET HTTP/2 upfilesurls.com/favicon.ico
IP 104.26.8.138:443
Requested by https://upfilesurls.com/A9Vhu
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
File type MS Windows icon resource - 1 icon, 32x32 with PNG image data, 32 x 32, 8-bit colormap, non-interlaced, 32 bits/pixel\012- data
Hash ba3a9d1041ae9a7a655f9632756b1e92
fbb065d1df15871da0b7df14ca22041a729dda88
180c85c0caca07f8411a77e2392751d979f74982f0ed7062a0093b322924f38f
GET /favicon.ico HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/A9Vhu
Cookie: auth=eyJpdiI6IlBnejdMaWIvQ2VrZlUwT0hCWkN6SFE9PSIsInZhbHVlIjoieXhPSUw5WnNPc0dIV051Tlc2RllyQT09IiwibWFjIjoiZWYyZTBlYjU1NzhiZDU5YjIyN2U1NmU0NzMwYTdjY2I4OTRmZWIzYzlhZGU1NzVmYzNiMGMzYmI3OGVhYzBkMSIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6InRiWjZLbmNYWldpVHdPcm5uQ0ZDUVE9PSIsInZhbHVlIjoiaEt1MkE4VU5CTi9mai9NQWpZbjhEenR3Q3FOWW0yZ0NNcTBXWW45V2ZyTUZYTjhpQlh4ZUIwcVBTZzAxUmFHWldFaWl2ZG13LzhQQS9FWXZnRkN3YWJPM2VyT00vQXV5bzIzaEpHcU9GbldYaGdTS0dSTFUwMTBDNUQrbGVzdHAiLCJtYWMiOiIyZTVhMDVlY2E1MDVkZjQyOTQ0MTcyMzM2ZWVjNTNmMjY0NmY4MTJiYTgxYmI0ZDIyZmRkMWIxMmEwNmVmMjY5IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InhsMkNaeUgwajhYaFQzdVZibyt1YkE9PSIsInZhbHVlIjoiR1lOMDJReU11L3Y4Ty9acVIvd3dBY0x6dDU0Z1NyVklad0lQeklLcUcvN2h5R2NGalV2eW80Zk5Cam1sUERFcGZBdEJ0TWFKMjVlNzJsSkxvUjZMbkR2Rkh3NEdtWWpWczhDUFFpUVJWQlI2WVA1OXZGRHB1WjZmdnM2b0xOMi8iLCJtYWMiOiIzOWI3NDM2NmQ4ZmYzMjQ1YzA4YTNjNTI3Zjk3MTIwZWI2YWZhNGM4MGU1MWY5ODIyZGE1NjZmNDY0MGI3NzUwIiwidGFnIjoiIn0%3D; ab=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 27 May 2023 20:35:27 GMT
content-type: image/x-icon
last-modified: Fri, 08 Apr 2022 10:55:45 GMT
vary: Accept-Encoding
etag: W/"625014b1-5b8"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 1118
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z1fYU2E1uI6wQtYFSe0e5KW%2FkqAK1Y8gmbop7VNMVle%2BAqUX%2Bpah%2BqrU7GlCRdKR7qo68QjJ3KagoF%2Fjj%2FliS8WZxfcTtD8sOJislQD9QXKjqbOoLSVGLGwfDZ4SGRtssA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce10b6099460b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
pogothere.xyz/
172.64.132.29200 OK 27 B IP 172.64.132.29:443
Requested by https://upfilesurls.com/A9Vhu
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 567baeb8bab48c758bfe310245a64ac5
4cc6e46d38f7275bc0a93686ca3d50b9b5bdebf0
4001c9fcc46087e5a183d614a17e32dd324c29466d09b0810cddf5bb533393b4
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 27 May 2023 20:35:27 GMT
content-type: text/plain
set-cookie: csu=1358408915818611@1@1685219727; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://upfilesurls.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rNms2swdQ8PRSIcX%2BeeNpGdUuO8FSJE20ifVixKcV4jJ2bvC0tYllrN5CLPXJT1FcapYZgk8s8CaqpHPrf1USCAfo0nGepA4C0BFVp%2FiLb0%2BozwJy%2BBE9rUYV2epKm08"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce10b613da376a1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
upfilesurls.com/cdn-cgi/challenge-platform/h/b/cv/result/7ce10b56ef460b3d
104.26.8.138200 OK 2 B URL POST HTTP/2 upfilesurls.com/cdn-cgi/challenge-platform/h/b/cv/result/7ce10b56ef460b3d
IP 104.26.8.138:443
Requested by https://upfilesurls.com/A9Vhu
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Analyzer Verdict Alert fortinet Malware
POST /cdn-cgi/challenge-platform/h/b/cv/result/7ce10b56ef460b3d HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12370
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/A9Vhu
Cookie: auth=eyJpdiI6IlBnejdMaWIvQ2VrZlUwT0hCWkN6SFE9PSIsInZhbHVlIjoieXhPSUw5WnNPc0dIV051Tlc2RllyQT09IiwibWFjIjoiZWYyZTBlYjU1NzhiZDU5YjIyN2U1NmU0NzMwYTdjY2I4OTRmZWIzYzlhZGU1NzVmYzNiMGMzYmI3OGVhYzBkMSIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6InRiWjZLbmNYWldpVHdPcm5uQ0ZDUVE9PSIsInZhbHVlIjoiaEt1MkE4VU5CTi9mai9NQWpZbjhEenR3Q3FOWW0yZ0NNcTBXWW45V2ZyTUZYTjhpQlh4ZUIwcVBTZzAxUmFHWldFaWl2ZG13LzhQQS9FWXZnRkN3YWJPM2VyT00vQXV5bzIzaEpHcU9GbldYaGdTS0dSTFUwMTBDNUQrbGVzdHAiLCJtYWMiOiIyZTVhMDVlY2E1MDVkZjQyOTQ0MTcyMzM2ZWVjNTNmMjY0NmY4MTJiYTgxYmI0ZDIyZmRkMWIxMmEwNmVmMjY5IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InhsMkNaeUgwajhYaFQzdVZibyt1YkE9PSIsInZhbHVlIjoiR1lOMDJReU11L3Y4Ty9acVIvd3dBY0x6dDU0Z1NyVklad0lQeklLcUcvN2h5R2NGalV2eW80Zk5Cam1sUERFcGZBdEJ0TWFKMjVlNzJsSkxvUjZMbkR2Rkh3NEdtWWpWczhDUFFpUVJWQlI2WVA1OXZGRHB1WjZmdnM2b0xOMi8iLCJtYWMiOiIzOWI3NDM2NmQ4ZmYzMjQ1YzA4YTNjNTI3Zjk3MTIwZWI2YWZhNGM4MGU1MWY5ODIyZGE1NjZmNDY0MGI3NzUwIiwidGFnIjoiIn0%3D; ab=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 27 May 2023 20:35:27 GMT
content-type: text/plain; charset=UTF-8
set-cookie: __cf_bm=kU8RFsSf52PhZTsePWIKCcLxpYOemsRNs1nUAR_i1fw-1685219727-0-AeRDSgAkl1HAZVw7t8uK1fBZfBFbMRVOdaSS5+s6/fUFOdtAnUNhAGdHpqmYhZj95lIpViwYMTOpmBJa1SGPtOQv8CwwZg/tkCGseLt/CcXt; path=/; expires=Sat, 27-May-23 21:05:27 GMT; domain=.upfilesurls.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lw8dry2TgVu1uYh1vO3tx06LbDowqbDxfO1LWOzPxj54iWGNCWKcAnTn5r27QxoK%2FVUCxxlKfYKkeM%2BjKQn5C7E%2B1jkdwmIwJhjdXR%2BfKrhYRCTFpUVqSN%2BUY4ZxUOLcIw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce10b60e98d0b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
upfilesurls.com/img/plane.svg
104.26.8.138200 OK 684 B URL GET HTTP/2 upfilesurls.com/img/plane.svg
IP 104.26.8.138:443
Requested by https://upfilesurls.com/A9Vhu
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (701), with no line terminators
Hash 8e7c41bde9bc90def2171d239eb22f04
853c0fbf7ca55b313af83201d95d6f6f3d3225ba
9bc4e093793a06ba14d0505710aad5254212125573342fa92c228f873d05bfea
Analyzer Verdict Alert fortinet Malware
GET /img/plane.svg HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/A9Vhu
Cookie: auth=eyJpdiI6IlBnejdMaWIvQ2VrZlUwT0hCWkN6SFE9PSIsInZhbHVlIjoieXhPSUw5WnNPc0dIV051Tlc2RllyQT09IiwibWFjIjoiZWYyZTBlYjU1NzhiZDU5YjIyN2U1NmU0NzMwYTdjY2I4OTRmZWIzYzlhZGU1NzVmYzNiMGMzYmI3OGVhYzBkMSIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6InRiWjZLbmNYWldpVHdPcm5uQ0ZDUVE9PSIsInZhbHVlIjoiaEt1MkE4VU5CTi9mai9NQWpZbjhEenR3Q3FOWW0yZ0NNcTBXWW45V2ZyTUZYTjhpQlh4ZUIwcVBTZzAxUmFHWldFaWl2ZG13LzhQQS9FWXZnRkN3YWJPM2VyT00vQXV5bzIzaEpHcU9GbldYaGdTS0dSTFUwMTBDNUQrbGVzdHAiLCJtYWMiOiIyZTVhMDVlY2E1MDVkZjQyOTQ0MTcyMzM2ZWVjNTNmMjY0NmY4MTJiYTgxYmI0ZDIyZmRkMWIxMmEwNmVmMjY5IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InhsMkNaeUgwajhYaFQzdVZibyt1YkE9PSIsInZhbHVlIjoiR1lOMDJReU11L3Y4Ty9acVIvd3dBY0x6dDU0Z1NyVklad0lQeklLcUcvN2h5R2NGalV2eW80Zk5Cam1sUERFcGZBdEJ0TWFKMjVlNzJsSkxvUjZMbkR2Rkh3NEdtWWpWczhDUFFpUVJWQlI2WVA1OXZGRHB1WjZmdnM2b0xOMi8iLCJtYWMiOiIzOWI3NDM2NmQ4ZmYzMjQ1YzA4YTNjNTI3Zjk3MTIwZWI2YWZhNGM4MGU1MWY5ODIyZGE1NjZmNDY0MGI3NzUwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 27 May 2023 20:35:26 GMT
content-type: image/svg+xml
last-modified: Fri, 13 Jan 2023 13:29:35 GMT
vary: Accept-Encoding
etag: W/"63c15cbf-2ac"
cache-control: max-age=2592000
cf-cache-status: HIT
age: 274947
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2FA7wIyQ2Ma6bUy38fMKsSmfzpZxhoCQsWwQXLi1wYSU2kuZg0%2B0fKa6nPo3l%2F1kDVMlWwYKEKslZDmb%2Fn7DJ605D3%2FjB24GlHba%2FBFff7W6AgDUq3nzy0w3HSvDIXJbRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce10b5a5b040b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
live.demand.supply/up.js
104.16.134.22200 OK 4.7 kB IP 104.16.134.22:443
Requested by https://upfilesurls.com/A9Vhu
Certificate IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (4811), with no line terminators
Hash c8a55c686f719e45a5bcf8c5c5be236e
b1d7f520604cc933e6f15dc63021f304e2a7e3aa
008658faa7111b298ece8be03c516a3d839d64d58cc87b2476d2e00b905d7374
GET /up.js HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 27 May 2023 20:35:26 GMT
content-type: application/javascript; charset=UTF-8
cf-ray: 7ce10b5bde40b527-OSL
cf-cache-status: HIT
age: 259
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
etag: W/"ad72f581a14aa3fbbf4827fac4449705-ssl-df"
link: <https://live.demand.supply/impl.v16.9.1.js>; rel=preload; as=script,<https://live.demand.supply/p4/v16-2-0/dXBmaWxlc3VybHMuY29tLw==>; rel=preload; as=script
vary: Accept-Encoding
cf-bgj: minify
cf-polished: origSize=4391
timing-allow-origin: *
x-nf-request-id: 01H0JH3JA8TSZ1S1CGSMZY0Q5D
set-cookie: demandSupplyTi=5d7c3eb1-2f6f-4a26-a7ad-8f0a6cbe7c3b; demandSupplyTc = null; demandSupplyTcI = null; SameSite=None; Secure; Max-Age=63072000
__cf_bm=C0.TBXOrPhpoR21hMIxKZTMH77yNIbeOm5VBmMNgugo-1685219726-0-AXgflqGUf0agbEkI9nx+5gGbtBs2f4cutv/HnFyDAzeFNVQlTUDUufyo5hOg01FwUI05HwM/k69tPV/aoLrMqgE=; path=/; expires=Sat, 27-May-23 21:05:26 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
216.58.207.237302 Found 0 B URL GET HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 216.58.207.237:443
Requested by https://upfilesurls.com/A9Vhu
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint6C:C9:34:01:32:00:11:F3:7A:E2:AA:FC:7C:E3:13:17:3D:17:71:8A
ValidityMon, 08 May 2023 08:25:19 GMT - Mon, 31 Jul 2023 08:25:18 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
set-cookie: __Host-GAPS=1:_D1v9Poy97fUpbk-musBrFbutcwP_A:x-Fkhxiv3Z5j6oO6; Expires=Mon, 26-May-2025 20:35:27 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 27 May 2023 20:35:27 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneF1VfoPge7V7trQAf66dHSFqrflUO7Pq7VGuR6uzcVn-RFMXpCKPsYBG9ogSGDgXDJpvkrkgQ
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: unsafe-none
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-6cfRWRtOMaQihoY4Js9-eA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/binary
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pogothere.xyz/
172.64.132.29200 OK 27 B IP 172.64.132.29:443
Requested by https://upfilesurls.com/A9Vhu
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash e4a9e3f1b5306b7adf7396eab6a22caf
14e73ee1fce5588161f8246b813aa99a23bd3bdc
fbd9bb51d84eaf715de7a9ad5487038da4dca2be9912a8922003a42a87d67b3d
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 27 May 2023 20:35:27 GMT
content-type: text/plain
set-cookie: csu=1960530447602515@1@1685219727; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://upfilesurls.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QlHFQkOAu1AXxjy7fmZ%2F%2FSH7YYl%2BnEGGhNtg5cUDfjxtsz%2FeyLKz4MtFZUjBymkQ3d3ASEGhn4EjqHqWrSOLnY52KXDf%2FDVal9m07PlitBM5jw5HEF9Tx4r9f9QYROqd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce10b613da676a1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.132.29200 OK 102 kB IP 172.64.132.29:443
Requested by https://upfilesurls.com/A9Vhu
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
Size 102 kB (102400 bytes)
Hash 4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 27 May 2023 20:35:27 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://upfilesurls.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 3274
last-modified: Sat, 27 May 2023 19:40:53 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HvOeG%2BP%2Bfv6N3ttjZY9icW6BwKBEhbWyzWHqFqkV5rgCm2DQxUk3GJXzbLoeNXqWhRUFTwVSk9EFeXUw5GueIG7RSxj%2FbrEtsDA4uQIuCRa2osOiV1%2BTsGuauyND0rPV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce10b614db976a1-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
upfilesurls.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/938e2b5c/invisible.js
104.26.8.138200 OK 30 kB URL GET HTTP/2 upfilesurls.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/938e2b5c/invisible.js
IP 104.26.8.138:443
Requested by https://upfilesurls.com/A9Vhu
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
File type ASCII text, with very long lines (30004), with no line terminators
Hash 5b7c45b4f9bf05cda29847ce725ea4f7
e194b2364fbf5d7c6b2e060e9375b01aed0f1640
99aea520a4f97395049ba3a30b58105f2b1ac4bd3dc36d532163bc4793b2d661
Analyzer Verdict Alert fortinet Malware
GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/938e2b5c/invisible.js HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: auth=eyJpdiI6IlBnejdMaWIvQ2VrZlUwT0hCWkN6SFE9PSIsInZhbHVlIjoieXhPSUw5WnNPc0dIV051Tlc2RllyQT09IiwibWFjIjoiZWYyZTBlYjU1NzhiZDU5YjIyN2U1NmU0NzMwYTdjY2I4OTRmZWIzYzlhZGU1NzVmYzNiMGMzYmI3OGVhYzBkMSIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6InRiWjZLbmNYWldpVHdPcm5uQ0ZDUVE9PSIsInZhbHVlIjoiaEt1MkE4VU5CTi9mai9NQWpZbjhEenR3Q3FOWW0yZ0NNcTBXWW45V2ZyTUZYTjhpQlh4ZUIwcVBTZzAxUmFHWldFaWl2ZG13LzhQQS9FWXZnRkN3YWJPM2VyT00vQXV5bzIzaEpHcU9GbldYaGdTS0dSTFUwMTBDNUQrbGVzdHAiLCJtYWMiOiIyZTVhMDVlY2E1MDVkZjQyOTQ0MTcyMzM2ZWVjNTNmMjY0NmY4MTJiYTgxYmI0ZDIyZmRkMWIxMmEwNmVmMjY5IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InhsMkNaeUgwajhYaFQzdVZibyt1YkE9PSIsInZhbHVlIjoiR1lOMDJReU11L3Y4Ty9acVIvd3dBY0x6dDU0Z1NyVklad0lQeklLcUcvN2h5R2NGalV2eW80Zk5Cam1sUERFcGZBdEJ0TWFKMjVlNzJsSkxvUjZMbkR2Rkh3NEdtWWpWczhDUFFpUVJWQlI2WVA1OXZGRHB1WjZmdnM2b0xOMi8iLCJtYWMiOiIzOWI3NDM2NmQ4ZmYzMjQ1YzA4YTNjNTI3Zjk3MTIwZWI2YWZhNGM4MGU1MWY5ODIyZGE1NjZmNDY0MGI3NzUwIiwidGFnIjoiIn0%3D; ab=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 27 May 2023 20:35:27 GMT
content-type: application/javascript; charset=UTF-8
vary: accept-encoding
cache-control: max-age=14400, public
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nbOP4PRkJPmB%2BySET78ng5VZjeP1wcq4C36Y%2FtGGig1Rv%2Bqewp4JsO%2FN00s%2Bs2M0JjlXvOxrWdugv9xfOYduwL5YtW6Be0aJwIZz8%2F5SMo6kd7i%2FrRsWQab2Uv%2FgUKYP3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce10b5e8f230b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
upfilesurls.com/img/faqs-image.svg
104.26.8.138200 OK 38 kB URL GET HTTP/2 upfilesurls.com/img/faqs-image.svg
IP 104.26.8.138:443
Requested by https://upfilesurls.com/A9Vhu
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (4190)
Hash a60b7216905928c625ae9592044476cd
e70c5be728c7bd1198100337487aafe126834ca3
9a717285429d468fadc4d25179fc6feb49e6335f3af1675fb6be1cb50e7e8322
Analyzer Verdict Alert fortinet Malware
GET /img/faqs-image.svg HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/A9Vhu
Cookie: auth=eyJpdiI6IlBnejdMaWIvQ2VrZlUwT0hCWkN6SFE9PSIsInZhbHVlIjoieXhPSUw5WnNPc0dIV051Tlc2RllyQT09IiwibWFjIjoiZWYyZTBlYjU1NzhiZDU5YjIyN2U1NmU0NzMwYTdjY2I4OTRmZWIzYzlhZGU1NzVmYzNiMGMzYmI3OGVhYzBkMSIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6InRiWjZLbmNYWldpVHdPcm5uQ0ZDUVE9PSIsInZhbHVlIjoiaEt1MkE4VU5CTi9mai9NQWpZbjhEenR3Q3FOWW0yZ0NNcTBXWW45V2ZyTUZYTjhpQlh4ZUIwcVBTZzAxUmFHWldFaWl2ZG13LzhQQS9FWXZnRkN3YWJPM2VyT00vQXV5bzIzaEpHcU9GbldYaGdTS0dSTFUwMTBDNUQrbGVzdHAiLCJtYWMiOiIyZTVhMDVlY2E1MDVkZjQyOTQ0MTcyMzM2ZWVjNTNmMjY0NmY4MTJiYTgxYmI0ZDIyZmRkMWIxMmEwNmVmMjY5IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InhsMkNaeUgwajhYaFQzdVZibyt1YkE9PSIsInZhbHVlIjoiR1lOMDJReU11L3Y4Ty9acVIvd3dBY0x6dDU0Z1NyVklad0lQeklLcUcvN2h5R2NGalV2eW80Zk5Cam1sUERFcGZBdEJ0TWFKMjVlNzJsSkxvUjZMbkR2Rkh3NEdtWWpWczhDUFFpUVJWQlI2WVA1OXZGRHB1WjZmdnM2b0xOMi8iLCJtYWMiOiIzOWI3NDM2NmQ4ZmYzMjQ1YzA4YTNjNTI3Zjk3MTIwZWI2YWZhNGM4MGU1MWY5ODIyZGE1NjZmNDY0MGI3NzUwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 27 May 2023 20:35:26 GMT
content-type: image/svg+xml
last-modified: Fri, 13 Jan 2023 13:29:35 GMT
vary: Accept-Encoding
etag: W/"63c15cbf-95fb"
cache-control: max-age=2592000
cf-cache-status: HIT
age: 274947
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wy8lOiKjX7%2B84CQGKgSsmWpFsPxqXlcXXf0%2BTWg0KXv0WFEPNEZFGiYtVGxCWTVTOJ5I5ZwSMhA3%2FxQswmlGrX8aIW5vGbeCYeop%2BSrW5AnfnSzJXejYl%2FlDTHaqvIdnKA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce10b5a5b030b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
upfilesurls.com/cdn-cgi/challenge-platform/scripts/invisible.js
104.26.8.138302 Found 30 kB URL GET HTTP/2 upfilesurls.com/cdn-cgi/challenge-platform/scripts/invisible.js
IP 104.26.8.138:443
Requested by https://upfilesurls.com/A9Vhu
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /cdn-cgi/challenge-platform/scripts/invisible.js HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: auth=eyJpdiI6IlBnejdMaWIvQ2VrZlUwT0hCWkN6SFE9PSIsInZhbHVlIjoieXhPSUw5WnNPc0dIV051Tlc2RllyQT09IiwibWFjIjoiZWYyZTBlYjU1NzhiZDU5YjIyN2U1NmU0NzMwYTdjY2I4OTRmZWIzYzlhZGU1NzVmYzNiMGMzYmI3OGVhYzBkMSIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6InRiWjZLbmNYWldpVHdPcm5uQ0ZDUVE9PSIsInZhbHVlIjoiaEt1MkE4VU5CTi9mai9NQWpZbjhEenR3Q3FOWW0yZ0NNcTBXWW45V2ZyTUZYTjhpQlh4ZUIwcVBTZzAxUmFHWldFaWl2ZG13LzhQQS9FWXZnRkN3YWJPM2VyT00vQXV5bzIzaEpHcU9GbldYaGdTS0dSTFUwMTBDNUQrbGVzdHAiLCJtYWMiOiIyZTVhMDVlY2E1MDVkZjQyOTQ0MTcyMzM2ZWVjNTNmMjY0NmY4MTJiYTgxYmI0ZDIyZmRkMWIxMmEwNmVmMjY5IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InhsMkNaeUgwajhYaFQzdVZibyt1YkE9PSIsInZhbHVlIjoiR1lOMDJReU11L3Y4Ty9acVIvd3dBY0x6dDU0Z1NyVklad0lQeklLcUcvN2h5R2NGalV2eW80Zk5Cam1sUERFcGZBdEJ0TWFKMjVlNzJsSkxvUjZMbkR2Rkh3NEdtWWpWczhDUFFpUVJWQlI2WVA1OXZGRHB1WjZmdnM2b0xOMi8iLCJtYWMiOiIzOWI3NDM2NmQ4ZmYzMjQ1YzA4YTNjNTI3Zjk3MTIwZWI2YWZhNGM4MGU1MWY5ODIyZGE1NjZmNDY0MGI3NzUwIiwidGFnIjoiIn0%3D; ab=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sat, 27 May 2023 20:35:27 GMT
vary: accept-encoding
cache-control: max-age=300, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/938e2b5c/invisible.js
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qrAmKm3TI%2F3ZEB8R6U3l79AEjl80O6kfHtsRzfoR5HI9NdUpfAWHGves7OiJ4r0MzB9lDYnoaQPDWhwlq3Fkg%2BRhHi7XXvuKueRQzymMUi8ltuY%2BF%2B6RSJPPzMtlJQ6CRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce10b5e1ebe0b3d-OSL
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
216.58.207.237302 Found 0 B URL GET HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 216.58.207.237:443
Requested by https://upfilesurls.com/A9Vhu
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint6C:C9:34:01:32:00:11:F3:7A:E2:AA:FC:7C:E3:13:17:3D:17:71:8A
ValidityMon, 08 May 2023 08:25:19 GMT - Mon, 31 Jul 2023 08:25:18 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
set-cookie: __Host-GAPS=1:nF7lM2yBz8SSgLB8EWuwdjii4yIZVQ:BRORnwIMSCUaRZbp; Expires=Mon, 26-May-2025 20:35:27 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 27 May 2023 20:35:27 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneHlp73CUWrMSi3ylNQzxvnXAHAIL0AsS3T2dYYM16Xr47A7SG6JuP6tantDYzIk-00kzPbjOg
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: script-src 'nonce-IvO-9Bvrp3lzvTNynq0_Lw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, require-trusted-types-for 'script';report-uri /cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: unsafe-none
content-type: application/binary
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.132.29200 OK 102 kB IP 172.64.132.29:443
Requested by https://upfilesurls.com/A9Vhu
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
Size 102 kB (102400 bytes)
Hash 4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 27 May 2023 20:35:27 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://upfilesurls.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 3274
last-modified: Sat, 27 May 2023 19:40:53 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u4BEyQbwlYBG5Y0DH1Sjc6CrCMzYFXu6OtfhhaN3pMe%2B343zQEM%2FMl%2Bp6VA8ZPtTLYJz14KqDr2jw78EJLiQzDVxV3VEMSPCrAg9m4A1J%2BYNMGzxbeStCV1Jm%2BpZLFzN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce10b613da876a1-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
upfilesurls.com/js/ads.js
104.26.8.138200 OK 1.5 kB URL GET HTTP/2 upfilesurls.com/js/ads.js
IP 104.26.8.138:443
Requested by https://upfilesurls.com/A9Vhu
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
File type ASCII text, with very long lines (1551), with no line terminators
Hash 18062be5f40e561d47292c4c3e16e968
a527704208e4e365d0119360f6dd5fb1ce8eb3c8
63e619bf91f115635c5f302e9352cca845a7c498eaef9c2fee9b50a16001be37
Analyzer Verdict Alert fortinet Malware
GET /js/ads.js HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/A9Vhu
Cookie: auth=eyJpdiI6IlBnejdMaWIvQ2VrZlUwT0hCWkN6SFE9PSIsInZhbHVlIjoieXhPSUw5WnNPc0dIV051Tlc2RllyQT09IiwibWFjIjoiZWYyZTBlYjU1NzhiZDU5YjIyN2U1NmU0NzMwYTdjY2I4OTRmZWIzYzlhZGU1NzVmYzNiMGMzYmI3OGVhYzBkMSIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6InRiWjZLbmNYWldpVHdPcm5uQ0ZDUVE9PSIsInZhbHVlIjoiaEt1MkE4VU5CTi9mai9NQWpZbjhEenR3Q3FOWW0yZ0NNcTBXWW45V2ZyTUZYTjhpQlh4ZUIwcVBTZzAxUmFHWldFaWl2ZG13LzhQQS9FWXZnRkN3YWJPM2VyT00vQXV5bzIzaEpHcU9GbldYaGdTS0dSTFUwMTBDNUQrbGVzdHAiLCJtYWMiOiIyZTVhMDVlY2E1MDVkZjQyOTQ0MTcyMzM2ZWVjNTNmMjY0NmY4MTJiYTgxYmI0ZDIyZmRkMWIxMmEwNmVmMjY5IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InhsMkNaeUgwajhYaFQzdVZibyt1YkE9PSIsInZhbHVlIjoiR1lOMDJReU11L3Y4Ty9acVIvd3dBY0x6dDU0Z1NyVklad0lQeklLcUcvN2h5R2NGalV2eW80Zk5Cam1sUERFcGZBdEJ0TWFKMjVlNzJsSkxvUjZMbkR2Rkh3NEdtWWpWczhDUFFpUVJWQlI2WVA1OXZGRHB1WjZmdnM2b0xOMi8iLCJtYWMiOiIzOWI3NDM2NmQ4ZmYzMjQ1YzA4YTNjNTI3Zjk3MTIwZWI2YWZhNGM4MGU1MWY5ODIyZGE1NjZmNDY0MGI3NzUwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 27 May 2023 20:35:26 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-bgj: minify
etag: W/"63baab19-608"
last-modified: Sun, 08 Jan 2023 11:38:01 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding
cf-cache-status: HIT
age: 435143
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TpkarXDDUf5UZhOnycn5a%2FB3385CW%2FbrBefRStybJdVGYB7AxfwJ%2B%2FZMQzODKnQLhBZN8Zh9lpxlB%2BmAO36K4HO1q7BpWC1M4%2Fd%2FCkfZk7NfEtsVt69Bs9ae0btNhkM2sw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce10b5a5b050b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
etheappyrincea.info/utx?cb=DqWzHNep8ab8&top=upfilesurls.com&tid=978153
54.230.111.56204 No Content 0 B URL GET HTTP/2 etheappyrincea.info/utx?cb=DqWzHNep8ab8&top=upfilesurls.com&tid=978153
IP 54.230.111.56:443
Requested by https://upfilesurls.com/A9Vhu
Certificate IssuerAmazon
Subjectetheappyrincea.info
FingerprintCA:17:98:7B:06:0A:D6:B9:7E:AA:96:FD:C8:F2:25:18:71:71:A8:4E
ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 02 Jun 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=DqWzHNep8ab8&top=upfilesurls.com&tid=978153 HTTP/1.1
Host: etheappyrincea.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Sat, 27 May 2023 20:35:27 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://upfilesurls.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sat, 27 May 2023 20:36:27 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bCZoD3iUxgCRRKNENoZee0SWzttt0Hrh_o9mUdkn5AsCgSBTbPSTzg==
X-Firefox-Spdy: h2