upfilesurls.com/img/faqs-image.svg
104.26.9.138 14 kB URL upfilesurls.com/img/faqs-image.svg
IP 104.26.9.138:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (4190)
Hash a60b7216905928c625ae9592044476cd
e70c5be728c7bd1198100337487aafe126834ca3
9a717285429d468fadc4d25179fc6feb49e6335f3af1675fb6be1cb50e7e8322
Analyzer Verdict Alert fortinet Malware
GET /img/faqs-image.svg HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/Eirf
Cookie: auth=eyJpdiI6IjUyQjUyT0p5TDhXVllOYitKeFNDd2c9PSIsInZhbHVlIjoiRjNteDBwendHazBzb3Vma0tNYjR1dz09IiwibWFjIjoiZmJhY2VlYTlkZjRkZDlhNzkzMmZiMzYwMjU4YzhhNTk1ZjdkMmRkMjQzZGNkOTc2ODRmM2FjODFlMmRmODlmNSIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6IkxSOFBwQmFaZU04UzV1UXJnMTR0anc9PSIsInZhbHVlIjoiRXFDcjhrWTlUcVE5QnJqVWNjRUVHcklORFZtd013NXE1RjhEaW1aRzZ6MGYyTVBVVitvRUxMSHdlN1ZFN3VSRm5uczUxTDZjakNzRDVmcWoxNmkyUUdGNFl2Yk1xVXBGZUcyblZWdWVzTzVldmsxcExxOGR2K3B2T0YvY1hFR0ciLCJtYWMiOiI3NWY3NTA5MGU2NmM4N2U5MjBiYzkyOWNkMDliNTJlOTU4YmRkOWNmZWMwMjg2ZGJiOTNlODk4ZjY2YmIzYzZmIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6IlhpdTRzMnhzMENPRzRrcWV2VjJHUlE9PSIsInZhbHVlIjoiSVJrcm5NazA5SnFZTis2QXg4SS9naUtKTEZzamJiei9Tbk9sQ3dHODNodThNMEwycjh6c2hhVFNZem5nRTBZMEIyVkFybTNuZDE3ODBjTGdDWjdiZFdONkRVcGx4dXVLZkd1alovRFdRUVp0T2YxRFZsTEFzYU0zWVNDYjI1SVMiLCJtYWMiOiJhNmY0NTU2OTZiYTNiMzBhYjcwOTQwZTFkNTBmMzIyY2YyM2QzY2QzNTExMTU0MjE5OWI5MWE3NmZkYTJkZDBkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 28 May 2023 16:59:31 GMT
content-type: image/svg+xml
last-modified: Fri, 13 Jan 2023 13:29:35 GMT
vary: Accept-Encoding
etag: W/"63c15cbf-95fb"
cache-control: max-age=2592000
cf-cache-status: HIT
age: 348392
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6EvTJIpD0MbFpY7tzbiTLaoC8MO8EzXZLN%2FQl0AH4y617F3IqR43T6T2PNJDakE0JHq%2BpQchRFnb8r7lDJXpjzo7LiYQKPHbVrLk5croXdOFLd9SxIuugvJxlBcWfLfgJA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce80c747b87b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-197252557-1
142.250.74.40 47 kB URL www.googletagmanager.com/gtag/js?id=UA-197252557-1
IP 142.250.74.40:0
File type ASCII text, with very long lines (2271)
Hash 78998627591042fcdc4e16e0ca8a0598
73f8e138f8141b6293993b5b763a0930a464fe8e
9f1ce13873e8796e44864288afc129278b25499c65a1839b11416759b2754b1f
GET /gtag/js?id=UA-197252557-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 28 May 2023 16:59:32 GMT
expires: Sun, 28 May 2023 16:59:32 GMT
cache-control: private, max-age=900
last-modified: Sun, 28 May 2023 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46899
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 4195d3f97e59fc4f34d523d0195d8d0b
244cd9dd441c530c8e03405819eb759e95f25cb0
1fc6101023c68883ddf2cb7eb133e96a3e3cf96d7657223e38621f9fc9a7653d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 28 May 2023 16:59:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 7dab4959b73106e9c3e554438411e252
3c67accef8029c644b263f937e528312a5587c51
eba66315abb8b400c8bd317cae435da5feba7d4d676706a2befa511ebd98413a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 28 May 2023 16:59:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cschyogh.com/1clkn/34742
172.255.6.58 26 B IP 172.255.6.58:0
File type ASCII text, with no line terminators
Hash 9082dc37e5e8046929da411544ad071a
41e0e3963ed94e59e8a2f115994c382712411537
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
GET /1clkn/34742 HTTP/1.1
Host: cschyogh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 28 May 2023 16:59:32 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Set-Cookie: GL_UI4=eJw9jU1Sg0AQhSH8RQ1oV3EAj8AQMcnSTVbegZphGhwD06lmQuLtHa3S3fteffVeEASr8hHCJY0husgGnl8aXe97Ve31tsZq34vda9UoIbp6u1PycIA7M7dOqhFdDOt5kuxat8SwGdAim67tSGMOT976a06WrjaGRLG0Oodk8saYQ6aYrjNyGUFs5YSQHQ1jTzdvyE9iiIQQPhvrc1jBiuYyKu4heTf2cis2aVAUaQAP51G6nnhqjfaYDCw1QvgG6046HIi%2FINM4nxydAWjU7b%2F%2Fe5qMP2uQalxM55HcB%2FI3ouZOdQ%3D%3D; expires=Mon, 29-May-2023 16:59:32 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJw9i8sKwjAURGuUYNVWBvwAf8D6QBdu1aXUhbgOtd6WYM0tTXzUr%2FcFruYwc8bzPDEIIXSJ3nIaLSfRfBZNF3M0c2KIeIdeylfjqlqZ5EKQMVf3pIasKNdsAnR%2FoFI%2BETrxbnQwZ8N38x8%2BtwCtVLs6gP%2BJrxu20dS2RLgq9GO45%2BLq3raFb8gpWxKd4K%2BTY0HjzX6L8N9%2Bz7KBtraqrPhRv7nv9IWebEhxlllyUqBxk%2BIFsdRBIw%3D%3D; expires=Mon, 29-May-2023 16:59:32 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 4195d3f97e59fc4f34d523d0195d8d0b
244cd9dd441c530c8e03405819eb759e95f25cb0
1fc6101023c68883ddf2cb7eb133e96a3e3cf96d7657223e38621f9fc9a7653d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 28 May 2023 16:59:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d18kg2zy9x3t96.cloudfront.net/?yzgkd=978153
54.230.245.90 116 kB URL d18kg2zy9x3t96.cloudfront.net/?yzgkd=978153
IP 54.230.245.90:0
File type Unicode text, UTF-8 text, with very long lines (15948)
Size 116 kB (115486 bytes)
Hash ed337ae6922a02f519634ca78ab41c6b
5aa1441a86242eb1b214f8e9348481865f8ee85b
a76db0c8abbba4287f5c2042b818f404836911846c4e70f1b550f2f7ff1a1604
GET /?yzgkd=978153 HTTP/1.1
Host: d18kg2zy9x3t96.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 115486
date: Sun, 28 May 2023 16:59:32 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rGmnL_4F5NYCqmVj5Umoco916uN-QcbLEwTUZ3RtyXy6IBrEPr4h2A==
X-Firefox-Spdy: h2
upfilesurls.com/css/frontend.css?id=2396ffb76e738e465b53
104.26.9.138 50 kB URL upfilesurls.com/css/frontend.css?id=2396ffb76e738e465b53
IP 104.26.9.138:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash cf7148de68c4ff76f21e2200b67fd8c4
ace4770fa2d643e676bccca417f7880c8a6565dd
e51161fcc5b2c4b90c3381e517152eb275d52a6c288954e502479d7421386240
GET /css/frontend.css?id=2396ffb76e738e465b53 HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/Eirf
Cookie: auth=eyJpdiI6IjUyQjUyT0p5TDhXVllOYitKeFNDd2c9PSIsInZhbHVlIjoiRjNteDBwendHazBzb3Vma0tNYjR1dz09IiwibWFjIjoiZmJhY2VlYTlkZjRkZDlhNzkzMmZiMzYwMjU4YzhhNTk1ZjdkMmRkMjQzZGNkOTc2ODRmM2FjODFlMmRmODlmNSIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6IkxSOFBwQmFaZU04UzV1UXJnMTR0anc9PSIsInZhbHVlIjoiRXFDcjhrWTlUcVE5QnJqVWNjRUVHcklORFZtd013NXE1RjhEaW1aRzZ6MGYyTVBVVitvRUxMSHdlN1ZFN3VSRm5uczUxTDZjakNzRDVmcWoxNmkyUUdGNFl2Yk1xVXBGZUcyblZWdWVzTzVldmsxcExxOGR2K3B2T0YvY1hFR0ciLCJtYWMiOiI3NWY3NTA5MGU2NmM4N2U5MjBiYzkyOWNkMDliNTJlOTU4YmRkOWNmZWMwMjg2ZGJiOTNlODk4ZjY2YmIzYzZmIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6IlhpdTRzMnhzMENPRzRrcWV2VjJHUlE9PSIsInZhbHVlIjoiSVJrcm5NazA5SnFZTis2QXg4SS9naUtKTEZzamJiei9Tbk9sQ3dHODNodThNMEwycjh6c2hhVFNZem5nRTBZMEIyVkFybTNuZDE3ODBjTGdDWjdiZFdONkRVcGx4dXVLZkd1alovRFdRUVp0T2YxRFZsTEFzYU0zWVNDYjI1SVMiLCJtYWMiOiJhNmY0NTU2OTZiYTNiMzBhYjcwOTQwZTFkNTBmMzIyY2YyM2QzY2QzNTExMTU0MjE5OWI5MWE3NmZkYTJkZDBkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 28 May 2023 16:59:31 GMT
content-type: text/css
cf-bgj: minify
etag: W/"63a354a4-3f918"
last-modified: Wed, 21 Dec 2022 18:47:00 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cache-control: max-age=14400
cf-cache-status: HIT
age: 13309593
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xQHo%2BRk1k9aN2Y1K%2B9JudPJki63Nd6j4E%2BLli%2F2BlsffO%2FzjC1VoyG66Pk4weLUfNjv7xkltY1dFiZc8Q3Q8qqCYcrczWtFCUjXVEx6tJhe%2BwwUKcFVOTJPTsy6obS3XOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce80c746b63b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
216.58.207.227200 OK 38 kB URL GET HTTP/2 fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP 216.58.207.227:443
Requested by https://upfilesurls.com/Eirf
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 37924, version 1.0\012- data
Hash e08be6d5d433944f7ad52902e4d24db5
e2600c1d60d12d397b3ee44411a021231d71e974
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
GET /s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 37924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 May 2023 03:18:14 GMT
expires: Sun, 26 May 2024 03:18:14 GMT
cache-control: public, max-age=31536000
age: 135678
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
216.58.207.227200 OK 38 kB URL GET HTTP/2 fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP 216.58.207.227:443
Requested by https://upfilesurls.com/Eirf
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 37924, version 1.0\012- data
Hash e08be6d5d433944f7ad52902e4d24db5
e2600c1d60d12d397b3ee44411a021231d71e974
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
GET /s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 37924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 May 2023 03:18:14 GMT
expires: Sun, 26 May 2024 03:18:14 GMT
cache-control: public, max-age=31536000
age: 135678
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227 16 kB URL fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:0
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 May 2023 03:11:48 GMT
expires: Sun, 26 May 2024 03:11:48 GMT
cache-control: public, max-age=31536000
age: 136064
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:443
Requested by https://upfilesurls.com/Eirf
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 May 2023 07:44:41 GMT
expires: Sun, 26 May 2024 07:44:41 GMT
cache-control: public, max-age=31536000
age: 119691
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash bb63f1caaf551e76a88f326c8db516ce
513533cccfb522767abf37082518f766adc3c070
cfe2e32528181d9ff75d3946d789811d6d2c71e153c39aa72c0a586b922ebeb7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 28 May 2023 16:59:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
upfilesurls.com/images/arrow-down.png?c98e5283a69cb508d054d30256af43c6
104.26.9.138 208 B URL upfilesurls.com/images/arrow-down.png?c98e5283a69cb508d054d30256af43c6
IP 104.26.9.138:0
File type PNG image data, 6 x 12, 8-bit/color RGBA, non-interlaced\012- data
Hash 31f073499665afb237f3294219d2d7c6
c1ada0510e31f661dab66203c15a3d6c8f5468d0
59b7ad6d6f457b624e25d22959edc7c83af2ac52edba32fd6648c97af0d1780c
Analyzer Verdict Alert fortinet Malware
GET /images/arrow-down.png?c98e5283a69cb508d054d30256af43c6 HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/css/frontend.css?id=2396ffb76e738e465b53
Cookie: auth=eyJpdiI6IjUyQjUyT0p5TDhXVllOYitKeFNDd2c9PSIsInZhbHVlIjoiRjNteDBwendHazBzb3Vma0tNYjR1dz09IiwibWFjIjoiZmJhY2VlYTlkZjRkZDlhNzkzMmZiMzYwMjU4YzhhNTk1ZjdkMmRkMjQzZGNkOTc2ODRmM2FjODFlMmRmODlmNSIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6IkxSOFBwQmFaZU04UzV1UXJnMTR0anc9PSIsInZhbHVlIjoiRXFDcjhrWTlUcVE5QnJqVWNjRUVHcklORFZtd013NXE1RjhEaW1aRzZ6MGYyTVBVVitvRUxMSHdlN1ZFN3VSRm5uczUxTDZjakNzRDVmcWoxNmkyUUdGNFl2Yk1xVXBGZUcyblZWdWVzTzVldmsxcExxOGR2K3B2T0YvY1hFR0ciLCJtYWMiOiI3NWY3NTA5MGU2NmM4N2U5MjBiYzkyOWNkMDliNTJlOTU4YmRkOWNmZWMwMjg2ZGJiOTNlODk4ZjY2YmIzYzZmIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6IlhpdTRzMnhzMENPRzRrcWV2VjJHUlE9PSIsInZhbHVlIjoiSVJrcm5NazA5SnFZTis2QXg4SS9naUtKTEZzamJiei9Tbk9sQ3dHODNodThNMEwycjh6c2hhVFNZem5nRTBZMEIyVkFybTNuZDE3ODBjTGdDWjdiZFdONkRVcGx4dXVLZkd1alovRFdRUVp0T2YxRFZsTEFzYU0zWVNDYjI1SVMiLCJtYWMiOiJhNmY0NTU2OTZiYTNiMzBhYjcwOTQwZTFkNTBmMzIyY2YyM2QzY2QzNTExMTU0MjE5OWI5MWE3NmZkYTJkZDBkIiwidGFnIjoiIn0%3D; ab=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 28 May 2023 16:59:32 GMT
content-type: image/png
content-length: 208
last-modified: Fri, 08 Apr 2022 10:55:45 GMT
etag: "625014b1-d0"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 348390
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DuMmOUSLXDNHapxSPGdiDdHuVEs2RMxuKhHYWoY909zHTLGUwCxAyPtTM4h0d2984zn5GRksDssEcnauJiRQlHxTOlYFRfhi72iSRuUN49RoedVLiNBYtaPuM8TDrjxnOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce80c783a3eb517-OSL
X-Firefox-Spdy: h2
fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
216.58.207.227200 OK 38 kB URL GET HTTP/2 fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP 216.58.207.227:443
Requested by https://upfilesurls.com/Eirf
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 37924, version 1.0\012- data
Hash e08be6d5d433944f7ad52902e4d24db5
e2600c1d60d12d397b3ee44411a021231d71e974
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
GET /s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 37924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 May 2023 03:18:14 GMT
expires: Sun, 26 May 2024 03:18:14 GMT
cache-control: public, max-age=31536000
age: 135678
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:443
Requested by https://upfilesurls.com/Eirf
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 21:39:40 GMT
expires: Wed, 22 May 2024 21:39:40 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 415192
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adthereissome.info/Qzg3WG4iWlQ1USIFVX4bMVQKfVwFHQUeCnIAXD9cOUEOIF03AQF2DS9XQjwIMVdZLEAtXUN9XAUOVg4ocFt/HSUTUFwPOisIAx1ecnFiDzgLaVwCPgxPZj4mO1REHzwWCXwwJwFzZjsmBHtyay0CdgQZGSxuYR8oEXB1GSYNU0cPKAJbTgsFBWB0HDsVbGIOPgl6bRYmAmFFEAY0XHQQPAV2XAomGm59Gz8WfUcKBQVtYDAgEGlcHSgMelweLRZAXQoZK3JvL1sBanEKDwYJfRs/EUtZDQUOT2AfKAxgXB4vJ31hGSgkT04QLHptYCAKBWlyGjQabRoCLxJ9TzI8O2FuHxQSan8vAg5hTR4sEn5ffVwFagYBKxV/dn4EMFdZKFMtXXMbLTVhQTYnFX9OMg
65.9.55.94 1.2 kB URL adthereissome.info/Qzg3WG4iWlQ1USIFVX4bMVQKfVwFHQUeCnIAXD9cOUEOIF03AQF2DS9XQjwIMVdZLEAtXUN9XAUOVg4ocFt/HSUTUFwPOisIAx1ecnFiDzgLaVwCPgxPZj4mO1REHzwWCXwwJwFzZjsmBHtyay0CdgQZGSxuYR8oEXB1GSYNU0cPKAJbTgsFBWB0HDsVbGIOPgl6bRYmAmFFEAY0XHQQPAV2XAomGm59Gz8WfUcKBQVtYDAgEGlcHSgMelweLRZAXQoZK3JvL1sBanEKDwYJfRs/EUtZDQUOT2AfKAxgXB4vJ31hGSgkT04QLHptYCAKBWlyGjQabRoCLxJ9TzI8O2FuHxQSan8vAg5hTR4sEn5ffVwFagYBKxV/dn4EMFdZKFMtXXMbLTVhQTYnFX9OMg
IP 65.9.55.94:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3004), with no line terminators
Hash 12445dd7aebf31735dbaf1bd4c4e8566
4aa175d0a769ed19d7548607f65871952eba8f7b
37c0cb21ce938ad640f8e7fa710dd5ba37bf337d4fb59727f701602d7ce03532
GET /Qzg3WG4iWlQ1USIFVX4bMVQKfVwFHQUeCnIAXD9cOUEOIF03AQF2DS9XQjwIMVdZLEAtXUN9XAUOVg4ocFt/HSUTUFwPOisIAx1ecnFiDzgLaVwCPgxPZj4mO1REHzwWCXwwJwFzZjsmBHtyay0CdgQZGSxuYR8oEXB1GSYNU0cPKAJbTgsFBWB0HDsVbGIOPgl6bRYmAmFFEAY0XHQQPAV2XAomGm59Gz8WfUcKBQVtYDAgEGlcHSgMelweLRZAXQoZK3JvL1sBanEKDwYJfRs/EUtZDQUOT2AfKAxgXB4vJ31hGSgkT04QLHptYCAKBWlyGjQabRoCLxJ9TzI8O2FuHxQSan8vAg5hTR4sEn5ffVwFagYBKxV/dn4EMFdZKFMtXXMbLTVhQTYnFX9OMg HTTP/1.1
Host: adthereissome.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1162
date: Sun, 28 May 2023 16:59:32 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 2f7792bdc67f7953e2dce93aea1bb9ee.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: JDy7dprZSnomf8jkzvANoXY9hy1A76IlZnxY3qQx4TuiMCJWCNVIDQ==
X-Firefox-Spdy: h2
adthereissome.info/OFRraEtZNggFdFlpCU4+SjhWTXl+cVkuLwlsAA95Qi1SEHhMbV1GKFQ7HgwtSjsFHGVWMR9NeX5tOlp6czY8ISx5PTokE2w3LiQnejYPLicADFoyJ3ouACsPfBo6JzIMHSgAe1IXDA8CcT0fDgBPM1Ike0sDJDknCww+OT18FzojEwoBIiIKDTIIAzhKFzoqbgoWPD88YhECHwxcLD4iBV8NAS8sCGUqEX50EhIiGnIjIjEAXxEGLA5cLCBbcnwBBjItXT8+CShULB0wIno5M1skehcSWBJ1PwM5KEACEj8xCWU8P3JdHSwyLV08Uz0RVGAnMA1yYjpbZkgROVsNXBg6DwlzFSEeE0EGEzATTDA+BgFcMVsAGlsjGAIDTzcHKSFyHT4pHVsxWhAGW2QYTXl+AS0lbVInBAY7BSUoAgJIPQwCAHc1WSEAaDE
65.9.55.94200 OK 1.2 kB URL GET HTTP/2 adthereissome.info/OFRraEtZNggFdFlpCU4+SjhWTXl+cVkuLwlsAA95Qi1SEHhMbV1GKFQ7HgwtSjsFHGVWMR9NeX5tOlp6czY8ISx5PTokE2w3LiQnejYPLicADFoyJ3ouACsPfBo6JzIMHSgAe1IXDA8CcT0fDgBPM1Ike0sDJDknCww+OT18FzojEwoBIiIKDTIIAzhKFzoqbgoWPD88YhECHwxcLD4iBV8NAS8sCGUqEX50EhIiGnIjIjEAXxEGLA5cLCBbcnwBBjItXT8+CShULB0wIno5M1skehcSWBJ1PwM5KEACEj8xCWU8P3JdHSwyLV08Uz0RVGAnMA1yYjpbZkgROVsNXBg6DwlzFSEeE0EGEzATTDA+BgFcMVsAGlsjGAIDTzcHKSFyHT4pHVsxWhAGW2QYTXl+AS0lbVInBAY7BSUoAgJIPQwCAHc1WSEAaDE
IP 65.9.55.94:443
Requested by https://upfilesurls.com/Eirf
Certificate IssuerAmazon
Subjectadthereissome.info
Fingerprint21:40:7C:A8:E9:22:33:8E:6F:E6:0A:C2:79:2F:18:FD:76:73:C9:7E
ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 02 Jun 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3030), with no line terminators
Hash 388fb7350e7128b55c36751148a166b3
fed6b637dab7c4733034930f917bf2cad9a95da4
eddc7f5219c94dfde674dd0da8221e8ba75da9fca975345c67fae71a910ae3d9
GET /OFRraEtZNggFdFlpCU4+SjhWTXl+cVkuLwlsAA95Qi1SEHhMbV1GKFQ7HgwtSjsFHGVWMR9NeX5tOlp6czY8ISx5PTokE2w3LiQnejYPLicADFoyJ3ouACsPfBo6JzIMHSgAe1IXDA8CcT0fDgBPM1Ike0sDJDknCww+OT18FzojEwoBIiIKDTIIAzhKFzoqbgoWPD88YhECHwxcLD4iBV8NAS8sCGUqEX50EhIiGnIjIjEAXxEGLA5cLCBbcnwBBjItXT8+CShULB0wIno5M1skehcSWBJ1PwM5KEACEj8xCWU8P3JdHSwyLV08Uz0RVGAnMA1yYjpbZkgROVsNXBg6DwlzFSEeE0EGEzATTDA+BgFcMVsAGlsjGAIDTzcHKSFyHT4pHVsxWhAGW2QYTXl+AS0lbVInBAY7BSUoAgJIPQwCAHc1WSEAaDE HTTP/1.1
Host: adthereissome.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1183
date: Sun, 28 May 2023 16:59:32 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 2f7792bdc67f7953e2dce93aea1bb9ee.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: 2hzu8XSbEJQL5xMIuXwAYPBQpU6dolsCV0QjzV9B6NjKMvI4uuLizA==
X-Firefox-Spdy: h2
gforanythingamgl.info/M0lTTm8cdjA9UlAkNwogayUQG1x6AAAlJWItEggmYXgJeC5mcXU6Bld0anlXAnxgaB9aLW5/SUA9MjoaQHRiaAZdLzxzSUV0YmBcB2dgfEEBbyZzXhU9Iy8IDnh1PhtHJW5/WQt8YXdcAn5hfl8F
104.21.93.237204 No Content 0 B URL GET HTTP/2 gforanythingamgl.info/M0lTTm8cdjA9UlAkNwogayUQG1x6AAAlJWItEggmYXgJeC5mcXU6Bld0anlXAnxgaB9aLW5/SUA9MjoaQHRiaAZdLzxzSUV0YmBcB2dgfEEBbyZzXhU9Iy8IDnh1PhtHJW5/WQt8YXdcAn5hfl8F
IP 104.21.93.237:443
Requested by https://upfilesurls.com/Eirf
Certificate IssuerGoogle Trust Services LLC
Subjectgforanythingamgl.info
Fingerprint5E:50:F4:C2:4F:D9:85:4E:40:F6:9A:2E:AC:04:DE:C2:79:BB:A8:74
ValidityFri, 05 May 2023 13:46:21 GMT - Thu, 03 Aug 2023 13:46:20 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /M0lTTm8cdjA9UlAkNwogayUQG1x6AAAlJWItEggmYXgJeC5mcXU6Bld0anlXAnxgaB9aLW5/SUA9MjoaQHRiaAZdLzxzSUV0YmBcB2dgfEEBbyZzXhU9Iy8IDnh1PhtHJW5/WQt8YXdcAn5hfl8F HTTP/1.1
Host: gforanythingamgl.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Sun, 28 May 2023 16:59:32 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yUMaCevTaXQY38J%2F%2FwQu5SgaIyxh1Jr%2Fs3loNFMaWrVHkgUwneDfl8luoeD62%2BfBBlC9xe%2B2Jf1PFAd1GzuL8XECxt%2FXoxuVcPFcOOnEiqXEnzYn0WQ4%2F%2Bs5Eyy5P0DBRu3wOJ4FiR8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce80c7868c90b55-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
adthereissome.info/Q2pOeGEiCC0VXiJXLF4UMQZzXVMFT3w+BXJSJR9TORN3AFI3U3hWAi8FOxwHMQUgDE8tDzpdUwVYAy80Oz0jIjIABnZANhY/Ay42JwwMFFECCH8tOQdaB0kiBiwXHgl6PRYSMAIjIkE4BQcpDzdxDX0uOTQ5HQ8kDgslOgUBLHZBNjsJDyAbLwgPPS8SOikpLBY4LQ0nL14BPCIKJBw5VBomHxQpAFsYQCRyKBcgJRYJGTkNJyV+NSUKHRxINys4Fjk5Cg8PPjAWCx0pNBUdC0olclIfKzl6Pw8qUQkIChMpFjgcCCsBOBY5MiQ7CD47NAt/ISgQHWM+GxIdAC43KVIILwYsPy87IAc8HzoQFQ0MLiALUxs5MA0zBTkvGyklFERxLBgwBRYrCQwoAj8APTtyCWgSEiwEPkUuBlohKVA7UycLOClbFyoF
65.9.55.94 1.2 kB URL adthereissome.info/Q2pOeGEiCC0VXiJXLF4UMQZzXVMFT3w+BXJSJR9TORN3AFI3U3hWAi8FOxwHMQUgDE8tDzpdUwVYAy80Oz0jIjIABnZANhY/Ay42JwwMFFECCH8tOQdaB0kiBiwXHgl6PRYSMAIjIkE4BQcpDzdxDX0uOTQ5HQ8kDgslOgUBLHZBNjsJDyAbLwgPPS8SOikpLBY4LQ0nL14BPCIKJBw5VBomHxQpAFsYQCRyKBcgJRYJGTkNJyV+NSUKHRxINys4Fjk5Cg8PPjAWCx0pNBUdC0olclIfKzl6Pw8qUQkIChMpFjgcCCsBOBY5MiQ7CD47NAt/ISgQHWM+GxIdAC43KVIILwYsPy87IAc8HzoQFQ0MLiALUxs5MA0zBTkvGyklFERxLBgwBRYrCQwoAj8APTtyCWgSEiwEPkUuBlohKVA7UycLOClbFyoF
IP 65.9.55.94:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3030), with no line terminators
Hash 7012060ded5d99e5b454ed375f7a2860
45ec69b76445fd6efa50e8ebffcc59a7ebc56be4
5bf9e80dc646e51c448dba34dcb1d9f3ecf7132bef94b7f7f23c98f8d3d1c679
GET /Q2pOeGEiCC0VXiJXLF4UMQZzXVMFT3w+BXJSJR9TORN3AFI3U3hWAi8FOxwHMQUgDE8tDzpdUwVYAy80Oz0jIjIABnZANhY/Ay42JwwMFFECCH8tOQdaB0kiBiwXHgl6PRYSMAIjIkE4BQcpDzdxDX0uOTQ5HQ8kDgslOgUBLHZBNjsJDyAbLwgPPS8SOikpLBY4LQ0nL14BPCIKJBw5VBomHxQpAFsYQCRyKBcgJRYJGTkNJyV+NSUKHRxINys4Fjk5Cg8PPjAWCx0pNBUdC0olclIfKzl6Pw8qUQkIChMpFjgcCCsBOBY5MiQ7CD47NAt/ISgQHWM+GxIdAC43KVIILwYsPy87IAc8HzoQFQ0MLiALUxs5MA0zBTkvGyklFERxLBgwBRYrCQwoAj8APTtyCWgSEiwEPkUuBlohKVA7UycLOClbFyoF HTTP/1.1
Host: adthereissome.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1183
date: Sun, 28 May 2023 16:59:32 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 2f7792bdc67f7953e2dce93aea1bb9ee.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: 1EE-9nQxDOHxUCHK9m9hT6NYLsbhSMBe59QVbpXQ7ZzKKJEg4ZUb9Q==
X-Firefox-Spdy: h2
gforanythingamgl.info/Sm1ucnllUg0BRCkBICQveDslKC4IBjs3OyI0AyQaGyoaHyN7JEgGEC5QV0pNel9ZVAkjCVNDQWweGhMNPx5TQ18jAwgdRGwbU0NXekNcXEpsGFNDXz4dDxVEe0seBg0mUF9EQX9fV0FIfV9eRkw
104.21.93.237204 No Content 0 B URL GET HTTP/2 gforanythingamgl.info/Sm1ucnllUg0BRCkBICQveDslKC4IBjs3OyI0AyQaGyoaHyN7JEgGEC5QV0pNel9ZVAkjCVNDQWweGhMNPx5TQ18jAwgdRGwbU0NXekNcXEpsGFNDXz4dDxVEe0seBg0mUF9EQX9fV0FIfV9eRkw
IP 104.21.93.237:443
Requested by https://upfilesurls.com/Eirf
Certificate IssuerGoogle Trust Services LLC
Subjectgforanythingamgl.info
Fingerprint5E:50:F4:C2:4F:D9:85:4E:40:F6:9A:2E:AC:04:DE:C2:79:BB:A8:74
ValidityFri, 05 May 2023 13:46:21 GMT - Thu, 03 Aug 2023 13:46:20 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /Sm1ucnllUg0BRCkBICQveDslKC4IBjs3OyI0AyQaGyoaHyN7JEgGEC5QV0pNel9ZVAkjCVNDQWweGhMNPx5TQ18jAwgdRGwbU0NXekNcXEpsGFNDXz4dDxVEe0seBg0mUF9EQX9fV0FIfV9eRkw HTTP/1.1
Host: gforanythingamgl.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Sun, 28 May 2023 16:59:32 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tJDJnMQGmCixsQRC9oU%2Fxn7dS5n4wIUbzo2fhdKbTP%2BS1EZlTFCj4HfSbLbXCC5c8dF0AHjX7xd7IEMFgLHzdTHj9bWz8hYjpnXM4tFIQnO5MYUNOFBMnAMr53P9FXXNhAQ6HFArjQQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce80c7868ca0b55-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
gforanythingamgl.info/UWxpYjB+UwoRDQMGBSpROzYeIXgbDi1RYRgIWBV3NQtQGGcmWE8WWTVRUFUEZ15dREA4CFRTFiIYCBZFIlFYRFk/CgZfFidRWEwDZUJaUB5jShxfAXcYGQNXbF1PEkQlAFRTBmlZW1sDYFtbUgJp
104.21.93.237 0 B URL gforanythingamgl.info/UWxpYjB+UwoRDQMGBSpROzYeIXgbDi1RYRgIWBV3NQtQGGcmWE8WWTVRUFUEZ15dREA4CFRTFiIYCBZFIlFYRFk/CgZfFidRWEwDZUJaUB5jShxfAXcYGQNXbF1PEkQlAFRTBmlZW1sDYFtbUgJp
IP 104.21.93.237:0
Certificate IssuerGoogle Trust Services LLC
Subjectgforanythingamgl.info
Fingerprint5E:50:F4:C2:4F:D9:85:4E:40:F6:9A:2E:AC:04:DE:C2:79:BB:A8:74
ValidityFri, 05 May 2023 13:46:21 GMT - Thu, 03 Aug 2023 13:46:20 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /UWxpYjB+UwoRDQMGBSpROzYeIXgbDi1RYRgIWBV3NQtQGGcmWE8WWTVRUFUEZ15dREA4CFRTFiIYCBZFIlFYRFk/CgZfFidRWEwDZUJaUB5jShxfAXcYGQNXbF1PEkQlAFRTBmlZW1sDYFtbUgJp HTTP/1.1
Host: gforanythingamgl.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Sun, 28 May 2023 16:59:32 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8LeH7MsM0Fjg4HWG%2F9A%2B4MNRMrXLxIvTVeOeCBwaq55mih863xfIMD%2BkKOMeKlHLN%2FQr0BAgcW0DH1r3OWAmrC35u4Opa%2BR5iBjQHy6syzOYVhQ9um19iiElG3wc4oKra8NqdEvtpOg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce80c7868d30b55-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 5dc16ffcd2737c07a2fed1aae7d713a3
990c258d150409aa1010b46c301be5660cd31009
33c0d260e97b9231369e91fa7b40656ebe29a83692d3bc94f4dbcb41339b86f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 28 May 2023 16:59:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
live.demand.supply/e/e.js?e=ll&d=661&cs=c&dsReferer=dXBmaWxlc3VybHMuY29tL0VpcmY=
104.16.134.22 0 B URL live.demand.supply/e/e.js?e=ll&d=661&cs=c&dsReferer=dXBmaWxlc3VybHMuY29tL0VpcmY=
IP 104.16.134.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /e/e.js?e=ll&d=661&cs=c&dsReferer=dXBmaWxlc3VybHMuY29tL0VpcmY= HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 28 May 2023 16:59:33 GMT
content-type: application/javascript; charset=UTF-8
content-length: 1
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=2
etag: "dfe0abe17839ba4f36623d3c9332b694-ssl"
x-nf-request-id: 01H0WH535VZPRFR8SSXVB2WVS7
cf-cache-status: HIT
age: 696952
accept-ranges: bytes
set-cookie: __cf_bm=tcUDvlOPYY9XIx9.piGxAiLEesYaHInl0EVIv1Knxs8-1685293173-0-ATs+NFQUqaUEevff8QYJo/CXIR7+kNMB8wUlkwf3m4nWVUYUOeJyMZNwPeFVynELtfxgKp3L5iP/XHKTTMI6LcQ=; path=/; expires=Sun, 28-May-23 17:29:33 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce80c7b5d40b515-OSL
alt-svc: h3=":443"; ma=86400
upfilesurls.com/js/ads.js
104.26.9.138200 OK 1.1 kB URL GET HTTP/2 upfilesurls.com/js/ads.js
IP 104.26.9.138:443
Requested by https://upfilesurls.com/Eirf
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
File type ASCII text, with very long lines (1544), with no line terminators
Hash 474dab2bae672cd84661a241806c67af
c4e9f460c20e1535000feef7a0c748d1287734c9
ba4689299e8a29627b02f9dd8bb5ecec1ca32122dab181724dee2313627d9d85
Analyzer Verdict Alert fortinet Malware
GET /js/ads.js HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/Eirf
Cookie: auth=eyJpdiI6IjUyQjUyT0p5TDhXVllOYitKeFNDd2c9PSIsInZhbHVlIjoiRjNteDBwendHazBzb3Vma0tNYjR1dz09IiwibWFjIjoiZmJhY2VlYTlkZjRkZDlhNzkzMmZiMzYwMjU4YzhhNTk1ZjdkMmRkMjQzZGNkOTc2ODRmM2FjODFlMmRmODlmNSIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6IkxSOFBwQmFaZU04UzV1UXJnMTR0anc9PSIsInZhbHVlIjoiRXFDcjhrWTlUcVE5QnJqVWNjRUVHcklORFZtd013NXE1RjhEaW1aRzZ6MGYyTVBVVitvRUxMSHdlN1ZFN3VSRm5uczUxTDZjakNzRDVmcWoxNmkyUUdGNFl2Yk1xVXBGZUcyblZWdWVzTzVldmsxcExxOGR2K3B2T0YvY1hFR0ciLCJtYWMiOiI3NWY3NTA5MGU2NmM4N2U5MjBiYzkyOWNkMDliNTJlOTU4YmRkOWNmZWMwMjg2ZGJiOTNlODk4ZjY2YmIzYzZmIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6IlhpdTRzMnhzMENPRzRrcWV2VjJHUlE9PSIsInZhbHVlIjoiSVJrcm5NazA5SnFZTis2QXg4SS9naUtKTEZzamJiei9Tbk9sQ3dHODNodThNMEwycjh6c2hhVFNZem5nRTBZMEIyVkFybTNuZDE3ODBjTGdDWjdiZFdONkRVcGx4dXVLZkd1alovRFdRUVp0T2YxRFZsTEFzYU0zWVNDYjI1SVMiLCJtYWMiOiJhNmY0NTU2OTZiYTNiMzBhYjcwOTQwZTFkNTBmMzIyY2YyM2QzY2QzNTExMTU0MjE5OWI5MWE3NmZkYTJkZDBkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 28 May 2023 16:59:31 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-bgj: minify
etag: W/"63baab19-608"
last-modified: Sun, 08 Jan 2023 11:38:01 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding
cf-cache-status: HIT
age: 508588
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2BTHDWsXCVPFsrCrcLP5iXCam55%2FBE2ioxSJ9kMQjgD8Rm9LJUf%2B70bHw0bTtiRw1khD%2B%2F0j%2F1%2BG5p2Q9hl3NHoDdI62jUN%2F3K%2F86esrYaw1oXw3tc09qq%2FYLauUxFar8A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce80c747b91b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 1fe6018b909467d7161e2e0e4c541f0b
b34a4c25cafbd65b4b77b197dd215c8424a11d73
0dd7e48addf4d6b8a9699b50d992c0f7311fc4a8af44a59761752d6f5e08c99c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 28 May 2023 16:59:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 8bc2743253a8fc930e5a747ab63e94c5
178071f3eaaa9b894f9e1579179c412fd14339a2
73c2b75f4956c2bde3595b8f6df91cc8061b93214ba8d26da0490a6f8790eee7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 28 May 2023 16:59:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adthereissome.info/utx?cb=WRumKKC1xgJ0&top=upfilesurls.com&tid=978153
65.9.55.94204 No Content 0 B URL GET HTTP/2 adthereissome.info/utx?cb=WRumKKC1xgJ0&top=upfilesurls.com&tid=978153
IP 65.9.55.94:443
Requested by https://upfilesurls.com/Eirf
Certificate IssuerAmazon
Subjectadthereissome.info
Fingerprint21:40:7C:A8:E9:22:33:8E:6F:E6:0A:C2:79:2F:18:FD:76:73:C9:7E
ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 02 Jun 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=WRumKKC1xgJ0&top=upfilesurls.com&tid=978153 HTTP/1.1
Host: adthereissome.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Sun, 28 May 2023 16:59:33 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://upfilesurls.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 28 May 2023 17:00:33 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 2f7792bdc67f7953e2dce93aea1bb9ee.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: sp5v5O95bvqGNfZttl6PSRjoFXEh-kiWLcaE5SaAjZ5dYL_-8UoCuw==
X-Firefox-Spdy: h2
upfilesurls.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
104.26.9.138 3.1 kB URL upfilesurls.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
IP 104.26.9.138:0
File type ASCII text, with very long lines (5708), with no line terminators
Hash 429ad7dff3e0b200930f247d94c72a6c
f33116699ab042aee8f2496de5d1058e8039de8a
180676771431fe0b9ff2841f3a25b0cdcf2c9229c363e1147b323d7ab635ad58
Analyzer Verdict Alert fortinet Malware
GET /cdn-cgi/challenge-platform/h/b/scripts/pica.js HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/Eirf
Cookie: auth=eyJpdiI6IjUyQjUyT0p5TDhXVllOYitKeFNDd2c9PSIsInZhbHVlIjoiRjNteDBwendHazBzb3Vma0tNYjR1dz09IiwibWFjIjoiZmJhY2VlYTlkZjRkZDlhNzkzMmZiMzYwMjU4YzhhNTk1ZjdkMmRkMjQzZGNkOTc2ODRmM2FjODFlMmRmODlmNSIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6IkxSOFBwQmFaZU04UzV1UXJnMTR0anc9PSIsInZhbHVlIjoiRXFDcjhrWTlUcVE5QnJqVWNjRUVHcklORFZtd013NXE1RjhEaW1aRzZ6MGYyTVBVVitvRUxMSHdlN1ZFN3VSRm5uczUxTDZjakNzRDVmcWoxNmkyUUdGNFl2Yk1xVXBGZUcyblZWdWVzTzVldmsxcExxOGR2K3B2T0YvY1hFR0ciLCJtYWMiOiI3NWY3NTA5MGU2NmM4N2U5MjBiYzkyOWNkMDliNTJlOTU4YmRkOWNmZWMwMjg2ZGJiOTNlODk4ZjY2YmIzYzZmIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6IlhpdTRzMnhzMENPRzRrcWV2VjJHUlE9PSIsInZhbHVlIjoiSVJrcm5NazA5SnFZTis2QXg4SS9naUtKTEZzamJiei9Tbk9sQ3dHODNodThNMEwycjh6c2hhVFNZem5nRTBZMEIyVkFybTNuZDE3ODBjTGdDWjdiZFdONkRVcGx4dXVLZkd1alovRFdRUVp0T2YxRFZsTEFzYU0zWVNDYjI1SVMiLCJtYWMiOiJhNmY0NTU2OTZiYTNiMzBhYjcwOTQwZTFkNTBmMzIyY2YyM2QzY2QzNTExMTU0MjE5OWI5MWE3NmZkYTJkZDBkIiwidGFnIjoiIn0%3D; ab=1
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 28 May 2023 16:59:32 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
vary: accept-encoding
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fj4DG4gGEgJBwnjWbI1POPZB44LCfn6TMtJmLTMyZt0nEAyQbNzhrVEVvcv3ypx%2FMocGVf3S3QChsV3nYDZVhHUuUpVVDkqWWGbK5SGCcGAhlKNjl9bB2C8HAP0iVboyJw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce80c7aef97b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
142.250.74.131 586 B URL www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
IP 142.250.74.131:0
File type ASCII text, with very long lines (921), with no line terminators
Hash c0c5f1bc3dc1207fc4647a1971f7f8b2
a94949b5e56d94885045927d8d421d58297a8731
6813158c368d2541a76ab7284095e1987ec7ac6c39eed3a6312faf5f9a939249
GET /recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit HTTP/1.1
Host: www.recaptcha.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
expires: Sun, 28 May 2023 16:59:33 GMT
date: Sun, 28 May 2023 16:59:33 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 586
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
172.217.21.162 0 B URL pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 172.217.21.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 28 May 2023 16:59:33 GMT
expires: Sun, 28 May 2023 16:59:33 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 12719189424097010003
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 47248
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adthereissome.info/utx?cb=wpccnSO2cZGD&top=upfilesurls.com&tid=974624
65.9.55.94204 No Content 0 B URL GET HTTP/2 adthereissome.info/utx?cb=wpccnSO2cZGD&top=upfilesurls.com&tid=974624
IP 65.9.55.94:443
Requested by https://upfilesurls.com/Eirf
Certificate IssuerAmazon
Subjectadthereissome.info
Fingerprint21:40:7C:A8:E9:22:33:8E:6F:E6:0A:C2:79:2F:18:FD:76:73:C9:7E
ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 02 Jun 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=wpccnSO2cZGD&top=upfilesurls.com&tid=974624 HTTP/1.1
Host: adthereissome.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Sun, 28 May 2023 16:59:33 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://upfilesurls.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 28 May 2023 17:00:33 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 2f7792bdc67f7953e2dce93aea1bb9ee.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: of5E7M4kED4-2EGayaVXzIuZUD-aoCiiK1cfiVmqvnwhbtUCbDm4Og==
X-Firefox-Spdy: h2
upfilesurls.com/img/plane.svg
104.26.9.138200 OK 603 B URL GET HTTP/2 upfilesurls.com/img/plane.svg
IP 104.26.9.138:443
Requested by https://upfilesurls.com/Eirf
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (580)
Hash 4f25968fc51a5e49dc1ea503d5d60e38
4221937e757eb15329dbc318092c9058044c5f73
d454583aa343d4c8aa4e42c0876b20e60c20c0b89284e4ef0c662d0426c18254
Analyzer Verdict Alert fortinet Malware
GET /img/plane.svg HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/Eirf
Cookie: auth=eyJpdiI6IjUyQjUyT0p5TDhXVllOYitKeFNDd2c9PSIsInZhbHVlIjoiRjNteDBwendHazBzb3Vma0tNYjR1dz09IiwibWFjIjoiZmJhY2VlYTlkZjRkZDlhNzkzMmZiMzYwMjU4YzhhNTk1ZjdkMmRkMjQzZGNkOTc2ODRmM2FjODFlMmRmODlmNSIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6IkxSOFBwQmFaZU04UzV1UXJnMTR0anc9PSIsInZhbHVlIjoiRXFDcjhrWTlUcVE5QnJqVWNjRUVHcklORFZtd013NXE1RjhEaW1aRzZ6MGYyTVBVVitvRUxMSHdlN1ZFN3VSRm5uczUxTDZjakNzRDVmcWoxNmkyUUdGNFl2Yk1xVXBGZUcyblZWdWVzTzVldmsxcExxOGR2K3B2T0YvY1hFR0ciLCJtYWMiOiI3NWY3NTA5MGU2NmM4N2U5MjBiYzkyOWNkMDliNTJlOTU4YmRkOWNmZWMwMjg2ZGJiOTNlODk4ZjY2YmIzYzZmIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6IlhpdTRzMnhzMENPRzRrcWV2VjJHUlE9PSIsInZhbHVlIjoiSVJrcm5NazA5SnFZTis2QXg4SS9naUtKTEZzamJiei9Tbk9sQ3dHODNodThNMEwycjh6c2hhVFNZem5nRTBZMEIyVkFybTNuZDE3ODBjTGdDWjdiZFdONkRVcGx4dXVLZkd1alovRFdRUVp0T2YxRFZsTEFzYU0zWVNDYjI1SVMiLCJtYWMiOiJhNmY0NTU2OTZiYTNiMzBhYjcwOTQwZTFkNTBmMzIyY2YyM2QzY2QzNTExMTU0MjE5OWI5MWE3NmZkYTJkZDBkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 28 May 2023 16:59:31 GMT
content-type: image/svg+xml
last-modified: Fri, 13 Jan 2023 13:29:35 GMT
vary: Accept-Encoding
etag: W/"63c15cbf-2ac"
cache-control: max-age=2592000
cf-cache-status: HIT
age: 348392
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0GY4m86g59d6T32Qu%2BtktCRM4bkCRXJlqhCj3Z2d08FchRCo5ITxHV3wtTs0x5PB0xNLDt85eCgOpDz6eO0x%2FKVMjcPvSjFLqmzopu9ducObvAHbzZ7D9O1QuHjFI0elmA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce80c747b8cb517-OSL
content-encoding: br
X-Firefox-Spdy: h2
d18kg2zy9x3t96.cloudfront.net/9Q21KbWIgAiQLXTcELlBbdFl8X1ZlBzkCDDNQOy4ICh0jCggIIitfKwg9L0sWOQl3XUQvDCQKX2UIJA5fcksrCQB+WWwZEiwGdxUJNgYjGg01Ay5LFyJQJwIYKgEmDEdxK39DUmZfekUaclxvXiBmX3oBCy0YMkhQcxVyWz11WW9eIGZfeh8UZl4LXFJ6Q3-pER3FdLQgBKAJvXyRxXXtdUnJde0hQcwsjHwclAjJIUAVce1xMc0s/UFM
54.230.245.90 594 B URL d18kg2zy9x3t96.cloudfront.net/9Q21KbWIgAiQLXTcELlBbdFl8X1ZlBzkCDDNQOy4ICh0jCggIIitfKwg9L0sWOQl3XUQvDCQKX2UIJA5fcksrCQB+WWwZEiwGdxUJNgYjGg01Ay5LFyJQJwIYKgEmDEdxK39DUmZfekUaclxvXiBmX3oBCy0YMkhQcxVyWz11WW9eIGZfeh8UZl4LXFJ6Q3-pER3FdLQgBKAJvXyRxXXtdUnJde0hQcwsjHwclAjJIUAVce1xMc0s/UFM
IP 54.230.245.90:0
File type ASCII text, with very long lines (844), with no line terminators
Hash 5ba4c6c7f2701afaebbf3428cf17ada9
99918c860a78f933471fa0b06bd3ff78c63a01ae
153a695511219d9d673f8c4402d5212a13beba16a7c17f8aae5757ac839ac02b
GET /9Q21KbWIgAiQLXTcELlBbdFl8X1ZlBzkCDDNQOy4ICh0jCggIIitfKwg9L0sWOQl3XUQvDCQKX2UIJA5fcksrCQB+WWwZEiwGdxUJNgYjGg01Ay5LFyJQJwIYKgEmDEdxK39DUmZfekUaclxvXiBmX3oBCy0YMkhQcxVyWz11WW9eIGZfeh8UZl4LXFJ6Q3-pER3FdLQgBKAJvXyRxXXtdUnJde0hQcwsjHwclAjJIUAVce1xMc0s/UFM HTTP/1.1
Host: d18kg2zy9x3t96.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adthereissome.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 594
date: Sun, 28 May 2023 16:59:33 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0bvnWH7wsYWzij74ECZvN9P2hMoNTiixCfYpqRqnB1_olyhDDvDP9A==
X-Firefox-Spdy: h2
d18kg2zy9x3t96.cloudfront.net/?yzgkd=978153
54.230.245.90 116 kB URL d18kg2zy9x3t96.cloudfront.net/?yzgkd=978153
IP 54.230.245.90:0
File type Unicode text, UTF-8 text, with very long lines (15948)
Size 116 kB (115485 bytes)
Hash 586f2ea266220206549bb917093853c6
f91311d3eae4e95641d4615ee18651916ab72be8
103d77e1b67cb926429f990ae32b58bf3238b58ce69b19e1f13e5f3597fa4dbd
GET /?yzgkd=978153 HTTP/1.1
Host: d18kg2zy9x3t96.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 115485
date: Sun, 28 May 2023 16:59:33 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://upfilesurls.com
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zMm-14RK7WrlF5cxsBDWrlAhWcMUd6pVcvgWPQrSpohZHITkZDCh7w==
X-Firefox-Spdy: h2
d18kg2zy9x3t96.cloudfront.net/2MWUxWmZSCl88WUUMVWdfBl0Ab1UXD0I1CEFYfh9WXjQAIl9YFmgwV2g3VXwSSwEMakBdBF89WxcAXzlbAENQPgQMURcuFl4ODCINRA5YLQlHC1V8E1BYXDUcWAldO0MDIwR0VhRXAXIeAFQUaSQUVwE2D18QSX9UAR0JbDkHURRpJBRXASgQFFZwa1YISw-FzQwNVVj8FWgoUaCADVQBqVgBVAH9UAQNYKANXCkl/VHdUAGtIAUNEZ1c
54.230.245.90 601 B URL d18kg2zy9x3t96.cloudfront.net/2MWUxWmZSCl88WUUMVWdfBl0Ab1UXD0I1CEFYfh9WXjQAIl9YFmgwV2g3VXwSSwEMakBdBF89WxcAXzlbAENQPgQMURcuFl4ODCINRA5YLQlHC1V8E1BYXDUcWAldO0MDIwR0VhRXAXIeAFQUaSQUVwE2D18QSX9UAR0JbDkHURRpJBRXASgQFFZwa1YISw-FzQwNVVj8FWgoUaCADVQBqVgBVAH9UAQNYKANXCkl/VHdUAGtIAUNEZ1c
IP 54.230.245.90:0
File type ASCII text, with very long lines (836), with no line terminators
Hash 81bcd4bf6115ad3a0ea77cd7db5ec9f0
d91fb5cc94f4c11ae9329aaf518f4727794469d1
ed0e2be8a14d3fcfe62769c2731d7f36b0114d6bf0b627166fc711c89fd6484e
GET /2MWUxWmZSCl88WUUMVWdfBl0Ab1UXD0I1CEFYfh9WXjQAIl9YFmgwV2g3VXwSSwEMakBdBF89WxcAXzlbAENQPgQMURcuFl4ODCINRA5YLQlHC1V8E1BYXDUcWAldO0MDIwR0VhRXAXIeAFQUaSQUVwE2D18QSX9UAR0JbDkHURRpJBRXASgQFFZwa1YISw-FzQwNVVj8FWgoUaCADVQBqVgBVAH9UAQNYKANXCkl/VHdUAGtIAUNEZ1c HTTP/1.1
Host: d18kg2zy9x3t96.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adthereissome.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 601
date: Sun, 28 May 2023 16:59:33 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CPsoZ1JuPyLjhS8zJeSUERGC7vk8k-7Uw793snSDlk6mBQe2wwQcpw==
X-Firefox-Spdy: h2
cdntechone.com/stattag.js
188.114.96.1 110 kB URL cdntechone.com/stattag.js
IP 188.114.96.1:0
File type ASCII text, with very long lines (17871)
Size 110 kB (110086 bytes)
Hash 0fdff67feab23cc69ecfb6800fc54cb7
eb84c650e6d27e290795207b1f37dd7b67f2aa06
456e420aecd5ac679cc2bcb33daf7c063f54894fd076e99e05c06629234d3378
GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 16:59:32 GMT
content-type: application/javascript
last-modified: Fri, 19 May 2023 08:43:53 GMT
etag: W/"646736c9-4859"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 3535
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1fIMKneJRN8TbQ5hSBIL0j32H1WvE3I0Fu4UDHhVImK5WoRlZFNpdX2Fc6yDpqMd%2B%2BikxDQ15%2FmPV2gs0fQCxO0cY1Kse7iOspbIRcdHI%2B%2B%2F4UNJjmtxieCXFA1i6vvrxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce80c76984a0b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.15.101 471 B IP 104.18.15.101:0
Hash 4d26e0dda83ee5c10429cd9a8d43ead4
d637cb2024b8ff4adb23b7d918fa98a35bd97bfb
66142472b5cf095edf7ff5602fdcdf1c0d4480c1838daede0a87f4047115aae9
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 28 May 2023 16:59:33 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 25 May 2023 14:07:11 GMT
Expires: Thu, 01 Jun 2023 14:07:10 GMT
Etag: "d637cb2024b8ff4adb23b7d918fa98a35bd97bfb"
Cache-Control: max-age=336327,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7ce80c7e0b99b4fa-OSL
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 01306b55f5d6e6a8e1ff9411386a89a0
1c06c985114ad08023398fe3597371715cf6aa27
7d4df964819e827fdbd588784bff90bdb09b6938ca788e013144d1600e8ecc16
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 28 May 2023 16:59:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
live.demand.supply/up.js
104.16.134.22 105 kB IP 104.16.134.22:0
File type ASCII text, with very long lines (3472)
Size 105 kB (104994 bytes)
Hash 171159542b73b236389297f77c793e7e
532a7e2b2b7665e11576e07faa636a448fdf98de
83d2224d7c278b0fa556e970f2cc8a0194fa84fe3c1b4b0b3007461db77d2119
GET /up.js HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 16:59:32 GMT
content-type: application/javascript; charset=UTF-8
cf-ray: 7ce80c76ababb500-OSL
cf-cache-status: HIT
age: 235
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
etag: W/"ad72f581a14aa3fbbf4827fac4449705-ssl-df"
link: <https://live.demand.supply/impl.v16.9.1.js>; rel=preload; as=script,<https://live.demand.supply/p4/v16-2-0/dXBmaWxlc3VybHMuY29tLw==>; rel=preload; as=script
vary: Accept-Encoding
cf-bgj: minify
cf-polished: origSize=4391
timing-allow-origin: *
x-nf-request-id: 01H0JH3JA8TSZ1S1CGSMZY0Q5D
set-cookie: demandSupplyTi=3782644d-e355-4d9f-a0a5-e4e80d565bae; demandSupplyTc = null; demandSupplyTcI = null; SameSite=None; Secure; Max-Age=63072000
__cf_bm=vGyQndr95aVLM_iXPOuzhyrAEvftI8iP_R7j3P.dnBA-1685293172-0-AVFPjcq+9zJwhXErEhtxmSkJwLrfZ/XFYAFOBFvdRWFmEoITgjxSABtvxdAT4G/v4RJ7qvWyT6qnYK3RBU3rD7Y=; path=/; expires=Sun, 28-May-23 17:29:32 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
upfilesurls.com/img/logo.svg
104.26.9.138 6.0 kB URL upfilesurls.com/img/logo.svg
IP 104.26.9.138:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1361)
Hash 1e28749acbd90e7e99a883c1890327cd
638b4525d3f0ed776db136ca1025a8961f46c9e0
d526da1f4d4af45cefd2a0d140abec2beddc3150d13c47d3de893eaa278a369d
Analyzer Verdict Alert fortinet Malware
GET /img/logo.svg HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/Eirf
Cookie: auth=eyJpdiI6IjUyQjUyT0p5TDhXVllOYitKeFNDd2c9PSIsInZhbHVlIjoiRjNteDBwendHazBzb3Vma0tNYjR1dz09IiwibWFjIjoiZmJhY2VlYTlkZjRkZDlhNzkzMmZiMzYwMjU4YzhhNTk1ZjdkMmRkMjQzZGNkOTc2ODRmM2FjODFlMmRmODlmNSIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6IkxSOFBwQmFaZU04UzV1UXJnMTR0anc9PSIsInZhbHVlIjoiRXFDcjhrWTlUcVE5QnJqVWNjRUVHcklORFZtd013NXE1RjhEaW1aRzZ6MGYyTVBVVitvRUxMSHdlN1ZFN3VSRm5uczUxTDZjakNzRDVmcWoxNmkyUUdGNFl2Yk1xVXBGZUcyblZWdWVzTzVldmsxcExxOGR2K3B2T0YvY1hFR0ciLCJtYWMiOiI3NWY3NTA5MGU2NmM4N2U5MjBiYzkyOWNkMDliNTJlOTU4YmRkOWNmZWMwMjg2ZGJiOTNlODk4ZjY2YmIzYzZmIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6IlhpdTRzMnhzMENPRzRrcWV2VjJHUlE9PSIsInZhbHVlIjoiSVJrcm5NazA5SnFZTis2QXg4SS9naUtKTEZzamJiei9Tbk9sQ3dHODNodThNMEwycjh6c2hhVFNZem5nRTBZMEIyVkFybTNuZDE3ODBjTGdDWjdiZFdONkRVcGx4dXVLZkd1alovRFdRUVp0T2YxRFZsTEFzYU0zWVNDYjI1SVMiLCJtYWMiOiJhNmY0NTU2OTZiYTNiMzBhYjcwOTQwZTFkNTBmMzIyY2YyM2QzY2QzNTExMTU0MjE5OWI5MWE3NmZkYTJkZDBkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 28 May 2023 16:59:31 GMT
content-type: image/svg+xml
last-modified: Fri, 08 Apr 2022 10:55:45 GMT
etag: W/"625014b1-56e8"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 348392
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=npM1Ra24dRsCJDeQtWJUVSuE4p7m0cQFRrYvOhRv5V2yQGNVOeQ5ldh61AuLWBNfViTTMmrHoV6y6%2F4ziWp5zeuHwRanzJQRx2WlFInSI%2BTQDZ1MPwv%2BkEY5qUl7Hd7EFA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce80c746b66b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
live.demand.supply/impl.v16.9.1.js
104.16.134.22 24 kB URL live.demand.supply/impl.v16.9.1.js
IP 104.16.134.22:0
File type ASCII text, with very long lines (27958)
Hash 20e3de9acd919eb7e518640761f616a6
a39badf38168691698ca2b2ea2aa070b34d01a3d
cdeda8658c3f891c883f5a83c5f2b5e20a18c2fa65658d77a1522fe440b6d0e0
GET /impl.v16.9.1.js HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Cookie: demandSupplyTi=3782644d-e355-4d9f-a0a5-e4e80d565bae; __cf_bm=vGyQndr95aVLM_iXPOuzhyrAEvftI8iP_R7j3P.dnBA-1685293172-0-AVFPjcq+9zJwhXErEhtxmSkJwLrfZ/XFYAFOBFvdRWFmEoITgjxSABtvxdAT4G/v4RJ7qvWyT6qnYK3RBU3rD7Y=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 28 May 2023 16:59:33 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=75573
etag: W/"a92236f0259b51d5fbe112e5ac680198-ssl-df"
timing-allow-origin: *
vary: Accept-Encoding
x-nf-request-id: 01H0JGE5H42NN0NCVBZSKPPTF4
cf-cache-status: HIT
age: 1044764
server: cloudflare
cf-ray: 7ce80c7b3831b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
142.250.74.45302 Found 391 B URL GET HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 142.250.74.45:443
Requested by https://upfilesurls.com/Eirf
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint6C:C9:34:01:32:00:11:F3:7A:E2:AA:FC:7C:E3:13:17:3D:17:71:8A
ValidityMon, 08 May 2023 08:25:19 GMT - Mon, 31 Jul 2023 08:25:18 GMT
File type gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)\012- data
Hash 29d95c4cc5724f71c8bcf6cedd26f949
4099e9205fea3d72f9ebb0c6c42926f89cdd0760
724cd0ba3d38b34006d1504b3bf3e965e3b829fba54e1eadbf942f61935c412b
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
set-cookie: __Host-GAPS=1:M0C8RSe-pnlelsz8UUNEKloitGGdAg:9Dkq6ACt5_hNy2o1; Expires=Tue, 27-May-2025 16:59:33 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 28 May 2023 16:59:33 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneEYCtAVfm5IpEE3sAimlCVjTJssjKnQulQCdw_Zh8tSjT1uXls2wOzQuRL8ki19RtRW2MPg
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-p_7zKoHGUh9-EdVId_gW4w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: unsafe-none
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/binary
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneEYCtAVfm5IpEE3sAimlCVjTJssjKnQulQCdw_Zh8tSjT1uXls2wOzQuRL8ki19RtRW2MPg
142.250.74.45 401 B URL accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneEYCtAVfm5IpEE3sAimlCVjTJssjKnQulQCdw_Zh8tSjT1uXls2wOzQuRL8ki19RtRW2MPg
IP 142.250.74.45:0
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint6C:C9:34:01:32:00:11:F3:7A:E2:AA:FC:7C:E3:13:17:3D:17:71:8A
ValidityMon, 08 May 2023 08:25:19 GMT - Mon, 31 Jul 2023 08:25:18 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (383)
Hash f7c22378e92a4d39ccbca1af490a0cb3
008b6ae6c1e793ed85e2a0002e6fafccf34aeba0
d3c1bc48211d2a9dd947e21f06f7d987895ded8b91ab5e6885a08fc46c2a1598
GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneEYCtAVfm5IpEE3sAimlCVjTJssjKnQulQCdw_Zh8tSjT1uXls2wOzQuRL8ki19RtRW2MPg HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:wtCgyRKrb_Sit54XQNycLsVchbNnxw:gZYKT3d8d7K3F38G;Path=/;Expires=Tue, 27-May-2025 16:59:33 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 28 May 2023 16:59:33 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S202308217%3A1685293173751463&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneHfIx3UXoWJbpzNaFCS5_fExlro0Mfa-6siCj0yQ8GOvxNPFC7h-MZkwVVFRTLn8YXsONXNzg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: script-src 'nonce-Rs0A8ufW-W07NdK6kRpRtw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 401
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
142.250.74.45302 Found 166 kB URL GET HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 142.250.74.45:443
Requested by https://upfilesurls.com/Eirf
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint6C:C9:34:01:32:00:11:F3:7A:E2:AA:FC:7C:E3:13:17:3D:17:71:8A
ValidityMon, 08 May 2023 08:25:19 GMT - Mon, 31 Jul 2023 08:25:18 GMT
File type gzip compressed data, max compression\012- data
Size 166 kB (166449 bytes)
Hash 44ec03cb3248c903b67751ea27df310a
c57e9cf90caf30457e9d57db750b8a0eb8856770
d4de4a836d11828dd561db1eb8d7fd48a7e0ce9afd8645e2eabb19a1267b6894
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
set-cookie: __Host-GAPS=1:KEyfAw86D_dKCraJTVJzU-VAFInhGw:7woVU5JMGRt8SAdj; Expires=Tue, 27-May-2025 16:59:33 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 28 May 2023 16:59:33 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneFYqTuJDfmUbmHEn2hhc0z0-RyhtdEE8jAyGdkVuvEo4Tg4vj1hD6CQoHzL69zC8Cvh_BQG
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-Q-mDspW1XOpfJawnBhUbEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
content-type: application/binary
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S84781093%3A1685293173734900&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneGe3aBsYOP2Z7IR1r2WdzXU8sPezhzH8PvGLRVz6046BQssAcRH7fP5TxfKcT7YQY70mEV73A&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
142.250.74.45 805 B URL accounts.google.com/v3/signin/identifier?dsh=S84781093%3A1685293173734900&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneGe3aBsYOP2Z7IR1r2WdzXU8sPezhzH8PvGLRVz6046BQssAcRH7fP5TxfKcT7YQY70mEV73A&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
IP 142.250.74.45:0
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint6C:C9:34:01:32:00:11:F3:7A:E2:AA:FC:7C:E3:13:17:3D:17:71:8A
ValidityMon, 08 May 2023 08:25:19 GMT - Mon, 31 Jul 2023 08:25:18 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1644), with no line terminators
Hash 273d6229b21f0df77fd241cd68b6c0c4
5c64faa30c2bcf81312242cc7a27a24417a85c30
ece0d04c7061ff789930890bd4c718d2b6c5b2f2c69ecd1e83a9cfb0f61687d5
GET /v3/signin/identifier?dsh=S84781093%3A1685293173734900&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneGe3aBsYOP2Z7IR1r2WdzXU8sPezhzH8PvGLRVz6046BQssAcRH7fP5TxfKcT7YQY70mEV73A&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 28 May 2023 16:59:33 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-v1nL9JelVbQBfJFtmo0owQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pogothere.xyz/
172.64.133.29200 OK 27 B IP 172.64.133.29:443
Requested by https://upfilesurls.com/Eirf
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 0056c71616b0c4102d32c4593f03ed93
199264153dcf681dca5eb6d8032b16e13b1ce82e
a5c7d8ac53feaacbb2954ff7682c95671555bffc5dc4ab555fcae574a2305422
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 16:59:33 GMT
content-type: text/plain
set-cookie: csu=1697006716636385@1@1685293173; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://upfilesurls.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PUhBA7iqL0SCddSZYidLdrIy4zqosUr%2FagulPeeegzerzfZx4Je3tw%2Fb7oIUvQFqnfochwMA3DzYqsRymM7gscIzxsm5wKPHJ2wRUZUGTDxFqRtwLCN6QUUTUn0ekswS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce80c7bbb6c74f1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js
142.250.74.35200 OK 417 kB URL GET HTTP/2 www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js
IP 142.250.74.35:443
Requested by https://upfilesurls.com/Eirf
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type ASCII text, with very long lines (660)
Size 417 kB (416807 bytes)
Hash 95a32a4d8f8be968bc15d6ab9b9491d1
fbfbcb40c8d8997096cd2ea3d8cfc3dee1981015
a41096fbcf982d79bf075bf2378c9c0c2e8ada5bdc94bd7cc794454135ccf981
GET /recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166449
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 22 May 2023 23:49:29 GMT
expires: Tue, 21 May 2024 23:49:29 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 May 2023 20:58:33 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 493804
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
gforanythingamgl.info/popunder.gif
104.21.93.237200 OK 35 B URL GET HTTP/3 gforanythingamgl.info/popunder.gif
IP 104.21.93.237:443
Requested by https://upfilesurls.com/Eirf
Certificate IssuerGoogle Trust Services LLC
Subjectgforanythingamgl.info
Fingerprint5E:50:F4:C2:4F:D9:85:4E:40:F6:9A:2E:AC:04:DE:C2:79:BB:A8:74
ValidityFri, 05 May 2023 13:46:21 GMT - Thu, 03 Aug 2023 13:46:20 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Analyzer Verdict Alert quad9 Sinkholed
GET /popunder.gif HTTP/1.1
Host: gforanythingamgl.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 28 May 2023 16:59:34 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 579312
last-modified: Mon, 22 May 2023 00:04:22 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2FUzveklu8%2FZ59UNuiOWMBqPt%2Fp9%2Bjq0kuWhAQY%2BohgAjSgu%2BOEjAUW%2Fpk8VEmhLD68xkRAN3LaY%2FHA%2BwS1khI7FwbKXHNlkh0Fl2ANLuoZhbuvkSkzglY502dzfZbS8RXUkpoXHOoE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce80c83499d0b59-OSL
alt-svc: h3=":443"; ma=86400
fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap
142.250.74.106200 OK 18 kB URL GET HTTP/2 fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap
IP 142.250.74.106:443
Requested by https://upfilesurls.com/Eirf
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C
ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT
Hash 95922663397e898c5aa9cb4d93dee59f
b127f295ee788d93d0348ae9a2aa6dfa39b0981e
33613d442dd3f6abef01c9bee884b9aa828f42820ee62da8b86ad5a9ea7f58f2
GET /css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 28 May 2023 16:59:32 GMT
date: Sun, 28 May 2023 16:59:32 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
live.demand.supply/p4/v16-2-0/dXBmaWxlc3VybHMuY29tL0VpcmY=
104.16.134.22200 OK 984 B URL GET HTTP/3 live.demand.supply/p4/v16-2-0/dXBmaWxlc3VybHMuY29tL0VpcmY=
IP 104.16.134.22:443
Requested by https://upfilesurls.com/Eirf
Certificate IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (1122), with no line terminators
Hash f6e3a38577bd475effc0a54ecebcedaf
223d3e9189b9d64a1e8500e361fb196502b74ec6
52378ed522477893ab73c236f8519923cedd5995e478895de94598f6f6341e73
GET /p4/v16-2-0/dXBmaWxlc3VybHMuY29tL0VpcmY= HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Cookie: demandSupplyTi=3782644d-e355-4d9f-a0a5-e4e80d565bae; __cf_bm=vGyQndr95aVLM_iXPOuzhyrAEvftI8iP_R7j3P.dnBA-1685293172-0-AVFPjcq+9zJwhXErEhtxmSkJwLrfZ/XFYAFOBFvdRWFmEoITgjxSABtvxdAT4G/v4RJ7qvWyT6qnYK3RBU3rD7Y=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 28 May 2023 16:59:33 GMT
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce80c7b383fb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
live.demand.supply/css/sdb.css
104.16.134.22200 OK 3.8 kB URL GET HTTP/3 live.demand.supply/css/sdb.css
IP 104.16.134.22:443
Requested by https://upfilesurls.com/Eirf
Certificate IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (3765), with no line terminators
Hash 05937abfafb30dc374d6de75acf7b940
d8d47f032e9344f49aca58294b29f7456ef6a8c3
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
GET /css/sdb.css HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Cookie: demandSupplyTi=3782644d-e355-4d9f-a0a5-e4e80d565bae; __cf_bm=vGyQndr95aVLM_iXPOuzhyrAEvftI8iP_R7j3P.dnBA-1685293172-0-AVFPjcq+9zJwhXErEhtxmSkJwLrfZ/XFYAFOBFvdRWFmEoITgjxSABtvxdAT4G/v4RJ7qvWyT6qnYK3RBU3rD7Y=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 28 May 2023 16:59:33 GMT
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-bgj: minify
etag: W/"281c43d3e253957887c3e1dad5bbb310-ssl-df"
vary: Accept-Encoding
x-nf-request-id: 01GZGR6SCB0Q49R1S22Y9RAR9T
cf-cache-status: HIT
age: 137896
server: cloudflare
cf-ray: 7ce80c7f7834b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
upfilesurls.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/938e2b5c/invisible.js
104.26.9.138200 OK 24 kB URL GET HTTP/2 upfilesurls.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/938e2b5c/invisible.js
IP 104.26.9.138:443
Requested by https://upfilesurls.com/Eirf
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
File type ASCII text, with very long lines (23764), with no line terminators
Hash 1f4f3ff3a106a7bfa0d1bec6352ba8a4
b1b2fbf159436e9f44a53f51f1054a2cdac7ab3a
c45e7c56e8cafdd554f2728fec654bdee0a3ee739e78afce8da6ebb416986703
Analyzer Verdict Alert fortinet Malware
GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/938e2b5c/invisible.js HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: auth=eyJpdiI6IjUyQjUyT0p5TDhXVllOYitKeFNDd2c9PSIsInZhbHVlIjoiRjNteDBwendHazBzb3Vma0tNYjR1dz09IiwibWFjIjoiZmJhY2VlYTlkZjRkZDlhNzkzMmZiMzYwMjU4YzhhNTk1ZjdkMmRkMjQzZGNkOTc2ODRmM2FjODFlMmRmODlmNSIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6IkxSOFBwQmFaZU04UzV1UXJnMTR0anc9PSIsInZhbHVlIjoiRXFDcjhrWTlUcVE5QnJqVWNjRUVHcklORFZtd013NXE1RjhEaW1aRzZ6MGYyTVBVVitvRUxMSHdlN1ZFN3VSRm5uczUxTDZjakNzRDVmcWoxNmkyUUdGNFl2Yk1xVXBGZUcyblZWdWVzTzVldmsxcExxOGR2K3B2T0YvY1hFR0ciLCJtYWMiOiI3NWY3NTA5MGU2NmM4N2U5MjBiYzkyOWNkMDliNTJlOTU4YmRkOWNmZWMwMjg2ZGJiOTNlODk4ZjY2YmIzYzZmIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6IlhpdTRzMnhzMENPRzRrcWV2VjJHUlE9PSIsInZhbHVlIjoiSVJrcm5NazA5SnFZTis2QXg4SS9naUtKTEZzamJiei9Tbk9sQ3dHODNodThNMEwycjh6c2hhVFNZem5nRTBZMEIyVkFybTNuZDE3ODBjTGdDWjdiZFdONkRVcGx4dXVLZkd1alovRFdRUVp0T2YxRFZsTEFzYU0zWVNDYjI1SVMiLCJtYWMiOiJhNmY0NTU2OTZiYTNiMzBhYjcwOTQwZTFkNTBmMzIyY2YyM2QzY2QzNTExMTU0MjE5OWI5MWE3NmZkYTJkZDBkIiwidGFnIjoiIn0%3D; ab=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 16:59:32 GMT
content-type: application/javascript; charset=UTF-8
vary: accept-encoding
x-content-type-options: nosniff
cache-control: max-age=14400, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Si5zf98GBSArC3Yj8IAIP8IKhTn%2BuzNdqnFVFoxeFC%2FXsFrbjibMxUleGgCWRsCbU5%2FkNTWrd%2Bi17p1G5Xr7CjcWRmxqzQPdvhUewKRTrJYHhwYNW4BMEW5bc4e%2FeL9EA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce80c78bb2bb517-OSL
content-encoding: br
X-Firefox-Spdy: h2
live.demand.supply/x/e.js?ce=fs&dsReferer=dXBmaWxlc3VybHMuY29tL0VpcmY=
104.16.134.22200 OK 0 B URL HEAD HTTP/3 live.demand.supply/x/e.js?ce=fs&dsReferer=dXBmaWxlc3VybHMuY29tL0VpcmY=
IP 104.16.134.22:443
Requested by https://upfilesurls.com/Eirf
Certificate IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /x/e.js?ce=fs&dsReferer=dXBmaWxlc3VybHMuY29tL0VpcmY= HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 28 May 2023 16:59:33 GMT
content-type: application/javascript; charset=UTF-8
content-length: 1
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=2
etag: "dfe0abe17839ba4f36623d3c9332b694-ssl"
x-nf-request-id: 01H0WH53N5DXY1S5GWJ4J08TX0
cf-cache-status: HIT
age: 696952
accept-ranges: bytes
set-cookie: __cf_bm=Qd7Qxamw3Sili9RF0kdNzoLuKLrwHrm.O9eoWv_MxQE-1685293173-0-AXeuzThPglAW+4PvvmKER8NPNbPPyWjL+vlPvLbIf7fEkm8u4yX334jshMl5dlHlISY58BGwH7vvFADxVBASVC0=; path=/; expires=Sun, 28-May-23 17:29:33 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce80c7badabb515-OSL
alt-svc: h3=":443"; ma=86400
pogothere.xyz/asd100.bin
172.64.133.29200 OK 102 kB IP 172.64.133.29:443
Requested by https://upfilesurls.com/Eirf
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
Size 102 kB (102400 bytes)
Hash 4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 16:59:33 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://upfilesurls.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 4969
last-modified: Sun, 28 May 2023 15:36:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vaXCLI2UaSVbkn7iMgKHGeG0M4nhs92qzqos3P%2FCizWGqHHBJLEWxMHXX48DNNX2CpugykpLME%2F3UUObPAH%2BFV8DEJfUYt2LWG3fAmDt3YK0N84Clf8l5ajWTMOj%2FQX6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce80c7bcb8574f1-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
upfilesurls.com/js/frontend.js?id=88f283c744d8a6e43cfb
104.26.9.138200 OK 981 kB URL GET HTTP/2 upfilesurls.com/js/frontend.js?id=88f283c744d8a6e43cfb
IP 104.26.9.138:443
Requested by https://upfilesurls.com/Eirf
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
Size 981 kB (980828 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /js/frontend.js?id=88f283c744d8a6e43cfb HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/Eirf
Cookie: auth=eyJpdiI6IjUyQjUyT0p5TDhXVllOYitKeFNDd2c9PSIsInZhbHVlIjoiRjNteDBwendHazBzb3Vma0tNYjR1dz09IiwibWFjIjoiZmJhY2VlYTlkZjRkZDlhNzkzMmZiMzYwMjU4YzhhNTk1ZjdkMmRkMjQzZGNkOTc2ODRmM2FjODFlMmRmODlmNSIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6IkxSOFBwQmFaZU04UzV1UXJnMTR0anc9PSIsInZhbHVlIjoiRXFDcjhrWTlUcVE5QnJqVWNjRUVHcklORFZtd013NXE1RjhEaW1aRzZ6MGYyTVBVVitvRUxMSHdlN1ZFN3VSRm5uczUxTDZjakNzRDVmcWoxNmkyUUdGNFl2Yk1xVXBGZUcyblZWdWVzTzVldmsxcExxOGR2K3B2T0YvY1hFR0ciLCJtYWMiOiI3NWY3NTA5MGU2NmM4N2U5MjBiYzkyOWNkMDliNTJlOTU4YmRkOWNmZWMwMjg2ZGJiOTNlODk4ZjY2YmIzYzZmIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6IlhpdTRzMnhzMENPRzRrcWV2VjJHUlE9PSIsInZhbHVlIjoiSVJrcm5NazA5SnFZTis2QXg4SS9naUtKTEZzamJiei9Tbk9sQ3dHODNodThNMEwycjh6c2hhVFNZem5nRTBZMEIyVkFybTNuZDE3ODBjTGdDWjdiZFdONkRVcGx4dXVLZkd1alovRFdRUVp0T2YxRFZsTEFzYU0zWVNDYjI1SVMiLCJtYWMiOiJhNmY0NTU2OTZiYTNiMzBhYjcwOTQwZTFkNTBmMzIyY2YyM2QzY2QzNTExMTU0MjE5OWI5MWE3NmZkYTJkZDBkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 16:59:31 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=980842
etag: W/"63baab19-ef76a"
last-modified: Sun, 08 Jan 2023 11:38:01 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Accept-Encoding
cf-cache-status: HIT
age: 12113040
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Czf7F3fjxTW0GBLD38wQ8KC%2Bbq8o50bBPivSn66LdjM0k1CwZ4fZ8z%2Bu4dq7sUeKc1KF5%2BwMMgr%2FA8pILp5HQnjjkit4vkziWuK6kNTwNVNqJ8OKvJYnqs8VRX1ETFKYg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce80c747ba2b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
upfilesurls.com/favicon.ico
104.26.9.138200 OK 1.5 kB URL GET HTTP/2 upfilesurls.com/favicon.ico
IP 104.26.9.138:443
Requested by https://upfilesurls.com/Eirf
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
File type MS Windows icon resource - 1 icon, 32x32 with PNG image data, 32 x 32, 8-bit colormap, non-interlaced, 32 bits/pixel\012- data
Hash ba3a9d1041ae9a7a655f9632756b1e92
fbb065d1df15871da0b7df14ca22041a729dda88
180c85c0caca07f8411a77e2392751d979f74982f0ed7062a0093b322924f38f
GET /favicon.ico HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/Eirf
Cookie: auth=eyJpdiI6IjUyQjUyT0p5TDhXVllOYitKeFNDd2c9PSIsInZhbHVlIjoiRjNteDBwendHazBzb3Vma0tNYjR1dz09IiwibWFjIjoiZmJhY2VlYTlkZjRkZDlhNzkzMmZiMzYwMjU4YzhhNTk1ZjdkMmRkMjQzZGNkOTc2ODRmM2FjODFlMmRmODlmNSIsInRhZyI6IiJ9; XSRF-TOKEN=eyJpdiI6IkxSOFBwQmFaZU04UzV1UXJnMTR0anc9PSIsInZhbHVlIjoiRXFDcjhrWTlUcVE5QnJqVWNjRUVHcklORFZtd013NXE1RjhEaW1aRzZ6MGYyTVBVVitvRUxMSHdlN1ZFN3VSRm5uczUxTDZjakNzRDVmcWoxNmkyUUdGNFl2Yk1xVXBGZUcyblZWdWVzTzVldmsxcExxOGR2K3B2T0YvY1hFR0ciLCJtYWMiOiI3NWY3NTA5MGU2NmM4N2U5MjBiYzkyOWNkMDliNTJlOTU4YmRkOWNmZWMwMjg2ZGJiOTNlODk4ZjY2YmIzYzZmIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6IlhpdTRzMnhzMENPRzRrcWV2VjJHUlE9PSIsInZhbHVlIjoiSVJrcm5NazA5SnFZTis2QXg4SS9naUtKTEZzamJiei9Tbk9sQ3dHODNodThNMEwycjh6c2hhVFNZem5nRTBZMEIyVkFybTNuZDE3ODBjTGdDWjdiZFdONkRVcGx4dXVLZkd1alovRFdRUVp0T2YxRFZsTEFzYU0zWVNDYjI1SVMiLCJtYWMiOiJhNmY0NTU2OTZiYTNiMzBhYjcwOTQwZTFkNTBmMzIyY2YyM2QzY2QzNTExMTU0MjE5OWI5MWE3NmZkYTJkZDBkIiwidGFnIjoiIn0%3D; ab=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 16:59:32 GMT
content-type: image/x-icon
last-modified: Fri, 08 Apr 2022 10:55:45 GMT
vary: Accept-Encoding
etag: W/"625014b1-5b8"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 45
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4IOnbiqkizULSh2%2BsPVktDcncepita8G90iTee5%2B4MeQdKEyehFYEbpRpmNsLfzJgE2iCQoDJk%2FPrrP6qliLQNXvHuZs1Ha7e1wljXjjUmno6v9sdcXSY0mHXbnUCb48Gg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce80c7aff9cb517-OSL
content-encoding: br
X-Firefox-Spdy: h2