d18kg2zy9x3t96.cloudfront.net/?yzgkd=978153
200 OK 116 kB URL GET HTTP/2 d18kg2zy9x3t96.cloudfront.net/?yzgkd=978153
IP
Requested by https://upfilesurls.com/A62O
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (15948)
Size 116 kB (115486 bytes)
Hash ed337ae6922a02f519634ca78ab41c6b
5aa1441a86242eb1b214f8e9348481865f8ee85b
a76db0c8abbba4287f5c2042b818f404836911846c4e70f1b550f2f7ff1a1604
GET /?yzgkd=978153 HTTP/1.1
Host: d18kg2zy9x3t96.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 115486
date: Sun, 28 May 2023 16:59:32 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GFVO_bDhHPRhpA44mZFcKFdaqlupbg4MCydf6vZMEiDwHXpA5QvK9Q==
age: 845
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
472 B IP
Hash bf41763493034cf0721a38e55b1b3ddc
286ada2e9811dec033e7c630fa0c33a036771ae1
8bb566767ad110bd2452aca59b4190694cce97ab9601de46067d8643efaad86d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 28 May 2023 17:13:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
upfilesurls.com/A62O?auth=eyJpdiI6IjV4T3hvTEszbTNLVndWekJFM3F6N3c9PSIsInZhbHVlIjoiUVBHNGZpRXQxUnpUWVVHZTlQcDdyUT09IiwibWFjIjoiN2FlZmI0ZGM1MDkzOWJkYmYwYmEzOGFiMzhmNWI1NjlmMTc0ZjE3NDI3ZTU3MDRiNTE3ZmEzM2E4YzgxNzAwZSIsInRhZyI6IiJ9
302 Found 84 kB URL User Request GET HTTP/2 upfilesurls.com/A62O?auth=eyJpdiI6IjV4T3hvTEszbTNLVndWekJFM3F6N3c9PSIsInZhbHVlIjoiUVBHNGZpRXQxUnpUWVVHZTlQcDdyUT09IiwibWFjIjoiN2FlZmI0ZGM1MDkzOWJkYmYwYmEzOGFiMzhmNWI1NjlmMTc0ZjE3NDI3ZTU3MDRiNTE3ZmEzM2E4YzgxNzAwZSIsInRhZyI6IiJ9
IP
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
Hash e09575e421e398bb8f34f60c42ff7fc9
d29200e6964cefd2adea887803ecc7d5e3c039ae
16efa975b65a52319fc70326677a1f5bf75439d7bdb71746924f304b70f17302
GET /A62O?auth=eyJpdiI6IjV4T3hvTEszbTNLVndWekJFM3F6N3c9PSIsInZhbHVlIjoiUVBHNGZpRXQxUnpUWVVHZTlQcDdyUT09IiwibWFjIjoiN2FlZmI0ZGM1MDkzOWJkYmYwYmEzOGFiMzhmNWI1NjlmMTc0ZjE3NDI3ZTU3MDRiNTE3ZmEzM2E4YzgxNzAwZSIsInRhZyI6IiJ9 HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sun, 28 May 2023 17:13:36 GMT
content-type: text/html; charset=UTF-8
location: https://upfilesurls.com/A62O
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: auth=eyJpdiI6IjV4T3hvTEszbTNLVndWekJFM3F6N3c9PSIsInZhbHVlIjoiUVBHNGZpRXQxUnpUWVVHZTlQcDdyUT09IiwibWFjIjoiN2FlZmI0ZGM1MDkzOWJkYmYwYmEzOGFiMzhmNWI1NjlmMTc0ZjE3NDI3ZTU3MDRiNTE3ZmEzM2E4YzgxNzAwZSIsInRhZyI6IiJ9; path=/; secure; httponly; samesite=lax
XSRF-TOKEN=eyJpdiI6IkczSzdRV3dvYm5LWUdCY3dmQmJzeUE9PSIsInZhbHVlIjoiNjZvN0VnaGVJQ2gva3dXL3IwaTVISGliMkVCTkpaK0crK0xLRWVFUjJtemVuSlBENUpHWDJsSk5PNkUyU1BmVW1paXJ4bmxhVkFzcmlqWXNyYW1UU05keE5BR2UrdzRZQzVGK1VlUnJsYnhXYjVWRDgxYnQrZENKTVZLVURncWYiLCJtYWMiOiI4ZTdjNzE5ZWRkZjk0MjUyMmJjYzkwOGVhMTQ0M2JkY2Y1ZjcxNDY4ZTc4M2E2NjA2OTljYjM3MmI4ZWQ0NWU4IiwidGFnIjoiIn0%3D; expires=Sun, 28-May-2023 19:13:36 GMT; Max-Age=7200; path=/; samesite=lax
upfiles_session=eyJpdiI6ImMybWIrQVN2UDMyUi80aGZhSmxJc3c9PSIsInZhbHVlIjoiaitJVm43WDRXSis3WGdZSGprL3IwN1BVcHZERmNsU3pHRlVZOHRMWWw5YXZEbmR3alVmQytoeTdCVW15MUFJdWtZUmVSUXY3bElDN0FsbEV6QTJxMktoOTlucnhGZ3ExN0JxK3lQeTFHVGZ6c3ZQbTRWQmhNVU9wSHkvMEMrMkIiLCJtYWMiOiJlMDAzOTU2NjhkZDJiYjhmYjhjYTJmZGFlNDQ0MmEwNzQ4YTIzMjdkMDIzNTQwZDA1MGJmM2YxNTcwN2ZiM2Q2IiwidGFnIjoiIn0%3D; expires=Sun, 28-May-2023 19:13:36 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mv%2B4rQop%2BonrHyyM9voKjyBMxbNURJplEjUBIZhpaDO8nrODsxQSolI830jPJn17BAwwuxfzDKcHcg2wvoBDWy%2FV1NuThLc8BDAioyU3j4lJbANh%2FiU18QaiwWqusbnU7w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce821152a281c06-OSL
X-Firefox-Spdy: h2
cschyogh.com/1clkn/34742
200 OK 26 B IP
Requested by https://upfilesurls.com/A62O
Certificate IssuerLet's Encrypt
Subjectcschyogh.com
Fingerprint11:EA:50:D5:5D:23:86:84:0B:BF:DE:7F:B7:02:00:1B:51:CD:36:58
ValidityFri, 19 May 2023 23:43:21 GMT - Thu, 17 Aug 2023 23:43:20 GMT
File type ASCII text, with no line terminators
Hash 9082dc37e5e8046929da411544ad071a
41e0e3963ed94e59e8a2f115994c382712411537
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
GET /1clkn/34742 HTTP/1.1
Host: cschyogh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 28 May 2023 17:13:37 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Set-Cookie: GL_UI4=eJw9jU1Sg0AQhSH8RQ1oV3EAj8AQMcnSTVbegZphGhwD06lmQuLtHa3S3fteffVeEASr8hHCJY0husgGnl8aXe97Ve31tsZq34vda9UoIbp6u1PycIA7M7dOqhFdDOt5kuxat8SwGdAim67tSGMOT976a06WrjaGRLG0Oodk8saYQ6aYrjNyGUFs5YSQHQ1jTzdvyE9iiIQQPhvrc1jBiuYyKu4heTf2cis2aVAUaQAP51G6nnhqjfaYDCw1QvgG6046HIi%2FINM4nxydAWjU7b%2F%2Fe5qMP2uQalxM55HcB%2FI3ouZOdQ%3D%3D; expires=Mon, 29-May-2023 17:13:37 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJw9i8sKwjAURGuUYNVWBvwAf8D6QBdu1aXUhbgOtd6WYM0tTXzUr%2FcFruYwc8bzPDEIIXSJ3nIaLSfRfBZNF3M0c2KIeIdeylfjqlqZ5EKQMVf3pIasKNdsAnR%2FoFI%2BETrxbnQwZ8N38x8%2BtwCtVLs6gP%2BJrxu20dS2RLgq9GO45%2BLq3raFb8gpWxKd4K%2BTY0HjzX6L8N9%2Bz7KBtraqrPhRv7nv9IWebEhxlllyUqBxk%2BIFsdRBIw%3D%3D; expires=Mon, 29-May-2023 17:13:37 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
ocsp.pki.goog/gts1c3
472 B IP
Hash 5eb2d0db01496946784367a1c6a22c28
2d0a58aa819ca13f208af62e0c21996bd123de9f
8c16e79ed32ccf5baf793a07ad6128fa85ea0f0877da7da7145ae6a33e811a1a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 28 May 2023 17:13:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
472 B IP
Hash 7dab4959b73106e9c3e554438411e252
3c67accef8029c644b263f937e528312a5587c51
eba66315abb8b400c8bd317cae435da5feba7d4d676706a2befa511ebd98413a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 28 May 2023 17:13:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
472 B IP
Hash 5eb2d0db01496946784367a1c6a22c28
2d0a58aa819ca13f208af62e0c21996bd123de9f
8c16e79ed32ccf5baf793a07ad6128fa85ea0f0877da7da7145ae6a33e811a1a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 28 May 2023 17:13:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
472 B IP
Hash bb63f1caaf551e76a88f326c8db516ce
513533cccfb522767abf37082518f766adc3c070
cfe2e32528181d9ff75d3946d789811d6d2c71e153c39aa72c0a586b922ebeb7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 28 May 2023 17:13:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
472 B IP
Hash bb63f1caaf551e76a88f326c8db516ce
513533cccfb522767abf37082518f766adc3c070
cfe2e32528181d9ff75d3946d789811d6d2c71e153c39aa72c0a586b922ebeb7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 28 May 2023 17:13:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
472 B IP
Hash bb63f1caaf551e76a88f326c8db516ce
513533cccfb522767abf37082518f766adc3c070
cfe2e32528181d9ff75d3946d789811d6d2c71e153c39aa72c0a586b922ebeb7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 28 May 2023 17:13:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
472 B IP
Hash bb63f1caaf551e76a88f326c8db516ce
513533cccfb522767abf37082518f766adc3c070
cfe2e32528181d9ff75d3946d789811d6d2c71e153c39aa72c0a586b922ebeb7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 28 May 2023 17:13:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdntechone.com/stattag.js
200 OK 7.2 kB URL GET HTTP/2 cdntechone.com/stattag.js
IP
Requested by https://upfilesurls.com/A62O
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint22:B1:48:87:A8:EF:B2:9B:65:EB:D6:C6:FD:8D:EF:A7:A7:DE:52:29
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT
File type ASCII text, with very long lines (17871)
Hash 0fdff67feab23cc69ecfb6800fc54cb7
eb84c650e6d27e290795207b1f37dd7b67f2aa06
456e420aecd5ac679cc2bcb33daf7c063f54894fd076e99e05c06629234d3378
GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 17:13:37 GMT
content-type: application/javascript
last-modified: Fri, 19 May 2023 08:43:53 GMT
etag: W/"646736c9-4859"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 4380
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eUNKJKzI2NGUriR2sUZyvBe%2F35vHDMoZUbs7ugpYrAH4K3PbgSMh6ssbJWJ4EFaIdp1qxfAaMM715FVtpYbix23l%2B5C6lXVx0wlcT7PxCm5lyL73M%2BUMwsQ8f2Srqpp9wg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce8211b1bc8b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
upfilesurls.com/img/faqs-image.svg
200 OK 13 kB URL GET HTTP/2 upfilesurls.com/img/faqs-image.svg
IP
Requested by https://upfilesurls.com/A62O
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (4190)
Hash a60b7216905928c625ae9592044476cd
e70c5be728c7bd1198100337487aafe126834ca3
9a717285429d468fadc4d25179fc6feb49e6335f3af1675fb6be1cb50e7e8322
Analyzer Verdict Alert fortinet Malware
GET /img/faqs-image.svg HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/A62O
Cookie: auth=eyJpdiI6IjV4T3hvTEszbTNLVndWekJFM3F6N3c9PSIsInZhbHVlIjoiUVBHNGZpRXQxUnpUWVVHZTlQcDdyUT09IiwibWFjIjoiN2FlZmI0ZGM1MDkzOWJkYmYwYmEzOGFiMzhmNWI1NjlmMTc0ZjE3NDI3ZTU3MDRiNTE3ZmEzM2E4YzgxNzAwZSIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6ImRUcUEvWWNCaTN6NUtYZHpOQkZ5elE9PSIsInZhbHVlIjoiS0ptWXZVZ3dzbzlBYk1PQ3o4RUpaRVI0RFh1bXp3bWNrQ1RtYmlHTzg3ck1lcURSUzFIbmw5MUptS1lyc1pDYnFaOXIydU0vQXZUQmJ5QlU5c3g2U2NmOW9naVpFUEZGZUt1ajEyb1dkakZ3ZDZRak5zUkdzSitPbU9nODdueHQiLCJtYWMiOiIwYTA4ZjVlYjU4NWRiMGZhODUzY2I5MTIwM2IzM2JhOTE1ODYxNWVmZThiMGRlM2M4MmYwMTRiZjI2YTVlMGE0IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6Ik1NMi9PMUJRek1PcDZNNVBvUEZER0E9PSIsInZhbHVlIjoiV1g1UFdWa0tqMngwNHE3Mmp0V2F2Q09PM3lTaTBvcWduT0VyTThzMElFZVIzQnN4amtsVmdQN0FQd0MrbVduc25Vb2JrRG5zQXVKWE81cmJhdjFYdkRnUzVGWWlsNmkwRzZ2QUxPVCtKejlURUxvMTV3QUhsOExVdWNSeHNwZHAiLCJtYWMiOiI5M2ZmY2I5ZTBkNGYwZGU3NTZiZTM0ODcxZGQ1MTUzMGUxZjkyZjNkNzlkNGI2OWU5YWNmOWJlNWI0OGYzYTZjIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 28 May 2023 17:13:37 GMT
content-type: image/svg+xml
last-modified: Fri, 13 Jan 2023 13:29:35 GMT
vary: Accept-Encoding
etag: W/"63c15cbf-95fb"
cache-control: max-age=2592000
cf-cache-status: HIT
age: 349238
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J8LSQIDehn5%2Fs%2FuZ1hqpoP3uTqmOPpCaeGK4R8AQO7UIYNdpIEIr%2FjdWXHPl5aP5ZdJRmo94l2OYnKNITdeusKxvWR5xy7fdFKc79K44bt4XKCz5jAnbO96AcL1IdoUy7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce821190f651c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
200 OK 38 kB URL GET HTTP/2 fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP
Requested by https://upfilesurls.com/A62O
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 37924, version 1.0\012- data
Hash e08be6d5d433944f7ad52902e4d24db5
e2600c1d60d12d397b3ee44411a021231d71e974
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
GET /s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 37924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 May 2023 03:18:14 GMT
expires: Sun, 26 May 2024 03:18:14 GMT
cache-control: public, max-age=31536000
age: 136523
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
upfilesurls.com/img/plane.svg
200 OK 38 kB URL GET HTTP/2 upfilesurls.com/img/plane.svg
IP
Requested by https://upfilesurls.com/A62O
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (580)
Hash 4f25968fc51a5e49dc1ea503d5d60e38
4221937e757eb15329dbc318092c9058044c5f73
d454583aa343d4c8aa4e42c0876b20e60c20c0b89284e4ef0c662d0426c18254
Analyzer Verdict Alert fortinet Malware
GET /img/plane.svg HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/A62O
Cookie: auth=eyJpdiI6IjV4T3hvTEszbTNLVndWekJFM3F6N3c9PSIsInZhbHVlIjoiUVBHNGZpRXQxUnpUWVVHZTlQcDdyUT09IiwibWFjIjoiN2FlZmI0ZGM1MDkzOWJkYmYwYmEzOGFiMzhmNWI1NjlmMTc0ZjE3NDI3ZTU3MDRiNTE3ZmEzM2E4YzgxNzAwZSIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6ImRUcUEvWWNCaTN6NUtYZHpOQkZ5elE9PSIsInZhbHVlIjoiS0ptWXZVZ3dzbzlBYk1PQ3o4RUpaRVI0RFh1bXp3bWNrQ1RtYmlHTzg3ck1lcURSUzFIbmw5MUptS1lyc1pDYnFaOXIydU0vQXZUQmJ5QlU5c3g2U2NmOW9naVpFUEZGZUt1ajEyb1dkakZ3ZDZRak5zUkdzSitPbU9nODdueHQiLCJtYWMiOiIwYTA4ZjVlYjU4NWRiMGZhODUzY2I5MTIwM2IzM2JhOTE1ODYxNWVmZThiMGRlM2M4MmYwMTRiZjI2YTVlMGE0IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6Ik1NMi9PMUJRek1PcDZNNVBvUEZER0E9PSIsInZhbHVlIjoiV1g1UFdWa0tqMngwNHE3Mmp0V2F2Q09PM3lTaTBvcWduT0VyTThzMElFZVIzQnN4amtsVmdQN0FQd0MrbVduc25Vb2JrRG5zQXVKWE81cmJhdjFYdkRnUzVGWWlsNmkwRzZ2QUxPVCtKejlURUxvMTV3QUhsOExVdWNSeHNwZHAiLCJtYWMiOiI5M2ZmY2I5ZTBkNGYwZGU3NTZiZTM0ODcxZGQ1MTUzMGUxZjkyZjNkNzlkNGI2OWU5YWNmOWJlNWI0OGYzYTZjIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 28 May 2023 17:13:37 GMT
content-type: image/svg+xml
last-modified: Fri, 13 Jan 2023 13:29:35 GMT
vary: Accept-Encoding
etag: W/"63c15cbf-2ac"
cache-control: max-age=2592000
cf-cache-status: HIT
age: 349238
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9tdssGG06IlmG%2FY4ITs5uBs17HpmvIg5lPmISUdPVzGzduF2bKhxQc%2FioYzq1qDUcoG3DSXfJpYJqV62Tp8p3MFZbxwY5OJlaS5NVcARqjDooZstLiPTevKkFFSR1SNT%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce821190f6a1c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
upfilesurls.com/img/menu.svg
200 OK 16 kB URL GET HTTP/2 upfilesurls.com/img/menu.svg
IP
Requested by https://upfilesurls.com/A62O
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text
Hash e194fab3eea9f00d5a3814c4df00ac8c
4a9760c8ec110364d025527e26730e78ae0b3ac0
3d3e6705b468cecdd78fb9a1ee6688d60e1d2c1caa0db7baa88db460315dccea
Analyzer Verdict Alert fortinet Malware
GET /img/menu.svg HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/A62O
Cookie: auth=eyJpdiI6IjV4T3hvTEszbTNLVndWekJFM3F6N3c9PSIsInZhbHVlIjoiUVBHNGZpRXQxUnpUWVVHZTlQcDdyUT09IiwibWFjIjoiN2FlZmI0ZGM1MDkzOWJkYmYwYmEzOGFiMzhmNWI1NjlmMTc0ZjE3NDI3ZTU3MDRiNTE3ZmEzM2E4YzgxNzAwZSIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6ImRUcUEvWWNCaTN6NUtYZHpOQkZ5elE9PSIsInZhbHVlIjoiS0ptWXZVZ3dzbzlBYk1PQ3o4RUpaRVI0RFh1bXp3bWNrQ1RtYmlHTzg3ck1lcURSUzFIbmw5MUptS1lyc1pDYnFaOXIydU0vQXZUQmJ5QlU5c3g2U2NmOW9naVpFUEZGZUt1ajEyb1dkakZ3ZDZRak5zUkdzSitPbU9nODdueHQiLCJtYWMiOiIwYTA4ZjVlYjU4NWRiMGZhODUzY2I5MTIwM2IzM2JhOTE1ODYxNWVmZThiMGRlM2M4MmYwMTRiZjI2YTVlMGE0IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6Ik1NMi9PMUJRek1PcDZNNVBvUEZER0E9PSIsInZhbHVlIjoiV1g1UFdWa0tqMngwNHE3Mmp0V2F2Q09PM3lTaTBvcWduT0VyTThzMElFZVIzQnN4amtsVmdQN0FQd0MrbVduc25Vb2JrRG5zQXVKWE81cmJhdjFYdkRnUzVGWWlsNmkwRzZ2QUxPVCtKejlURUxvMTV3QUhsOExVdWNSeHNwZHAiLCJtYWMiOiI5M2ZmY2I5ZTBkNGYwZGU3NTZiZTM0ODcxZGQ1MTUzMGUxZjkyZjNkNzlkNGI2OWU5YWNmOWJlNWI0OGYzYTZjIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 28 May 2023 17:13:37 GMT
content-type: image/svg+xml
last-modified: Tue, 24 Jan 2023 16:39:42 GMT
vary: Accept-Encoding
etag: W/"63d009ce-72e"
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 349238
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k6Za%2BCg6dk7vAAJMP2EBpWqCmdyXhMi%2Fu0%2Bz2qGzlh35e69FISvyqWnH%2BUscUfnKrikP1lD%2FW66Jw1u1w2o2Z0aLrBVdHyEiqN6fKyzRy0ussvrWZpTsMXhl8S%2FZX7xOTw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce82118ff591c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap
200 OK 2.1 kB URL GET HTTP/2 fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap
IP
Requested by https://upfilesurls.com/A62O
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C
ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT
File type ASCII text, with very long lines (3028)
Hash 54ad1a350f43f4501d3510423086f778
d4a8224952a2740a981e8ee3c16c439971a3a1fb
759e716c4bd0e19ce685b653d90ad569f58466db5aa1d03ff4ea1a1df0b75b2a
GET /css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 28 May 2023 17:13:37 GMT
date: Sun, 28 May 2023 17:13:37 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
upfilesurls.com/css/frontend.css?id=2396ffb76e738e465b53
200 OK 86 kB URL GET HTTP/2 upfilesurls.com/css/frontend.css?id=2396ffb76e738e465b53
IP
Requested by https://upfilesurls.com/A62O
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash cf7148de68c4ff76f21e2200b67fd8c4
ace4770fa2d643e676bccca417f7880c8a6565dd
e51161fcc5b2c4b90c3381e517152eb275d52a6c288954e502479d7421386240
GET /css/frontend.css?id=2396ffb76e738e465b53 HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/A62O
Cookie: auth=eyJpdiI6IjV4T3hvTEszbTNLVndWekJFM3F6N3c9PSIsInZhbHVlIjoiUVBHNGZpRXQxUnpUWVVHZTlQcDdyUT09IiwibWFjIjoiN2FlZmI0ZGM1MDkzOWJkYmYwYmEzOGFiMzhmNWI1NjlmMTc0ZjE3NDI3ZTU3MDRiNTE3ZmEzM2E4YzgxNzAwZSIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6ImRUcUEvWWNCaTN6NUtYZHpOQkZ5elE9PSIsInZhbHVlIjoiS0ptWXZVZ3dzbzlBYk1PQ3o4RUpaRVI0RFh1bXp3bWNrQ1RtYmlHTzg3ck1lcURSUzFIbmw5MUptS1lyc1pDYnFaOXIydU0vQXZUQmJ5QlU5c3g2U2NmOW9naVpFUEZGZUt1ajEyb1dkakZ3ZDZRak5zUkdzSitPbU9nODdueHQiLCJtYWMiOiIwYTA4ZjVlYjU4NWRiMGZhODUzY2I5MTIwM2IzM2JhOTE1ODYxNWVmZThiMGRlM2M4MmYwMTRiZjI2YTVlMGE0IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6Ik1NMi9PMUJRek1PcDZNNVBvUEZER0E9PSIsInZhbHVlIjoiV1g1UFdWa0tqMngwNHE3Mmp0V2F2Q09PM3lTaTBvcWduT0VyTThzMElFZVIzQnN4amtsVmdQN0FQd0MrbVduc25Vb2JrRG5zQXVKWE81cmJhdjFYdkRnUzVGWWlsNmkwRzZ2QUxPVCtKejlURUxvMTV3QUhsOExVdWNSeHNwZHAiLCJtYWMiOiI5M2ZmY2I5ZTBkNGYwZGU3NTZiZTM0ODcxZGQ1MTUzMGUxZjkyZjNkNzlkNGI2OWU5YWNmOWJlNWI0OGYzYTZjIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 28 May 2023 17:13:37 GMT
content-type: text/css
cf-bgj: minify
etag: W/"63a354a4-3f918"
last-modified: Wed, 21 Dec 2022 18:47:00 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cache-control: max-age=14400
cf-cache-status: HIT
age: 13310439
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MwTGO1yGIa%2B8N1FkJgPO%2B5vpJ7XuQo39RDHhJpEM4OlTI4E0qv09gJ%2ByWKes9ddRBIH%2B3KifD9UlCaJcIToiW7nXgZgsFKhHhvtETvlQzJrQJqk0EY52aJ20HUUGN7JK2w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce82118ff551c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
Requested by https://upfilesurls.com/A62O
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 21:39:40 GMT
expires: Wed, 22 May 2024 21:39:40 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 416037
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
Requested by https://upfilesurls.com/A62O
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 May 2023 07:44:41 GMT
expires: Sun, 26 May 2024 07:44:41 GMT
cache-control: public, max-age=31536000
age: 120536
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adthereissome.info/UkphR20zKAIqUjN3A2EYICZcYl8Ub1MBCWNyCiBfKDNYP14mc1dpDj4lFCMLICUPM0M8LxViXxQIMxMFPh9QIAAEPRJ2NygMMwY6ZyICIBUGEzY/BwciOH8jOB8nCSk1HSd3GhsFDHcnBBtRdSE1eiMWFDEjKBY7BC41FgYELSsyCzsINgUAZzo4dgYQBzYRFRoiJC0jK34nDzk1Pi0rKAEaInMfCg8sKiIKIjcEBDkyKhE8Fy4MKCkWHxUtCwopKBM+JjoFBVwFDzl2XhELCnEjOAggFioUJTEWLwYOJnIVGhw4FQsKKSgBFARzBSkBBxNTAR8RD0w/XzMkNyEsFgsbDAVjEicQHWMJNxEHMxI0DTwVDA4OXBcSLy1ZIxskBQUaJDANOxp7Dh5dYxM4IEs4OQ4pHW8bCgk/JicIciE/IgQxJWs
200 OK 1.2 kB URL GET HTTP/2 adthereissome.info/UkphR20zKAIqUjN3A2EYICZcYl8Ub1MBCWNyCiBfKDNYP14mc1dpDj4lFCMLICUPM0M8LxViXxQIMxMFPh9QIAAEPRJ2NygMMwY6ZyICIBUGEzY/BwciOH8jOB8nCSk1HSd3GhsFDHcnBBtRdSE1eiMWFDEjKBY7BC41FgYELSsyCzsINgUAZzo4dgYQBzYRFRoiJC0jK34nDzk1Pi0rKAEaInMfCg8sKiIKIjcEBDkyKhE8Fy4MKCkWHxUtCwopKBM+JjoFBVwFDzl2XhELCnEjOAggFioUJTEWLwYOJnIVGhw4FQsKKSgBFARzBSkBBxNTAR8RD0w/XzMkNyEsFgsbDAVjEicQHWMJNxEHMxI0DTwVDA4OXBcSLy1ZIxskBQUaJDANOxp7Dh5dYxM4IEs4OQ4pHW8bCgk/JicIciE/IgQxJWs
IP
Requested by https://upfilesurls.com/A62O
Certificate IssuerAmazon
Subjectadthereissome.info
Fingerprint21:40:7C:A8:E9:22:33:8E:6F:E6:0A:C2:79:2F:18:FD:76:73:C9:7E
ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 02 Jun 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3028), with no line terminators
Hash abb2bda35417b04793ae377f915b0ecf
49151dd2f5b798799cee406ef2b497fcbe3702f9
dc34ce999fe3c93bfcece0f4a0a5d6a0e1c03d873a89eb345fd51ff937edf4c7
GET /UkphR20zKAIqUjN3A2EYICZcYl8Ub1MBCWNyCiBfKDNYP14mc1dpDj4lFCMLICUPM0M8LxViXxQIMxMFPh9QIAAEPRJ2NygMMwY6ZyICIBUGEzY/BwciOH8jOB8nCSk1HSd3GhsFDHcnBBtRdSE1eiMWFDEjKBY7BC41FgYELSsyCzsINgUAZzo4dgYQBzYRFRoiJC0jK34nDzk1Pi0rKAEaInMfCg8sKiIKIjcEBDkyKhE8Fy4MKCkWHxUtCwopKBM+JjoFBVwFDzl2XhELCnEjOAggFioUJTEWLwYOJnIVGhw4FQsKKSgBFARzBSkBBxNTAR8RD0w/XzMkNyEsFgsbDAVjEicQHWMJNxEHMxI0DTwVDA4OXBcSLy1ZIxskBQUaJDANOxp7Dh5dYxM4IEs4OQ4pHW8bCgk/JicIciE/IgQxJWs HTTP/1.1
Host: adthereissome.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1182
date: Sun, 28 May 2023 17:13:37 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 5c2d36b0430d7877f1609d99fe01caa8.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: fOE_3pv_mrjZnPk7HsuutQZmS5u4T1k61r4NMiHVAcI80xV7yyICnQ==
X-Firefox-Spdy: h2
gforanythingamgl.info/MHQ4YkwfS1sRcVQidhcfAxx6OxoBDWwJGkIjYFMDZCNcAyllRB4WJVRJAVV4BkYMRDxZEAVTakMAWRY5Q0kJRCVeEldfakZJCUx/BFoLUGICUk1ffRYASAMrDUUeEjhEGAVTeghBClt4AEUPVnUH
204 No Content 0 B URL GET HTTP/2 gforanythingamgl.info/MHQ4YkwfS1sRcVQidhcfAxx6OxoBDWwJGkIjYFMDZCNcAyllRB4WJVRJAVV4BkYMRDxZEAVTakMAWRY5Q0kJRCVeEldfakZJCUx/BFoLUGICUk1ffRYASAMrDUUeEjhEGAVTeghBClt4AEUPVnUH
IP
Requested by https://upfilesurls.com/A62O
Certificate IssuerGoogle Trust Services LLC
Subjectgforanythingamgl.info
Fingerprint5E:50:F4:C2:4F:D9:85:4E:40:F6:9A:2E:AC:04:DE:C2:79:BB:A8:74
ValidityFri, 05 May 2023 13:46:21 GMT - Thu, 03 Aug 2023 13:46:20 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /MHQ4YkwfS1sRcVQidhcfAxx6OxoBDWwJGkIjYFMDZCNcAyllRB4WJVRJAVV4BkYMRDxZEAVTakMAWRY5Q0kJRCVeEldfakZJCUx/BFoLUGICUk1ffRYASAMrDUUeEjhEGAVTeghBClt4AEUPVnUH HTTP/1.1
Host: gforanythingamgl.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Sun, 28 May 2023 17:13:38 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TUv%2FZOpozGuwBIY4BTZ6QV886kAjZJJLDiwYD2Dte4oxBWbnb9fy0JXjhvxK6VIEWbbORT2vjnJxbXrch8GpqcFFvhRia4GC2ebvCCxAknZYdhXnyy0JdvCEhatzDb%2BPWV7E6HwNGEg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce8211c1a56fabc-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
adthereissome.info/eFpkSm0ZOAcnUhlnBmwYCjZZb18+f1YMCUliDy1fAiNdMl4MY1JkDhQ1ES4LCjUKPkMWPxBvXz4XMyEZMzggE1gyGTUBLituDQYBPQo9JFROAgMMVTEODw46OypWCD4uAi8iIBkMM3MdNDcTEzk8b1YvBgg7KzM4DA82C0hKHC4ZASoYVz0cND1QBg8VakF4KzwLF3knPBsiHQchKwZ7WA84VhxbKws2OzQCEAAIXkFuJw8GPTsNKQc5MSkjDxYyBx4AMmMiHAI7PFctJCsLNjsiLCIuCD8MbAEmOCE7CQAbID09cyERMSwdNUFvIAxZPztXPlsgCz44DxZ3DCk4PBdRBhoIAC0nWEwRAy4fHTc2KSg7Y1YvGl4wFyUDCGcrAwwIAjRzNEs/
200 OK 1.2 kB URL GET HTTP/2 adthereissome.info/eFpkSm0ZOAcnUhlnBmwYCjZZb18+f1YMCUliDy1fAiNdMl4MY1JkDhQ1ES4LCjUKPkMWPxBvXz4XMyEZMzggE1gyGTUBLituDQYBPQo9JFROAgMMVTEODw46OypWCD4uAi8iIBkMM3MdNDcTEzk8b1YvBgg7KzM4DA82C0hKHC4ZASoYVz0cND1QBg8VakF4KzwLF3knPBsiHQchKwZ7WA84VhxbKws2OzQCEAAIXkFuJw8GPTsNKQc5MSkjDxYyBx4AMmMiHAI7PFctJCsLNjsiLCIuCD8MbAEmOCE7CQAbID09cyERMSwdNUFvIAxZPztXPlsgCz44DxZ3DCk4PBdRBhoIAC0nWEwRAy4fHTc2KSg7Y1YvGl4wFyUDCGcrAwwIAjRzNEs/
IP
Requested by https://upfilesurls.com/A62O
Certificate IssuerAmazon
Subjectadthereissome.info
Fingerprint21:40:7C:A8:E9:22:33:8E:6F:E6:0A:C2:79:2F:18:FD:76:73:C9:7E
ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 02 Jun 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2995), with no line terminators
Hash e7fb268432ad4ac510ad9f6b4d1f9350
d7a88ea8b77a2aeec8886cd56d08c019455c341b
1fd3589728d2e4f144366ce6c217a2dd90ec416a023b2b7575ada00af730d9dd
GET /eFpkSm0ZOAcnUhlnBmwYCjZZb18+f1YMCUliDy1fAiNdMl4MY1JkDhQ1ES4LCjUKPkMWPxBvXz4XMyEZMzggE1gyGTUBLituDQYBPQo9JFROAgMMVTEODw46OypWCD4uAi8iIBkMM3MdNDcTEzk8b1YvBgg7KzM4DA82C0hKHC4ZASoYVz0cND1QBg8VakF4KzwLF3knPBsiHQchKwZ7WA84VhxbKws2OzQCEAAIXkFuJw8GPTsNKQc5MSkjDxYyBx4AMmMiHAI7PFctJCsLNjsiLCIuCD8MbAEmOCE7CQAbID09cyERMSwdNUFvIAxZPztXPlsgCz44DxZ3DCk4PBdRBhoIAC0nWEwRAy4fHTc2KSg7Y1YvGl4wFyUDCGcrAwwIAjRzNEs/ HTTP/1.1
Host: adthereissome.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1156
date: Sun, 28 May 2023 17:13:38 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 5c2d36b0430d7877f1609d99fe01caa8.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: L-UcdQXotKz4k2kzcio_kZoI5SjPe4m7oHxawH8lXegHfzHovdTrbg==
X-Firefox-Spdy: h2
gforanythingamgl.info/WkNvS0N1fAw4fghxJTIhHRFKeQUPFhsSFQIBOhovDBcJejMcGykOZS4qC3Z6YndfeXR8MwYvfmt7STg3OzcaOH5rZQYlJTV+ST1+a21fZXF0cEk+fmtlGzsiPX5ebTMuNwN2cmx7Wnl6bnNefHZqdA
204 No Content 0 B URL GET HTTP/2 gforanythingamgl.info/WkNvS0N1fAw4fghxJTIhHRFKeQUPFhsSFQIBOhovDBcJejMcGykOZS4qC3Z6YndfeXR8MwYvfmt7STg3OzcaOH5rZQYlJTV+ST1+a21fZXF0cEk+fmtlGzsiPX5ebTMuNwN2cmx7Wnl6bnNefHZqdA
IP
Requested by https://upfilesurls.com/A62O
Certificate IssuerGoogle Trust Services LLC
Subjectgforanythingamgl.info
Fingerprint5E:50:F4:C2:4F:D9:85:4E:40:F6:9A:2E:AC:04:DE:C2:79:BB:A8:74
ValidityFri, 05 May 2023 13:46:21 GMT - Thu, 03 Aug 2023 13:46:20 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /WkNvS0N1fAw4fghxJTIhHRFKeQUPFhsSFQIBOhovDBcJejMcGykOZS4qC3Z6YndfeXR8MwYvfmt7STg3OzcaOH5rZQYlJTV+ST1+a21fZXF0cEk+fmtlGzsiPX5ebTMuNwN2cmx7Wnl6bnNefHZqdA HTTP/1.1
Host: gforanythingamgl.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Sun, 28 May 2023 17:13:38 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xN80J3JHqkGFKmlZEogipv3uZf6U5ASnogDbYci8%2FXVfuWtvRN%2BwfemWzxEhFsGoLD4W7bDKsNwa8FI3aP%2BQRdmIt4eD%2FeXOcNDHr6l%2Fza%2FdgOFreQvSuLiYNWZKdKaZVmB2PTntLHs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce8211c2a66fabc-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
472 B IP
Hash bb63f1caaf551e76a88f326c8db516ce
513533cccfb522767abf37082518f766adc3c070
cfe2e32528181d9ff75d3946d789811d6d2c71e153c39aa72c0a586b922ebeb7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 28 May 2023 17:13:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
live.demand.supply/e/e.js?e=ll&d=247&cs=c&dsReferer=dXBmaWxlc3VybHMuY29tL0E2Mk8=
200 OK 0 B URL HEAD HTTP/3 live.demand.supply/e/e.js?e=ll&d=247&cs=c&dsReferer=dXBmaWxlc3VybHMuY29tL0E2Mk8=
IP
Requested by https://upfilesurls.com/A62O
Certificate IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /e/e.js?e=ll&d=247&cs=c&dsReferer=dXBmaWxlc3VybHMuY29tL0E2Mk8= HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 28 May 2023 17:13:38 GMT
content-type: application/javascript; charset=UTF-8
content-length: 1
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=2
etag: "dfe0abe17839ba4f36623d3c9332b694-ssl"
x-nf-request-id: 01H0WH535VZPRFR8SSXVB2WVS7
cf-cache-status: HIT
age: 697797
accept-ranges: bytes
set-cookie: __cf_bm=.hCHB2uKhtRcmQqtDcKc8q4CohzN1KUA3Zyq6nMkL0I-1685294018-0-AX8w2tI89X41fMDc+vQcRSNUDiPIGu5bnS1EmxcE3+aR9WECI3cgop9yAxHD46JsqiFFyRC6ZCVtGSv9XhwxUEA=; path=/; expires=Sun, 28-May-23 17:43:38 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce8211f09760b61-OSL
alt-svc: h3=":443"; ma=86400
upfilesurls.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/938e2b5c/invisible.js
200 OK 12 kB URL GET HTTP/2 upfilesurls.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/938e2b5c/invisible.js
IP
Requested by https://upfilesurls.com/A62O
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
File type ASCII text, with very long lines (27871), with no line terminators
Hash 5342cdde7983a9176a2172a2ebed0d84
cb7454ba8fadca16d04fcf3ec4c4f23aca2ec4fe
1127266e56fe63042fa80be7a416739ebf552691af915450fa58543905f9dc86
Analyzer Verdict Alert fortinet Malware
GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/938e2b5c/invisible.js HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: auth=eyJpdiI6IjV4T3hvTEszbTNLVndWekJFM3F6N3c9PSIsInZhbHVlIjoiUVBHNGZpRXQxUnpUWVVHZTlQcDdyUT09IiwibWFjIjoiN2FlZmI0ZGM1MDkzOWJkYmYwYmEzOGFiMzhmNWI1NjlmMTc0ZjE3NDI3ZTU3MDRiNTE3ZmEzM2E4YzgxNzAwZSIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6ImRUcUEvWWNCaTN6NUtYZHpOQkZ5elE9PSIsInZhbHVlIjoiS0ptWXZVZ3dzbzlBYk1PQ3o4RUpaRVI0RFh1bXp3bWNrQ1RtYmlHTzg3ck1lcURSUzFIbmw5MUptS1lyc1pDYnFaOXIydU0vQXZUQmJ5QlU5c3g2U2NmOW9naVpFUEZGZUt1ajEyb1dkakZ3ZDZRak5zUkdzSitPbU9nODdueHQiLCJtYWMiOiIwYTA4ZjVlYjU4NWRiMGZhODUzY2I5MTIwM2IzM2JhOTE1ODYxNWVmZThiMGRlM2M4MmYwMTRiZjI2YTVlMGE0IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6Ik1NMi9PMUJRek1PcDZNNVBvUEZER0E9PSIsInZhbHVlIjoiV1g1UFdWa0tqMngwNHE3Mmp0V2F2Q09PM3lTaTBvcWduT0VyTThzMElFZVIzQnN4amtsVmdQN0FQd0MrbVduc25Vb2JrRG5zQXVKWE81cmJhdjFYdkRnUzVGWWlsNmkwRzZ2QUxPVCtKejlURUxvMTV3QUhsOExVdWNSeHNwZHAiLCJtYWMiOiI5M2ZmY2I5ZTBkNGYwZGU3NTZiZTM0ODcxZGQ1MTUzMGUxZjkyZjNkNzlkNGI2OWU5YWNmOWJlNWI0OGYzYTZjIiwidGFnIjoiIn0%3D; ab=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 28 May 2023 17:13:38 GMT
content-type: application/javascript; charset=UTF-8
vary: accept-encoding
cache-control: max-age=14400, public
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TOaEMXM8lSHCNy3LQXKlBAKQN0IvgcdQ3HhCSlYwTSDnvTK4vbRULTE924fx1AIGluvBEFuX7CouG3hy7deRXGQiI98g0n2z8OItRcNS%2FYgv3a0iCSQ4MHIalCrpMAO9fA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce8211f79241c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
live.demand.supply/x/e.js?ce=bb&r=upfilesurls.com_auto_728x90_sticky_display_bottom&dsReferer=dXBmaWxlc3VybHMuY29tL0E2Mk8=
200 OK 0 B URL HEAD HTTP/3 live.demand.supply/x/e.js?ce=bb&r=upfilesurls.com_auto_728x90_sticky_display_bottom&dsReferer=dXBmaWxlc3VybHMuY29tL0E2Mk8=
IP
Requested by https://upfilesurls.com/A62O
Certificate IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /x/e.js?ce=bb&r=upfilesurls.com_auto_728x90_sticky_display_bottom&dsReferer=dXBmaWxlc3VybHMuY29tL0E2Mk8= HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 28 May 2023 17:13:38 GMT
content-type: application/javascript; charset=UTF-8
content-length: 1
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=2
etag: "dfe0abe17839ba4f36623d3c9332b694-ssl"
x-nf-request-id: 01H0WH53N5DXY1S5GWJ4J08TX0
cf-cache-status: HIT
age: 697797
accept-ranges: bytes
set-cookie: __cf_bm=VtDXfCvN4JlSqmUi37PaG2f4QgvpcY1OyjPSRS3pYCA-1685294018-0-AcbdGU9f8fk6xwkjkA5JXoqU4xEE5aX0IldxyUIbGbrLgqWlaU9jm8a6/TwIZ7zuFSfW084ZWvCK59MdZunPDps=; path=/; expires=Sun, 28-May-23 17:43:38 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce8211f9a3b0b61-OSL
alt-svc: h3=":443"; ma=86400
ocsp.sectigo.com/
471 B IP
Hash 4d26e0dda83ee5c10429cd9a8d43ead4
d637cb2024b8ff4adb23b7d918fa98a35bd97bfb
66142472b5cf095edf7ff5602fdcdf1c0d4480c1838daede0a87f4047115aae9
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 28 May 2023 17:13:38 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 25 May 2023 14:07:11 GMT
Expires: Thu, 01 Jun 2023 14:07:10 GMT
Etag: "d637cb2024b8ff4adb23b7d918fa98a35bd97bfb"
Cache-Control: max-age=334080,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7ce821200bd00afe-OSL
d18kg2zy9x3t96.cloudfront.net/jR3Q3VGIkG1kyXTMdU2lbcEwGYVFhHkQ7DDdJUhYYLCQGHhYFBW86AzM8ESAYI0kHcg4mGlBpRCIaVGlTYRVTNl9zUkMkDSxJTz8XLB1AOxQpEBEhA3oZWC4LKxhWcVABQRlkR3VEHyxTdlEEFkd1RFs9DDIMEmZSP0wBC1RzUQQWR3VERSJHdDUGZFtpRB-5xUHcTUjcJKFEFElB3RQdkU3dFEmZSIR1FMQQoDBJmJHZFBnpSYQEKZQ
598 B URL d18kg2zy9x3t96.cloudfront.net/jR3Q3VGIkG1kyXTMdU2lbcEwGYVFhHkQ7DDdJUhYYLCQGHhYFBW86AzM8ESAYI0kHcg4mGlBpRCIaVGlTYRVTNl9zUkMkDSxJTz8XLB1AOxQpEBEhA3oZWC4LKxhWcVABQRlkR3VEHyxTdlEEFkd1RFs9DDIMEmZSP0wBC1RzUQQWR3VERSJHdDUGZFtpRB-5xUHcTUjcJKFEFElB3RQdkU3dFEmZSIR1FMQQoDBJmJHZFBnpSYQEKZQ
IP
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (835), with no line terminators
Hash 60d324a0dcd41fcc0ae6ec1e4c618f25
c639cc5f2fb8118cf2f3f28d73b7211a0f1fae46
510dca9d37ebede4369f7c095a38373ed5bb25709f2e4a541bc6b3d1ae3f3814
GET /jR3Q3VGIkG1kyXTMdU2lbcEwGYVFhHkQ7DDdJUhYYLCQGHhYFBW86AzM8ESAYI0kHcg4mGlBpRCIaVGlTYRVTNl9zUkMkDSxJTz8XLB1AOxQpEBEhA3oZWC4LKxhWcVABQRlkR3VEHyxTdlEEFkd1RFs9DDIMEmZSP0wBC1RzUQQWR3VERSJHdDUGZFtpRB-5xUHcTUjcJKFEFElB3RQdkU3dFEmZSIR1FMQQoDBJmJHZFBnpSYQEKZQ HTTP/1.1
Host: d18kg2zy9x3t96.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adthereissome.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 598
date: Sun, 28 May 2023 17:13:38 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lpYuMathYERV9C_PS756T-2Em2mf3mQoz6BLCdH5qCFxtNVfTwJBhg==
X-Firefox-Spdy: h2
upfilesurls.com/cdn-cgi/challenge-platform/scripts/invisible.js
302 Found 2 B URL GET HTTP/2 upfilesurls.com/cdn-cgi/challenge-platform/scripts/invisible.js
IP
Requested by https://upfilesurls.com/A62O
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Analyzer Verdict Alert fortinet Malware
GET /cdn-cgi/challenge-platform/scripts/invisible.js HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: auth=eyJpdiI6IjV4T3hvTEszbTNLVndWekJFM3F6N3c9PSIsInZhbHVlIjoiUVBHNGZpRXQxUnpUWVVHZTlQcDdyUT09IiwibWFjIjoiN2FlZmI0ZGM1MDkzOWJkYmYwYmEzOGFiMzhmNWI1NjlmMTc0ZjE3NDI3ZTU3MDRiNTE3ZmEzM2E4YzgxNzAwZSIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6ImRUcUEvWWNCaTN6NUtYZHpOQkZ5elE9PSIsInZhbHVlIjoiS0ptWXZVZ3dzbzlBYk1PQ3o4RUpaRVI0RFh1bXp3bWNrQ1RtYmlHTzg3ck1lcURSUzFIbmw5MUptS1lyc1pDYnFaOXIydU0vQXZUQmJ5QlU5c3g2U2NmOW9naVpFUEZGZUt1ajEyb1dkakZ3ZDZRak5zUkdzSitPbU9nODdueHQiLCJtYWMiOiIwYTA4ZjVlYjU4NWRiMGZhODUzY2I5MTIwM2IzM2JhOTE1ODYxNWVmZThiMGRlM2M4MmYwMTRiZjI2YTVlMGE0IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6Ik1NMi9PMUJRek1PcDZNNVBvUEZER0E9PSIsInZhbHVlIjoiV1g1UFdWa0tqMngwNHE3Mmp0V2F2Q09PM3lTaTBvcWduT0VyTThzMElFZVIzQnN4amtsVmdQN0FQd0MrbVduc25Vb2JrRG5zQXVKWE81cmJhdjFYdkRnUzVGWWlsNmkwRzZ2QUxPVCtKejlURUxvMTV3QUhsOExVdWNSeHNwZHAiLCJtYWMiOiI5M2ZmY2I5ZTBkNGYwZGU3NTZiZTM0ODcxZGQ1MTUzMGUxZjkyZjNkNzlkNGI2OWU5YWNmOWJlNWI0OGYzYTZjIiwidGFnIjoiIn0%3D; ab=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
date: Sun, 28 May 2023 17:13:38 GMT
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/938e2b5c/invisible.js
cache-control: max-age=300, public
vary: accept-encoding
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6YhCZcqUws0vEeHN%2FJ81lZVUwkz%2FWONRpVeS8w%2BCL8Xkuk9W1rsat%2FFM09CcEsz1xjTZo4efuWapvz8W2C4sc2gi208%2FNLvsWFGNRxYA1voBrnpnrpBNA3ofx0Wf2i5F3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce8211eb8351c06-OSL
X-Firefox-Spdy: h2
live.demand.supply/p4/v16-2-0/dXBmaWxlc3VybHMuY29tL0E2Mk8=
200 OK 677 B URL GET HTTP/3 live.demand.supply/p4/v16-2-0/dXBmaWxlc3VybHMuY29tL0E2Mk8=
IP
Requested by https://upfilesurls.com/A62O
Certificate IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (984), with no line terminators
Hash a50ad628c8c34bc9844a4f780b144ed6
dc82c2e35ebb4ecab6d0e6fdf0e0eaaa475d47cf
1cb1e4b789251eaa8794413cc66f0b269bdf2c105937f527994b62ac194ad6e9
GET /p4/v16-2-0/dXBmaWxlc3VybHMuY29tL0E2Mk8= HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Cookie: demandSupplyTi=7d665d7d-68b8-4a51-b7d7-0dd3f17325d1; __cf_bm=jI96fZAeL2YgHpq9gql6gGt.yPXmxya587TVAeNbk.U-1685294017-0-AQy7dzYia+7FaqsPp1dbz6PxjoSfqQgmN3S6iV0Bks7VsoSRiHuqePlXqVes1EdLmhgfw9PN9AkEOPqIeAv4Mis=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 28 May 2023 17:13:38 GMT
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce8211ef99bfac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
live.demand.supply/ds.2.html
200 OK 758 B URL GET HTTP/3 live.demand.supply/ds.2.html
IP
Requested by https://upfilesurls.com/A62O
Certificate IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 6d93563087b24f71a2de50d213d1a6a6
3084afce8b8bb33ba5f5c4ac4e7ebb153c552deb
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
GET /ds.2.html HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 28 May 2023 17:13:38 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
x-nf-request-id: 01GZ1TRE6JCM1Y4N530MF91ECS
cf-cache-status: HIT
age: 627438
set-cookie: __cf_bm=kO0Um34v2g_iR2_rpOg13XjO9sHMjc04nqwXfvy9V5A-1685294018-0-AcAEWXac/RvlOriZGcTgsC3mhNlSaZXAcOeO5nLIQKh2HyUZa2Cjxvnw90fjJw1tFdgcGaCZrYYIWV6HK+8iuoo=; path=/; expires=Sun, 28-May-23 17:43:38 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce8211ef99ffac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
d18kg2zy9x3t96.cloudfront.net/?yzgkd=978153
200 OK 116 kB URL GET HTTP/2 d18kg2zy9x3t96.cloudfront.net/?yzgkd=978153
IP
Requested by https://upfilesurls.com/A62O
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (15948)
Size 116 kB (115485 bytes)
Hash 586f2ea266220206549bb917093853c6
f91311d3eae4e95641d4615ee18651916ab72be8
103d77e1b67cb926429f990ae32b58bf3238b58ce69b19e1f13e5f3597fa4dbd
GET /?yzgkd=978153 HTTP/1.1
Host: d18kg2zy9x3t96.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 115485
date: Sun, 28 May 2023 16:59:33 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://upfilesurls.com
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: G9nD2u35IpuNu0UGKm7bSW6jxfT4XEtFMemL2JnDGaVtxK_Qhke0Sw==
age: 845
X-Firefox-Spdy: h2
upfilesurls.com/favicon.ico
200 OK 1.6 kB URL GET HTTP/2 upfilesurls.com/favicon.ico
IP
Requested by https://upfilesurls.com/A62O
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
File type MS Windows icon resource - 1 icon, 32x32 with PNG image data, 32 x 32, 8-bit colormap, non-interlaced, 32 bits/pixel\012- data
Hash ba3a9d1041ae9a7a655f9632756b1e92
fbb065d1df15871da0b7df14ca22041a729dda88
180c85c0caca07f8411a77e2392751d979f74982f0ed7062a0093b322924f38f
GET /favicon.ico HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/A62O
Cookie: auth=eyJpdiI6IjV4T3hvTEszbTNLVndWekJFM3F6N3c9PSIsInZhbHVlIjoiUVBHNGZpRXQxUnpUWVVHZTlQcDdyUT09IiwibWFjIjoiN2FlZmI0ZGM1MDkzOWJkYmYwYmEzOGFiMzhmNWI1NjlmMTc0ZjE3NDI3ZTU3MDRiNTE3ZmEzM2E4YzgxNzAwZSIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6ImRUcUEvWWNCaTN6NUtYZHpOQkZ5elE9PSIsInZhbHVlIjoiS0ptWXZVZ3dzbzlBYk1PQ3o4RUpaRVI0RFh1bXp3bWNrQ1RtYmlHTzg3ck1lcURSUzFIbmw5MUptS1lyc1pDYnFaOXIydU0vQXZUQmJ5QlU5c3g2U2NmOW9naVpFUEZGZUt1ajEyb1dkakZ3ZDZRak5zUkdzSitPbU9nODdueHQiLCJtYWMiOiIwYTA4ZjVlYjU4NWRiMGZhODUzY2I5MTIwM2IzM2JhOTE1ODYxNWVmZThiMGRlM2M4MmYwMTRiZjI2YTVlMGE0IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6Ik1NMi9PMUJRek1PcDZNNVBvUEZER0E9PSIsInZhbHVlIjoiV1g1UFdWa0tqMngwNHE3Mmp0V2F2Q09PM3lTaTBvcWduT0VyTThzMElFZVIzQnN4amtsVmdQN0FQd0MrbVduc25Vb2JrRG5zQXVKWE81cmJhdjFYdkRnUzVGWWlsNmkwRzZ2QUxPVCtKejlURUxvMTV3QUhsOExVdWNSeHNwZHAiLCJtYWMiOiI5M2ZmY2I5ZTBkNGYwZGU3NTZiZTM0ODcxZGQ1MTUzMGUxZjkyZjNkNzlkNGI2OWU5YWNmOWJlNWI0OGYzYTZjIiwidGFnIjoiIn0%3D; ab=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 28 May 2023 17:13:38 GMT
content-type: image/x-icon
last-modified: Fri, 08 Apr 2022 10:55:45 GMT
vary: Accept-Encoding
etag: W/"625014b1-5b8"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 891
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qxVYlFU6BH5XlBCQevBNuanqEmPaS1OwC4KS%2BYtyQ4YUY2m4Y8M6TVOkGQ0o4g2k1znzfokYI2mEbHpuqeIL4AdqYla3%2B3yy5q3gASeofY5mUVO%2BWiMlSeaTP1cgUHBpiw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce82120eb5e1c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash 5dc16ffcd2737c07a2fed1aae7d713a3
990c258d150409aa1010b46c301be5660cd31009
33c0d260e97b9231369e91fa7b40656ebe29a83692d3bc94f4dbcb41339b86f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 28 May 2023 17:13:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
471 B IP
Hash 153dd711d416d0055edca4702b0ff551
7d419c0848d8502f021621a091c7a9160dc1b607
6c4765b1e69d3017d0f6c6a294a94f502e279d4c0ff31f09adff198edf0cfcba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 28 May 2023 17:13:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
472 B IP
Hash 24d6eeb55c83920b02f6cfd13d5c2127
a1058944de82f2135f9083453dc676394b59fa3a
773cdeb18e25db97d28e534c859578a1d3fadd6a58f11ac74de35f397c0e7d9a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 28 May 2023 17:13:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
200 OK 586 B URL GET HTTP/2 www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
IP
Requested by https://upfilesurls.com/A62O
Certificate IssuerGoogle Trust Services LLC
Subjectmisc.google.com
Fingerprint84:2B:3C:EA:5D:89:48:EC:DE:99:FD:C0:2A:32:C6:E3:35:2B:B5:44
ValidityMon, 08 May 2023 08:21:14 GMT - Mon, 31 Jul 2023 08:21:13 GMT
File type ASCII text, with very long lines (921), with no line terminators
Hash c0c5f1bc3dc1207fc4647a1971f7f8b2
a94949b5e56d94885045927d8d421d58297a8731
6813158c368d2541a76ab7284095e1987ec7ac6c39eed3a6312faf5f9a939249
GET /recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit HTTP/1.1
Host: www.recaptcha.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
expires: Sun, 28 May 2023 17:13:38 GMT
date: Sun, 28 May 2023 17:13:38 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 586
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
upfilesurls.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
200 OK 3.1 kB URL GET HTTP/2 upfilesurls.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
IP
Requested by https://upfilesurls.com/A62O
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
File type ASCII text, with very long lines (5730), with no line terminators
Hash a857fa1976fd2af872a16f5ed0b8e8a2
7b5c4705922d9493ef32b8ab10e662bed71543e7
1bce7228535a8ad246fbbad4317491cc57c03903bba26cece1c2cb43eb999e86
Analyzer Verdict Alert fortinet Malware
GET /cdn-cgi/challenge-platform/h/b/scripts/pica.js HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/A62O
Cookie: auth=eyJpdiI6IjV4T3hvTEszbTNLVndWekJFM3F6N3c9PSIsInZhbHVlIjoiUVBHNGZpRXQxUnpUWVVHZTlQcDdyUT09IiwibWFjIjoiN2FlZmI0ZGM1MDkzOWJkYmYwYmEzOGFiMzhmNWI1NjlmMTc0ZjE3NDI3ZTU3MDRiNTE3ZmEzM2E4YzgxNzAwZSIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6ImRUcUEvWWNCaTN6NUtYZHpOQkZ5elE9PSIsInZhbHVlIjoiS0ptWXZVZ3dzbzlBYk1PQ3o4RUpaRVI0RFh1bXp3bWNrQ1RtYmlHTzg3ck1lcURSUzFIbmw5MUptS1lyc1pDYnFaOXIydU0vQXZUQmJ5QlU5c3g2U2NmOW9naVpFUEZGZUt1ajEyb1dkakZ3ZDZRak5zUkdzSitPbU9nODdueHQiLCJtYWMiOiIwYTA4ZjVlYjU4NWRiMGZhODUzY2I5MTIwM2IzM2JhOTE1ODYxNWVmZThiMGRlM2M4MmYwMTRiZjI2YTVlMGE0IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6Ik1NMi9PMUJRek1PcDZNNVBvUEZER0E9PSIsInZhbHVlIjoiV1g1UFdWa0tqMngwNHE3Mmp0V2F2Q09PM3lTaTBvcWduT0VyTThzMElFZVIzQnN4amtsVmdQN0FQd0MrbVduc25Vb2JrRG5zQXVKWE81cmJhdjFYdkRnUzVGWWlsNmkwRzZ2QUxPVCtKejlURUxvMTV3QUhsOExVdWNSeHNwZHAiLCJtYWMiOiI5M2ZmY2I5ZTBkNGYwZGU3NTZiZTM0ODcxZGQ1MTUzMGUxZjkyZjNkNzlkNGI2OWU5YWNmOWJlNWI0OGYzYTZjIiwidGFnIjoiIn0%3D; ab=1
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 28 May 2023 17:13:38 GMT
content-type: application/javascript; charset=UTF-8
vary: accept-encoding
x-content-type-options: nosniff
cache-control: max-age=14400, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wK2z1Y%2F9U3TPcQilg6reKnm7ksdZSsxyUR4ansMGakhRmMUTkqQECGQIn0zbebQ0hcmKTD8HKXTlJzbfOK%2Fk39u96cRsI3RWwvGjBsGWaxcqkas%2FYQQbsdJiC81XY6x5kw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce821203a8c1c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
live.demand.supply/css/sdb.css
200 OK 1.6 kB URL GET HTTP/3 live.demand.supply/css/sdb.css
IP
Requested by https://upfilesurls.com/A62O
Certificate IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (3765), with no line terminators
Hash 05937abfafb30dc374d6de75acf7b940
d8d47f032e9344f49aca58294b29f7456ef6a8c3
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
GET /css/sdb.css HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Cookie: demandSupplyTi=7d665d7d-68b8-4a51-b7d7-0dd3f17325d1; __cf_bm=jI96fZAeL2YgHpq9gql6gGt.yPXmxya587TVAeNbk.U-1685294017-0-AQy7dzYia+7FaqsPp1dbz6PxjoSfqQgmN3S6iV0Bks7VsoSRiHuqePlXqVes1EdLmhgfw9PN9AkEOPqIeAv4Mis=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 28 May 2023 17:13:38 GMT
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-bgj: minify
etag: W/"281c43d3e253957887c3e1dad5bbb310-ssl-df"
vary: Accept-Encoding
x-nf-request-id: 01GZGR6SCB0Q49R1S22Y9RAR9T
cf-cache-status: HIT
age: 138741
server: cloudflare
cf-ray: 7ce8211f9a0dfac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
adthereissome.info/utx?cb=3nYsF4Yle83N&top=upfilesurls.com&tid=974624
204 No Content 0 B URL GET HTTP/2 adthereissome.info/utx?cb=3nYsF4Yle83N&top=upfilesurls.com&tid=974624
IP
Requested by https://upfilesurls.com/A62O
Certificate IssuerAmazon
Subjectadthereissome.info
Fingerprint21:40:7C:A8:E9:22:33:8E:6F:E6:0A:C2:79:2F:18:FD:76:73:C9:7E
ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 02 Jun 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=3nYsF4Yle83N&top=upfilesurls.com&tid=974624 HTTP/1.1
Host: adthereissome.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Sun, 28 May 2023 17:13:38 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://upfilesurls.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 28 May 2023 17:14:38 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 5c2d36b0430d7877f1609d99fe01caa8.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: 8ZwSRcpcH3LvbJMleVVWt__eCWilLI7smdyckGUW-rMvQDxnMAATcA==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash 1fe6018b909467d7161e2e0e4c541f0b
b34a4c25cafbd65b4b77b197dd215c8424a11d73
0dd7e48addf4d6b8a9699b50d992c0f7311fc4a8af44a59761752d6f5e08c99c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 28 May 2023 17:13:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
472 B IP
Hash 8bc2743253a8fc930e5a747ab63e94c5
178071f3eaaa9b894f9e1579179c412fd14339a2
73c2b75f4956c2bde3595b8f6df91cc8061b93214ba8d26da0490a6f8790eee7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 28 May 2023 17:13:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
471 B IP
Hash dfd5ad02f4f42dfda06a983cde156afc
22aa6b74534fcf3dea8b9baf4578d94e7d668e18
885fcb0b62d31ffaccbc95a3ff7a2478fe67a28f62917c980555911e11717d36
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 28 May 2023 17:13:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js
200 OK 166 kB URL GET HTTP/2 www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js
IP
Requested by https://upfilesurls.com/A62O
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type ASCII text, with very long lines (660)
Size 166 kB (166449 bytes)
Hash 95a32a4d8f8be968bc15d6ab9b9491d1
fbfbcb40c8d8997096cd2ea3d8cfc3dee1981015
a41096fbcf982d79bf075bf2378c9c0c2e8ada5bdc94bd7cc794454135ccf981
GET /recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166449
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 22 May 2023 23:49:29 GMT
expires: Tue, 21 May 2024 23:49:29 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 May 2023 20:58:33 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 494650
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
302 Found 391 B URL GET HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
Requested by https://upfilesurls.com/A62O
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint6C:C9:34:01:32:00:11:F3:7A:E2:AA:FC:7C:E3:13:17:3D:17:71:8A
ValidityMon, 08 May 2023 08:25:19 GMT - Mon, 31 Jul 2023 08:25:18 GMT
File type gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)\012- data
Hash cfea3b1408f36f3615b82e8fdaa27dab
282e54621bbc56092a45de713c20a971f07dda7a
27d879853d100cd9c9188002ccfe74d39b6f1bbde6e60710008bfb3dc53b8ae7
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
set-cookie: __Host-GAPS=1:s5FRHDWMGQYuwTNEyjBsOZCz0h3oyA:CGNlbQu8ekiBGOnL; Expires=Tue, 27-May-2025 17:13:38 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 28 May 2023 17:13:38 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneGYCuanTwVlQaXLSojE9E9NFm6hPxkU6QyLbPLOA7BToJShh33rKO78TLUV4SoBThjxM4aGpg
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-tASbIS1OpyAvgbnilJzApA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy: unsafe-none
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
content-type: application/binary
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
302 Found 399 B URL GET HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
Requested by https://upfilesurls.com/A62O
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint6C:C9:34:01:32:00:11:F3:7A:E2:AA:FC:7C:E3:13:17:3D:17:71:8A
ValidityMon, 08 May 2023 08:25:19 GMT - Mon, 31 Jul 2023 08:25:18 GMT
File type gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)\012- data
Hash 3a0f2181c286bd19541f9787f3a9e1d1
c7896b565c2600c74a8094ebba4e5314f4115e36
52dc8062737706145114b658a15e25a531edce045d2da1078258366e1e484fcb
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
set-cookie: __Host-GAPS=1:MuEqM1Fi7r8pRbdqQy9jbrZQ5mrN4A:iR1Pk_hwIUZHt3IY; Expires=Tue, 27-May-2025 17:13:38 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 28 May 2023 17:13:38 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneHMUjzk3vFVrjZiDO-EZFiE7Gx2CaUSBlIWhVgf-B2BKYPi3OJcJTkspkxvvMRZZ4JODwOY_w
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
content-security-policy: script-src 'nonce-Ydh01QCY7-i1dUGXmQie1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, require-trusted-types-for 'script';report-uri /cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
content-type: application/binary
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
200 OK 0 B URL HEAD HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP
Requested by https://upfilesurls.com/A62O
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint4D:38:FE:62:28:C3:2C:26:D3:E4:2A:D2:FD:07:5A:0E:7D:C6:AD:7C
ValidityMon, 08 May 2023 08:20:04 GMT - Mon, 31 Jul 2023 08:20:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 28 May 2023 17:13:39 GMT
expires: Sun, 28 May 2023 17:13:39 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 7200269636916107383
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 47247
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S-234449162%3A1685294019227998&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFuo9c9JYIRlsp-f9iizb4enpz2OP8iC8GF1_D6QYa3tcjc73m_8vRXHnjMy2UHMqnXHPha&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
403 Forbidden 0 B URL GET HTTP/3 accounts.google.com/v3/signin/identifier?dsh=S-234449162%3A1685294019227998&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFuo9c9JYIRlsp-f9iizb4enpz2OP8iC8GF1_D6QYa3tcjc73m_8vRXHnjMy2UHMqnXHPha&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
IP
Requested by https://upfilesurls.com/A62O
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/signin/identifier?dsh=S-234449162%3A1685294019227998&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFuo9c9JYIRlsp-f9iizb4enpz2OP8iC8GF1_D6QYa3tcjc73m_8vRXHnjMy2UHMqnXHPha&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 28 May 2023 17:13:39 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-tcWi1mh6dqTVYhWiWhzT_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
adthereissome.info/utx?cb=TzDDWW7nQYKc&top=upfilesurls.com&tid=978153
204 No Content 0 B URL GET HTTP/2 adthereissome.info/utx?cb=TzDDWW7nQYKc&top=upfilesurls.com&tid=978153
IP
Requested by https://upfilesurls.com/A62O
Certificate IssuerAmazon
Subjectadthereissome.info
Fingerprint21:40:7C:A8:E9:22:33:8E:6F:E6:0A:C2:79:2F:18:FD:76:73:C9:7E
ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 02 Jun 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=TzDDWW7nQYKc&top=upfilesurls.com&tid=978153 HTTP/1.1
Host: adthereissome.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Sun, 28 May 2023 17:13:38 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://upfilesurls.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 28 May 2023 17:14:38 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 5c2d36b0430d7877f1609d99fe01caa8.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: YvISKc0zDw77Vx8v1cH1ne6-HnTNLbO3EluLV_UVxb-OUFT43OrdvA==
X-Firefox-Spdy: h2
datatechone.com/log/add?cid=099bff94-57af-4b2b-a42c-300c65c51697
200 OK 2 B URL POST HTTP/1.1 datatechone.com/log/add?cid=099bff94-57af-4b2b-a42c-300c65c51697
IP
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://upfilesurls.com/A62O
Certificate IssuerSectigo Limited
Subjectdatatechone.com
Fingerprint8E:B7:22:E4:97:95:3C:60:FC:7C:41:39:A6:B7:B7:E2:48:B2:D0:18
ValiditySun, 18 Dec 2022 00:00:00 GMT - Sun, 24 Dec 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /log/add?cid=099bff94-57af-4b2b-a42c-300c65c51697 HTTP/1.1
Host: datatechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1345
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sun, 28 May 2023 17:13:38 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://upfilesurls.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
upfilesurls.com/cdn-cgi/challenge-platform/h/b/cv/result/7ce82115cae51c06
200 OK 2 B URL POST HTTP/2 upfilesurls.com/cdn-cgi/challenge-platform/h/b/cv/result/7ce82115cae51c06
IP
Requested by https://upfilesurls.com/A62O
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Analyzer Verdict Alert fortinet Malware
POST /cdn-cgi/challenge-platform/h/b/cv/result/7ce82115cae51c06 HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12370
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/A62O
Cookie: auth=eyJpdiI6IjV4T3hvTEszbTNLVndWekJFM3F6N3c9PSIsInZhbHVlIjoiUVBHNGZpRXQxUnpUWVVHZTlQcDdyUT09IiwibWFjIjoiN2FlZmI0ZGM1MDkzOWJkYmYwYmEzOGFiMzhmNWI1NjlmMTc0ZjE3NDI3ZTU3MDRiNTE3ZmEzM2E4YzgxNzAwZSIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6ImRUcUEvWWNCaTN6NUtYZHpOQkZ5elE9PSIsInZhbHVlIjoiS0ptWXZVZ3dzbzlBYk1PQ3o4RUpaRVI0RFh1bXp3bWNrQ1RtYmlHTzg3ck1lcURSUzFIbmw5MUptS1lyc1pDYnFaOXIydU0vQXZUQmJ5QlU5c3g2U2NmOW9naVpFUEZGZUt1ajEyb1dkakZ3ZDZRak5zUkdzSitPbU9nODdueHQiLCJtYWMiOiIwYTA4ZjVlYjU4NWRiMGZhODUzY2I5MTIwM2IzM2JhOTE1ODYxNWVmZThiMGRlM2M4MmYwMTRiZjI2YTVlMGE0IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6Ik1NMi9PMUJRek1PcDZNNVBvUEZER0E9PSIsInZhbHVlIjoiV1g1UFdWa0tqMngwNHE3Mmp0V2F2Q09PM3lTaTBvcWduT0VyTThzMElFZVIzQnN4amtsVmdQN0FQd0MrbVduc25Vb2JrRG5zQXVKWE81cmJhdjFYdkRnUzVGWWlsNmkwRzZ2QUxPVCtKejlURUxvMTV3QUhsOExVdWNSeHNwZHAiLCJtYWMiOiI5M2ZmY2I5ZTBkNGYwZGU3NTZiZTM0ODcxZGQ1MTUzMGUxZjkyZjNkNzlkNGI2OWU5YWNmOWJlNWI0OGYzYTZjIiwidGFnIjoiIn0%3D; ab=2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 17:13:39 GMT
content-type: text/plain; charset=UTF-8
set-cookie: __cf_bm=RmHfCWIRAGGIzgdBuwDDv_25dXvKrVsIZ1DrauVGWgo-1685294019-0-ATB6jJgb7PKUQ+PkppdtXt2DQfK4pAMRmC/RxEIgkm2G+xEYODP2Y0NwkUqejWujy/AfVWs5Wdld0ep61XTK9BkIO79EFrYN7chvEJxVCj9c; path=/; expires=Sun, 28-May-23 17:43:39 GMT; domain=.upfilesurls.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s6gnQ1D7r5WpnzPIRZn01qlrachIVeADGM45OlI2wIS%2FeZpdXBY5%2BQ39YzmcccOnuPPK49N0Hi50BCKwqzTNjtyE7ccGS8TJQUfgVgaq7aIcjdcC2cOaXRi3%2Bad7ePntiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce82123cf731c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
upfilesurls.com/img/logo.svg
200 OK 22 kB URL GET HTTP/2 upfilesurls.com/img/logo.svg
IP
Requested by https://upfilesurls.com/A62O
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1361)
Hash 1e28749acbd90e7e99a883c1890327cd
638b4525d3f0ed776db136ca1025a8961f46c9e0
d526da1f4d4af45cefd2a0d140abec2beddc3150d13c47d3de893eaa278a369d
Analyzer Verdict Alert fortinet Malware
GET /img/logo.svg HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/A62O
Cookie: auth=eyJpdiI6IjV4T3hvTEszbTNLVndWekJFM3F6N3c9PSIsInZhbHVlIjoiUVBHNGZpRXQxUnpUWVVHZTlQcDdyUT09IiwibWFjIjoiN2FlZmI0ZGM1MDkzOWJkYmYwYmEzOGFiMzhmNWI1NjlmMTc0ZjE3NDI3ZTU3MDRiNTE3ZmEzM2E4YzgxNzAwZSIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6ImRUcUEvWWNCaTN6NUtYZHpOQkZ5elE9PSIsInZhbHVlIjoiS0ptWXZVZ3dzbzlBYk1PQ3o4RUpaRVI0RFh1bXp3bWNrQ1RtYmlHTzg3ck1lcURSUzFIbmw5MUptS1lyc1pDYnFaOXIydU0vQXZUQmJ5QlU5c3g2U2NmOW9naVpFUEZGZUt1ajEyb1dkakZ3ZDZRak5zUkdzSitPbU9nODdueHQiLCJtYWMiOiIwYTA4ZjVlYjU4NWRiMGZhODUzY2I5MTIwM2IzM2JhOTE1ODYxNWVmZThiMGRlM2M4MmYwMTRiZjI2YTVlMGE0IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6Ik1NMi9PMUJRek1PcDZNNVBvUEZER0E9PSIsInZhbHVlIjoiV1g1UFdWa0tqMngwNHE3Mmp0V2F2Q09PM3lTaTBvcWduT0VyTThzMElFZVIzQnN4amtsVmdQN0FQd0MrbVduc25Vb2JrRG5zQXVKWE81cmJhdjFYdkRnUzVGWWlsNmkwRzZ2QUxPVCtKejlURUxvMTV3QUhsOExVdWNSeHNwZHAiLCJtYWMiOiI5M2ZmY2I5ZTBkNGYwZGU3NTZiZTM0ODcxZGQ1MTUzMGUxZjkyZjNkNzlkNGI2OWU5YWNmOWJlNWI0OGYzYTZjIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 17:13:37 GMT
content-type: image/svg+xml
last-modified: Fri, 08 Apr 2022 10:55:45 GMT
etag: W/"625014b1-56e8"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 349238
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FLwbTNmVDKwDuIYRARDgh07FlBCWq0xIn1WngHHuY0Ga5cqIyWBgIIGm42o77hGdljMHKNvX9Z1l3%2FEfjltSAb0qeFYLaahpRvsvS6JuTYloCpR7hOfgFJ%2BXjsh0PxC%2BCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce82118ff581c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
live.demand.supply/up.js
200 OK 4.7 kB IP
Requested by https://upfilesurls.com/A62O
Certificate IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (4811), with no line terminators
Hash a3abfeddb38c4271276aea4e0d28ffc1
fbb3625f8da0ed300cd81203773c5e2cfc4b9cd3
102a0bc0e4ffbc8142e8a3adf45df638feebb009a6b77e0348d3d31598e070e7
GET /up.js HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 17:13:37 GMT
content-type: application/javascript; charset=UTF-8
cf-ray: 7ce8211b28620b02-OSL
cf-cache-status: HIT
age: 1080
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
etag: W/"ad72f581a14aa3fbbf4827fac4449705-ssl-df"
link: <https://live.demand.supply/impl.v16.9.1.js>; rel=preload; as=script,<https://live.demand.supply/p4/v16-2-0/dXBmaWxlc3VybHMuY29tLw==>; rel=preload; as=script
vary: Accept-Encoding
cf-bgj: minify
cf-polished: origSize=4391
timing-allow-origin: *
x-nf-request-id: 01H0JH3JA8TSZ1S1CGSMZY0Q5D
set-cookie: demandSupplyTi=7d665d7d-68b8-4a51-b7d7-0dd3f17325d1; demandSupplyTc = null; demandSupplyTcI = null; SameSite=None; Secure; Max-Age=63072000
__cf_bm=jI96fZAeL2YgHpq9gql6gGt.yPXmxya587TVAeNbk.U-1685294017-0-AQy7dzYia+7FaqsPp1dbz6PxjoSfqQgmN3S6iV0Bks7VsoSRiHuqePlXqVes1EdLmhgfw9PN9AkEOPqIeAv4Mis=; path=/; expires=Sun, 28-May-23 17:43:37 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
live.demand.supply/impl.v16.9.1.js
200 OK 75 kB URL GET HTTP/3 live.demand.supply/impl.v16.9.1.js
IP
Requested by https://upfilesurls.com/A62O
Certificate IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (27958)
Hash 20e3de9acd919eb7e518640761f616a6
a39badf38168691698ca2b2ea2aa070b34d01a3d
cdeda8658c3f891c883f5a83c5f2b5e20a18c2fa65658d77a1522fe440b6d0e0
GET /impl.v16.9.1.js HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Cookie: demandSupplyTi=7d665d7d-68b8-4a51-b7d7-0dd3f17325d1; __cf_bm=jI96fZAeL2YgHpq9gql6gGt.yPXmxya587TVAeNbk.U-1685294017-0-AQy7dzYia+7FaqsPp1dbz6PxjoSfqQgmN3S6iV0Bks7VsoSRiHuqePlXqVes1EdLmhgfw9PN9AkEOPqIeAv4Mis=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 28 May 2023 17:13:38 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=75573
etag: W/"a92236f0259b51d5fbe112e5ac680198-ssl-df"
timing-allow-origin: *
vary: Accept-Encoding
x-nf-request-id: 01H0JGE5H42NN0NCVBZSKPPTF4
cf-cache-status: HIT
age: 1045610
server: cloudflare
cf-ray: 7ce8211ee988fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
accounts.google.com/v3/signin/identifier?dsh=S-1828396043%3A1685294019256795&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneE4QKmpzvulb1TwEcbJxdOJlVgOJDA95wEH5bGddfE9XqwjSe0oF9lLr2vbGQ8PK362bGYP&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
403 Forbidden 0 B URL GET HTTP/3 accounts.google.com/v3/signin/identifier?dsh=S-1828396043%3A1685294019256795&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneE4QKmpzvulb1TwEcbJxdOJlVgOJDA95wEH5bGddfE9XqwjSe0oF9lLr2vbGQ8PK362bGYP&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
IP
Requested by https://upfilesurls.com/A62O
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/signin/identifier?dsh=S-1828396043%3A1685294019256795&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneE4QKmpzvulb1TwEcbJxdOJlVgOJDA95wEH5bGddfE9XqwjSe0oF9lLr2vbGQ8PK362bGYP&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 28 May 2023 17:13:39 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-caAB2udspphy3PynatJRmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
gforanythingamgl.info/Q0hnek5sdwQJcxkMLUgtcTwwO34ZBD9LfgQaMigXFRkTPRwFAUEOJyd1Xk12cn1UXD4qLFpLaDA8Bg47MHVWXCctLghHaDV1VlR9d2ZUSGBxbhJHf2U8FxspfnlBCjo3JFpLeHt9VUN6c3lQTnh6
204 No Content 0 B URL GET HTTP/2 gforanythingamgl.info/Q0hnek5sdwQJcxkMLUgtcTwwO34ZBD9LfgQaMigXFRkTPRwFAUEOJyd1Xk12cn1UXD4qLFpLaDA8Bg47MHVWXCctLghHaDV1VlR9d2ZUSGBxbhJHf2U8FxspfnlBCjo3JFpLeHt9VUN6c3lQTnh6
IP
Requested by https://upfilesurls.com/A62O
Certificate IssuerGoogle Trust Services LLC
Subjectgforanythingamgl.info
Fingerprint5E:50:F4:C2:4F:D9:85:4E:40:F6:9A:2E:AC:04:DE:C2:79:BB:A8:74
ValidityFri, 05 May 2023 13:46:21 GMT - Thu, 03 Aug 2023 13:46:20 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /Q0hnek5sdwQJcxkMLUgtcTwwO34ZBD9LfgQaMigXFRkTPRwFAUEOJyd1Xk12cn1UXD4qLFpLaDA8Bg47MHVWXCctLghHaDV1VlR9d2ZUSGBxbhJHf2U8FxspfnlBCjo3JFpLeHt9VUN6c3lQTnh6 HTTP/1.1
Host: gforanythingamgl.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Sun, 28 May 2023 17:13:37 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lK2B4Si8Jrii33jDTHIEeoQt%2BEXIh6RE1eEZQNoT3G5DY9MLHxzuRsMxPzWX3ci12Cz6%2FFx1es4TRVRnCSFn1RdaTl7FQLvHn1BLajoM4VUGt2jyGP25PaziXzQBmRO4TwIC5uEBUtw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce8211baa01fabc-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
live.demand.supply/x/e.js?ce=fs&dsReferer=dXBmaWxlc3VybHMuY29tL0E2Mk8=
200 OK 0 B URL HEAD HTTP/3 live.demand.supply/x/e.js?ce=fs&dsReferer=dXBmaWxlc3VybHMuY29tL0E2Mk8=
IP
Requested by https://upfilesurls.com/A62O
Certificate IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /x/e.js?ce=fs&dsReferer=dXBmaWxlc3VybHMuY29tL0E2Mk8= HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 28 May 2023 17:13:38 GMT
content-type: application/javascript; charset=UTF-8
content-length: 1
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=2
etag: "dfe0abe17839ba4f36623d3c9332b694-ssl"
x-nf-request-id: 01H0WH53N5DXY1S5GWJ4J08TX0
cf-cache-status: HIT
age: 697797
accept-ranges: bytes
set-cookie: __cf_bm=sqK.NPpfbzUu_TwOU8qxcpcNnw2GQjxsduRozjEEeBA-1685294018-0-AfFA6XusBxb3rLYDJCvau7faMgu3CcWK2DozGGer5BNa5dajhEiEpRX+GC00Xc26BSZRmliB3zCAM20A/QOUTkI=; path=/; expires=Sun, 28-May-23 17:43:38 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce8211f8a2c0b61-OSL
alt-svc: h3=":443"; ma=86400
upfilesurls.com/js/ads.js
200 OK 1.5 kB URL GET HTTP/2 upfilesurls.com/js/ads.js
IP
Requested by https://upfilesurls.com/A62O
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
File type ASCII text, with very long lines (1551), with no line terminators
Hash 18062be5f40e561d47292c4c3e16e968
a527704208e4e365d0119360f6dd5fb1ce8eb3c8
63e619bf91f115635c5f302e9352cca845a7c498eaef9c2fee9b50a16001be37
Analyzer Verdict Alert fortinet Malware
GET /js/ads.js HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/A62O
Cookie: auth=eyJpdiI6IjV4T3hvTEszbTNLVndWekJFM3F6N3c9PSIsInZhbHVlIjoiUVBHNGZpRXQxUnpUWVVHZTlQcDdyUT09IiwibWFjIjoiN2FlZmI0ZGM1MDkzOWJkYmYwYmEzOGFiMzhmNWI1NjlmMTc0ZjE3NDI3ZTU3MDRiNTE3ZmEzM2E4YzgxNzAwZSIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6ImRUcUEvWWNCaTN6NUtYZHpOQkZ5elE9PSIsInZhbHVlIjoiS0ptWXZVZ3dzbzlBYk1PQ3o4RUpaRVI0RFh1bXp3bWNrQ1RtYmlHTzg3ck1lcURSUzFIbmw5MUptS1lyc1pDYnFaOXIydU0vQXZUQmJ5QlU5c3g2U2NmOW9naVpFUEZGZUt1ajEyb1dkakZ3ZDZRak5zUkdzSitPbU9nODdueHQiLCJtYWMiOiIwYTA4ZjVlYjU4NWRiMGZhODUzY2I5MTIwM2IzM2JhOTE1ODYxNWVmZThiMGRlM2M4MmYwMTRiZjI2YTVlMGE0IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6Ik1NMi9PMUJRek1PcDZNNVBvUEZER0E9PSIsInZhbHVlIjoiV1g1UFdWa0tqMngwNHE3Mmp0V2F2Q09PM3lTaTBvcWduT0VyTThzMElFZVIzQnN4amtsVmdQN0FQd0MrbVduc25Vb2JrRG5zQXVKWE81cmJhdjFYdkRnUzVGWWlsNmkwRzZ2QUxPVCtKejlURUxvMTV3QUhsOExVdWNSeHNwZHAiLCJtYWMiOiI5M2ZmY2I5ZTBkNGYwZGU3NTZiZTM0ODcxZGQ1MTUzMGUxZjkyZjNkNzlkNGI2OWU5YWNmOWJlNWI0OGYzYTZjIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 17:13:37 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-bgj: minify
etag: W/"63baab19-608"
last-modified: Sun, 08 Jan 2023 11:38:01 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding
cf-cache-status: HIT
age: 509434
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YroH2bF0%2FnybX%2F2RJzQfxSYp2pmZiUiJqltiEIRyOf%2F0qdy5BZMNriN6U6XkQ7t1PEl9cWrCkBDh1d2WXQzV81HR0MJdMmOEjc7IQOSDeobfsl9%2FJClh5oMVWKqs%2BuZuAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce821190f6d1c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
Requested by https://upfilesurls.com/A62O
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 May 2023 03:11:48 GMT
expires: Sun, 26 May 2024 03:11:48 GMT
cache-control: public, max-age=31536000
age: 136909
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
upfilesurls.com/js/frontend.js?id=88f283c744d8a6e43cfb
200 OK 981 kB URL GET HTTP/2 upfilesurls.com/js/frontend.js?id=88f283c744d8a6e43cfb
IP
Requested by https://upfilesurls.com/A62O
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
Size 981 kB (980828 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /js/frontend.js?id=88f283c744d8a6e43cfb HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/A62O
Cookie: auth=eyJpdiI6IjV4T3hvTEszbTNLVndWekJFM3F6N3c9PSIsInZhbHVlIjoiUVBHNGZpRXQxUnpUWVVHZTlQcDdyUT09IiwibWFjIjoiN2FlZmI0ZGM1MDkzOWJkYmYwYmEzOGFiMzhmNWI1NjlmMTc0ZjE3NDI3ZTU3MDRiNTE3ZmEzM2E4YzgxNzAwZSIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6ImRUcUEvWWNCaTN6NUtYZHpOQkZ5elE9PSIsInZhbHVlIjoiS0ptWXZVZ3dzbzlBYk1PQ3o4RUpaRVI0RFh1bXp3bWNrQ1RtYmlHTzg3ck1lcURSUzFIbmw5MUptS1lyc1pDYnFaOXIydU0vQXZUQmJ5QlU5c3g2U2NmOW9naVpFUEZGZUt1ajEyb1dkakZ3ZDZRak5zUkdzSitPbU9nODdueHQiLCJtYWMiOiIwYTA4ZjVlYjU4NWRiMGZhODUzY2I5MTIwM2IzM2JhOTE1ODYxNWVmZThiMGRlM2M4MmYwMTRiZjI2YTVlMGE0IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6Ik1NMi9PMUJRek1PcDZNNVBvUEZER0E9PSIsInZhbHVlIjoiV1g1UFdWa0tqMngwNHE3Mmp0V2F2Q09PM3lTaTBvcWduT0VyTThzMElFZVIzQnN4amtsVmdQN0FQd0MrbVduc25Vb2JrRG5zQXVKWE81cmJhdjFYdkRnUzVGWWlsNmkwRzZ2QUxPVCtKejlURUxvMTV3QUhsOExVdWNSeHNwZHAiLCJtYWMiOiI5M2ZmY2I5ZTBkNGYwZGU3NTZiZTM0ODcxZGQ1MTUzMGUxZjkyZjNkNzlkNGI2OWU5YWNmOWJlNWI0OGYzYTZjIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 17:13:37 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=980842
etag: W/"63baab19-ef76a"
last-modified: Sun, 08 Jan 2023 11:38:01 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Accept-Encoding
cf-cache-status: HIT
age: 12113886
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MNNSWZnLtwHB57IaxCMe5T0SBcFxPJAvRjxJqdAqtM8RSONFe%2B1dLW4WUOPKNNfqMuVmg0tnWSa0wUJeKXyenQVeQ7sfsPJgWyENps%2F7vX2qJLtoBn6T%2BDRyS2anVB%2FgxA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce821190f6f1c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
200 OK 90 kB URL User Request GET HTTP/2 IP
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /A62O HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: auth=eyJpdiI6IjV4T3hvTEszbTNLVndWekJFM3F6N3c9PSIsInZhbHVlIjoiUVBHNGZpRXQxUnpUWVVHZTlQcDdyUT09IiwibWFjIjoiN2FlZmI0ZGM1MDkzOWJkYmYwYmEzOGFiMzhmNWI1NjlmMTc0ZjE3NDI3ZTU3MDRiNTE3ZmEzM2E4YzgxNzAwZSIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6IkczSzdRV3dvYm5LWUdCY3dmQmJzeUE9PSIsInZhbHVlIjoiNjZvN0VnaGVJQ2gva3dXL3IwaTVISGliMkVCTkpaK0crK0xLRWVFUjJtemVuSlBENUpHWDJsSk5PNkUyU1BmVW1paXJ4bmxhVkFzcmlqWXNyYW1UU05keE5BR2UrdzRZQzVGK1VlUnJsYnhXYjVWRDgxYnQrZENKTVZLVURncWYiLCJtYWMiOiI4ZTdjNzE5ZWRkZjk0MjUyMmJjYzkwOGVhMTQ0M2JkY2Y1ZjcxNDY4ZTc4M2E2NjA2OTljYjM3MmI4ZWQ0NWU4IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6ImMybWIrQVN2UDMyUi80aGZhSmxJc3c9PSIsInZhbHVlIjoiaitJVm43WDRXSis3WGdZSGprL3IwN1BVcHZERmNsU3pHRlVZOHRMWWw5YXZEbmR3alVmQytoeTdCVW15MUFJdWtZUmVSUXY3bElDN0FsbEV6QTJxMktoOTlucnhGZ3ExN0JxK3lQeTFHVGZ6c3ZQbTRWQmhNVU9wSHkvMEMrMkIiLCJtYWMiOiJlMDAzOTU2NjhkZDJiYjhmYjhjYTJmZGFlNDQ0MmEwNzQ4YTIzMjdkMDIzNTQwZDA1MGJmM2YxNTcwN2ZiM2Q2IiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 17:13:37 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6ImRUcUEvWWNCaTN6NUtYZHpOQkZ5elE9PSIsInZhbHVlIjoiS0ptWXZVZ3dzbzlBYk1PQ3o4RUpaRVI0RFh1bXp3bWNrQ1RtYmlHTzg3ck1lcURSUzFIbmw5MUptS1lyc1pDYnFaOXIydU0vQXZUQmJ5QlU5c3g2U2NmOW9naVpFUEZGZUt1ajEyb1dkakZ3ZDZRak5zUkdzSitPbU9nODdueHQiLCJtYWMiOiIwYTA4ZjVlYjU4NWRiMGZhODUzY2I5MTIwM2IzM2JhOTE1ODYxNWVmZThiMGRlM2M4MmYwMTRiZjI2YTVlMGE0IiwidGFnIjoiIn0%3D; expires=Sun, 28-May-2023 19:13:37 GMT; Max-Age=7200; path=/; samesite=lax
upfiles_session=eyJpdiI6Ik1NMi9PMUJRek1PcDZNNVBvUEZER0E9PSIsInZhbHVlIjoiV1g1UFdWa0tqMngwNHE3Mmp0V2F2Q09PM3lTaTBvcWduT0VyTThzMElFZVIzQnN4amtsVmdQN0FQd0MrbVduc25Vb2JrRG5zQXVKWE81cmJhdjFYdkRnUzVGWWlsNmkwRzZ2QUxPVCtKejlURUxvMTV3QUhsOExVdWNSeHNwZHAiLCJtYWMiOiI5M2ZmY2I5ZTBkNGYwZGU3NTZiZTM0ODcxZGQ1MTUzMGUxZjkyZjNkNzlkNGI2OWU5YWNmOWJlNWI0OGYzYTZjIiwidGFnIjoiIn0%3D; expires=Sun, 28-May-2023 19:13:37 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1VmW1hht8Lyd2%2BIQ2xx6I0Cp7irFavIi%2FctEN6d9ZNEY9dJK2PWk8zumHLvkOHKpj0N7176hAiZWMms4oZj6%2FmRe9N8kfAAUcnbDBIbViMKKsoT0W%2BTNZZ1ODyZGV4sU9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce82115cae51c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneHMUjzk3vFVrjZiDO-EZFiE7Gx2CaUSBlIWhVgf-B2BKYPi3OJcJTkspkxvvMRZZ4JODwOY_w
302 Found 0 B URL GET HTTP/2 accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneHMUjzk3vFVrjZiDO-EZFiE7Gx2CaUSBlIWhVgf-B2BKYPi3OJcJTkspkxvvMRZZ4JODwOY_w
IP
Requested by https://upfilesurls.com/A62O
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint6C:C9:34:01:32:00:11:F3:7A:E2:AA:FC:7C:E3:13:17:3D:17:71:8A
ValidityMon, 08 May 2023 08:25:19 GMT - Mon, 31 Jul 2023 08:25:18 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneHMUjzk3vFVrjZiDO-EZFiE7Gx2CaUSBlIWhVgf-B2BKYPi3OJcJTkspkxvvMRZZ4JODwOY_w HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:ULFIbAvfxiUIklgbq9EBfPPUzrzEPA:kg0vOEAdrlIISLJv;Path=/;Expires=Tue, 27-May-2025 17:13:39 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 28 May 2023 17:13:39 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1828396043%3A1685294019256795&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneE4QKmpzvulb1TwEcbJxdOJlVgOJDA95wEH5bGddfE9XqwjSe0oF9lLr2vbGQ8PK362bGYP&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-xDvviwHorg9xcK7_fV47Fw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 399
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
gforanythingamgl.info/popunder.gif
200 OK 35 B URL GET HTTP/3 gforanythingamgl.info/popunder.gif
IP
Requested by https://upfilesurls.com/A62O
Certificate IssuerGoogle Trust Services LLC
Subjectgforanythingamgl.info
Fingerprint5E:50:F4:C2:4F:D9:85:4E:40:F6:9A:2E:AC:04:DE:C2:79:BB:A8:74
ValidityFri, 05 May 2023 13:46:21 GMT - Thu, 03 Aug 2023 13:46:20 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Analyzer Verdict Alert quad9 Sinkholed
GET /popunder.gif HTTP/1.1
Host: gforanythingamgl.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 28 May 2023 17:13:39 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 580157
last-modified: Mon, 22 May 2023 00:04:22 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6KYbkyQjbctow6XoffJC7LAN47i1M5KCyg5BzHNZaTvpeeKQRXpeuTFtpqMWGwa2MPXdecbwNZ4m2%2Fotf6Xj32HIbcvrW9NCoZbrIfQL8vGDmvAwFZSp7kelOy2jAqegxaR2NJzCELA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce82125fc2eb51e-OSL
alt-svc: h3=":443"; ma=86400
pogothere.xyz/
200 OK 27 B IP
Requested by https://upfilesurls.com/A62O
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 06053d3387fc1495df2d83f7e4b84e76
650056777759f43e34a8cebf5b34b5ce30367a47
50544f17f35abc130426432984ffbd8dcb3be6a044856a441f5d486cf2dc2a38
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 17:13:38 GMT
content-type: text/plain
set-cookie: csu=1569635527432928@1@1685294018; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://upfilesurls.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I3ZqOvgT1p8JbeBgDVcCFPixb8MSB%2FAaUSbi7J24l33qw1JYXd2qAZji%2B37kxfeEQOWlzsD43yGnU5x79xlQIiqVx2ej3thyRdlWK7xiye2%2B2%2BLcN7ko1kDSipxOd%2BvL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce82121d9ad751d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/
200 OK 26 B IP
Requested by https://upfilesurls.com/A62O
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 9b6be0ad4914d22ed002162f52924339
12b9a246f3143078e4224bc55e49ba4ed7a3e9e9
4968b0ba8f9812d8e48726109d543b7598affd2b1773aaf04804ee922c8a263c
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 17:13:38 GMT
content-type: text/plain
set-cookie: csu=479326252322329@1@1685294018; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://upfilesurls.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=al2CxkmZUkkHR9Q4fz%2FIoqopFDle%2FzrGDRuXwfmuGzSruNecbgrW6bXoZvbgRNeaw5r7D0rjPUc0R0fZTV%2BpPytybXmpcRcJBPhJM6URKCMe%2FmxnYeLVov8o3OiXwGer"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce82121d9b7751d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-197252557-1
200 OK 120 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=UA-197252557-1
IP
Requested by https://upfilesurls.com/A62O
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintEB:A2:AF:B3:20:F1:B1:77:23:0B:85:D2:B1:16:33:A7:97:49:EE:51
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT
File type ASCII text, with very long lines (2271)
Size 120 kB (120537 bytes)
Hash 78998627591042fcdc4e16e0ca8a0598
73f8e138f8141b6293993b5b763a0930a464fe8e
9f1ce13873e8796e44864288afc129278b25499c65a1839b11416759b2754b1f
GET /gtag/js?id=UA-197252557-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 28 May 2023 17:13:37 GMT
expires: Sun, 28 May 2023 17:13:37 GMT
cache-control: private, max-age=900
last-modified: Sun, 28 May 2023 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46899
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
200 OK 102 kB IP
Requested by https://upfilesurls.com/A62O
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
Size 102 kB (102400 bytes)
Hash 4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 17:13:38 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://upfilesurls.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 5814
last-modified: Sun, 28 May 2023 15:36:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PgOh67OxshGYkEPELPSrIbQ5dKL%2F4X2rCFQIyWxakfQXU%2Bo0ALDl%2F16CPWCQbsnWjOp3huSF%2FvKLu274fIYB8HXtIiTapGtEMHYe0a4onQaZ9XWBiVUwtMa1XeMxU%2B1t"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce82121d9b4751d-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
upfilesurls.com/images/arrow-down.png?c98e5283a69cb508d054d30256af43c6
200 OK 208 B URL GET HTTP/2 upfilesurls.com/images/arrow-down.png?c98e5283a69cb508d054d30256af43c6
IP
Requested by https://upfilesurls.com/A62O
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
File type PNG image data, 6 x 12, 8-bit/color RGBA, non-interlaced\012- data
Hash 31f073499665afb237f3294219d2d7c6
c1ada0510e31f661dab66203c15a3d6c8f5468d0
59b7ad6d6f457b624e25d22959edc7c83af2ac52edba32fd6648c97af0d1780c
Analyzer Verdict Alert fortinet Malware
GET /images/arrow-down.png?c98e5283a69cb508d054d30256af43c6 HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/css/frontend.css?id=2396ffb76e738e465b53
Cookie: auth=eyJpdiI6IjV4T3hvTEszbTNLVndWekJFM3F6N3c9PSIsInZhbHVlIjoiUVBHNGZpRXQxUnpUWVVHZTlQcDdyUT09IiwibWFjIjoiN2FlZmI0ZGM1MDkzOWJkYmYwYmEzOGFiMzhmNWI1NjlmMTc0ZjE3NDI3ZTU3MDRiNTE3ZmEzM2E4YzgxNzAwZSIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6ImRUcUEvWWNCaTN6NUtYZHpOQkZ5elE9PSIsInZhbHVlIjoiS0ptWXZVZ3dzbzlBYk1PQ3o4RUpaRVI0RFh1bXp3bWNrQ1RtYmlHTzg3ck1lcURSUzFIbmw5MUptS1lyc1pDYnFaOXIydU0vQXZUQmJ5QlU5c3g2U2NmOW9naVpFUEZGZUt1ajEyb1dkakZ3ZDZRak5zUkdzSitPbU9nODdueHQiLCJtYWMiOiIwYTA4ZjVlYjU4NWRiMGZhODUzY2I5MTIwM2IzM2JhOTE1ODYxNWVmZThiMGRlM2M4MmYwMTRiZjI2YTVlMGE0IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6Ik1NMi9PMUJRek1PcDZNNVBvUEZER0E9PSIsInZhbHVlIjoiV1g1UFdWa0tqMngwNHE3Mmp0V2F2Q09PM3lTaTBvcWduT0VyTThzMElFZVIzQnN4amtsVmdQN0FQd0MrbVduc25Vb2JrRG5zQXVKWE81cmJhdjFYdkRnUzVGWWlsNmkwRzZ2QUxPVCtKejlURUxvMTV3QUhsOExVdWNSeHNwZHAiLCJtYWMiOiI5M2ZmY2I5ZTBkNGYwZGU3NTZiZTM0ODcxZGQ1MTUzMGUxZjkyZjNkNzlkNGI2OWU5YWNmOWJlNWI0OGYzYTZjIiwidGFnIjoiIn0%3D; ab=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 17:13:37 GMT
content-type: image/png
content-length: 208
last-modified: Fri, 08 Apr 2022 10:55:45 GMT
etag: "625014b1-d0"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 349235
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a9ZuJ%2BWYvg%2BBYle5y5pBeiOSjjEPKWfW%2FEHBIP0TJ%2BbzmH9Q1i%2F26qYCGvCGaTodP7GyjaXj%2FapAbV4L%2FfP2Bl7%2F14LidhKp1tnRrn225eASxCSyLvK7ATwVPPNZSsiB1A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce8211c5ca51c06-OSL
X-Firefox-Spdy: h2
adthereissome.info/aFZIek4JNCsXcQlrKlw7Gjp1X3wuc3o8KlluIx18Ei9xAn0cb35ULQQ5PR4oGjkmDmAGMzxffC48GkkfWwAPMyUvZyMDFjwbLC98BDQrPzkvDx48JiA9GU0KLDICLyYxDwQ5Hy8eICMIKgFwTA8SG3A/HSkPAUolIDUvTiMvOgoKHCsfKSwJBAIRKBg8GCRDND09BREKOy4CLjRQDgQ4fykZMCs+LRQNEg9bORItDVwaAwImPzUeOww5BCQRHFsADTI3EAIsFgstECMefzoQO0MKLB8FPyMyBRhKOSoVeSg0PQcZLRxbAA0oHSIeLD4bLwwODj46FGVPNj0eKy4bAjUCMQgtEA0WDFsEGR4lPWUsPAsFDBszHFkQBSsfBxIKMCMiHhI8DAYmGyMfLR0SK2gCJScUPlUzCgAlOGcCDgwZDiYbOiA
200 OK 3.0 kB URL GET HTTP/2 adthereissome.info/aFZIek4JNCsXcQlrKlw7Gjp1X3wuc3o8KlluIx18Ei9xAn0cb35ULQQ5PR4oGjkmDmAGMzxffC48GkkfWwAPMyUvZyMDFjwbLC98BDQrPzkvDx48JiA9GU0KLDICLyYxDwQ5Hy8eICMIKgFwTA8SG3A/HSkPAUolIDUvTiMvOgoKHCsfKSwJBAIRKBg8GCRDND09BREKOy4CLjRQDgQ4fykZMCs+LRQNEg9bORItDVwaAwImPzUeOww5BCQRHFsADTI3EAIsFgstECMefzoQO0MKLB8FPyMyBRhKOSoVeSg0PQcZLRxbAA0oHSIeLD4bLwwODj46FGVPNj0eKy4bAjUCMQgtEA0WDFsEGR4lPWUsPAsFDBszHFkQBSsfBxIKMCMiHhI8DAYmGyMfLR0SK2gCJScUPlUzCgAlOGcCDgwZDiYbOiA
IP
Requested by https://upfilesurls.com/A62O
Certificate IssuerAmazon
Subjectadthereissome.info
Fingerprint21:40:7C:A8:E9:22:33:8E:6F:E6:0A:C2:79:2F:18:FD:76:73:C9:7E
ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 02 Jun 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3054), with no line terminators
Hash 50b44f8e794db757e7d1d6e0a30b0124
c475ab376903cecc0cfd9624b80d614a1be99753
3ed9ff90305e546ca8ef263fc050a49738ff92b0c09577d4c3292eced1b7efef
GET /aFZIek4JNCsXcQlrKlw7Gjp1X3wuc3o8KlluIx18Ei9xAn0cb35ULQQ5PR4oGjkmDmAGMzxffC48GkkfWwAPMyUvZyMDFjwbLC98BDQrPzkvDx48JiA9GU0KLDICLyYxDwQ5Hy8eICMIKgFwTA8SG3A/HSkPAUolIDUvTiMvOgoKHCsfKSwJBAIRKBg8GCRDND09BREKOy4CLjRQDgQ4fykZMCs+LRQNEg9bORItDVwaAwImPzUeOww5BCQRHFsADTI3EAIsFgstECMefzoQO0MKLB8FPyMyBRhKOSoVeSg0PQcZLRxbAA0oHSIeLD4bLwwODj46FGVPNj0eKy4bAjUCMQgtEA0WDFsEGR4lPWUsPAsFDBszHFkQBSsfBxIKMCMiHhI8DAYmGyMfLR0SK2gCJScUPlUzCgAlOGcCDgwZDiYbOiA HTTP/1.1
Host: adthereissome.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1181
date: Sun, 28 May 2023 17:13:37 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 5c2d36b0430d7877f1609d99fe01caa8.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: ZjMIirccQ-DjdHs9YTS8Iktn1CcbdC4uKwOoTnRu0vcwCbYrIjZ-vw==
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
200 OK 102 kB IP
Requested by https://upfilesurls.com/A62O
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
Size 102 kB (102400 bytes)
Hash 4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 17:13:38 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://upfilesurls.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 5814
last-modified: Sun, 28 May 2023 15:36:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XqlypKrAIjm2JutYG97PtSZRrMEmD66BmUJaV63TWCLn%2FoOcrmoB67lSQvtx6SWZpSbNjCPiwDIy03jPyyzEu8Xde27mzlKInUuQeal6YK3g2hY6WBIL4F%2BAj3ZRqUlB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce82121e9c7751d-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneGYCuanTwVlQaXLSojE9E9NFm6hPxkU6QyLbPLOA7BToJShh33rKO78TLUV4SoBThjxM4aGpg
302 Found 0 B URL GET HTTP/2 accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneGYCuanTwVlQaXLSojE9E9NFm6hPxkU6QyLbPLOA7BToJShh33rKO78TLUV4SoBThjxM4aGpg
IP
Requested by https://upfilesurls.com/A62O
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint6C:C9:34:01:32:00:11:F3:7A:E2:AA:FC:7C:E3:13:17:3D:17:71:8A
ValidityMon, 08 May 2023 08:25:19 GMT - Mon, 31 Jul 2023 08:25:18 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneGYCuanTwVlQaXLSojE9E9NFm6hPxkU6QyLbPLOA7BToJShh33rKO78TLUV4SoBThjxM4aGpg HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:5m9ghUGACtg0MzVryZSldxNxyOAZjw:ZUUjw4blCmYssxnO;Path=/;Expires=Tue, 27-May-2025 17:13:39 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 28 May 2023 17:13:39 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-234449162%3A1685294019227998&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFuo9c9JYIRlsp-f9iizb4enpz2OP8iC8GF1_D6QYa3tcjc73m_8vRXHnjMy2UHMqnXHPha&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: script-src 'nonce-Hyyrm1GH9V7gbcreJOPfyw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 391
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
172.67.71.90
142.91.159.188
188.114.97.1
104.18.14.101
0.0.0.0