www.googletagmanager.com/gtag/js?id=UA-197252557-1
142.250.74.168200 OK 47 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=UA-197252557-1
IP 142.250.74.168:443
Requested by https://upfilesurls.com/fm94Be
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintEB:A2:AF:B3:20:F1:B1:77:23:0B:85:D2:B1:16:33:A7:97:49:EE:51
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT
File type ASCII text, with very long lines (2271)
Hash 470df1320c9f74d9daf66b8ec42e2ca9
f12af6934c32cd003c319b7fb5ec02301071890f
592d04091dd2bfc0e8288b5a5eb9676bdcadd25701bfac59f9526fbe917a7b8f
GET /gtag/js?id=UA-197252557-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 27 May 2023 15:49:48 GMT
expires: Sat, 27 May 2023 15:49:48 GMT
cache-control: private, max-age=900
last-modified: Sat, 27 May 2023 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46897
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cschyogh.com/1clkn/34742
172.255.6.58200 OK 26 B IP 172.255.6.58:443
Requested by https://upfilesurls.com/fm94Be
Certificate IssuerLet's Encrypt
Subjectcschyogh.com
Fingerprint11:EA:50:D5:5D:23:86:84:0B:BF:DE:7F:B7:02:00:1B:51:CD:36:58
ValidityFri, 19 May 2023 23:43:21 GMT - Thu, 17 Aug 2023 23:43:20 GMT
File type ASCII text, with no line terminators
Hash 9082dc37e5e8046929da411544ad071a
41e0e3963ed94e59e8a2f115994c382712411537
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
GET /1clkn/34742 HTTP/1.1
Host: cschyogh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 27 May 2023 15:49:49 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Set-Cookie: GL_UI4=eJw9jU1Sg0AQhSH8RQ1oV3EAj8AQMcnSTVbegZphGhwD06lmQuLtHa3S3fteffVeEASr8hHCJY0husgGnl8aXe97Ve31tsZq34vda9UoIbp6u1PycIA7M7dOqhFdDOt5kuxat8SwGdAim67tSGMOT976a06WrjaGRLG0Oodk8saYQ6aYrjNyGUFs5YSQHQ1jTzdvyE9iiIQQPhvrc1jBiuYyKu4heTf2cis2aVAUaQAP51G6nnhqjfaYDCw1QvgG6046HIi%2FINM4nxydAWjU7b%2F%2Fe5qMP2uQalxM55HcB%2FI3ouZOdQ%3D%3D; expires=Sun, 28-May-2023 15:49:49 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJw9i8sKwjAURGuUYNVWBvwAf8D6QBdu1aXUhbgOtd6WYM0tTXzUr%2FcFruYwc8bzPDEIIXSJ3nIaLSfRfBZNF3M0c2KIeIdeylfjqlqZ5EKQMVf3pIasKNdsAnR%2FoFI%2BETrxbnQwZ8N38x8%2BtwCtVLs6gP%2BJrxu20dS2RLgq9GO45%2BLq3raFb8gpWxKd4K%2BTY0HjzX6L8N9%2Bz7KBtraqrPhRv7nv9IWebEhxlllyUqBxk%2BIFsdRBIw%3D%3D; expires=Sun, 28-May-2023 15:49:49 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
d18kg2zy9x3t96.cloudfront.net/?yzgkd=978153
54.230.245.156200 OK 116 kB URL GET HTTP/2 d18kg2zy9x3t96.cloudfront.net/?yzgkd=978153
IP 54.230.245.156:443
Requested by https://upfilesurls.com/fm94Be
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (15948)
Size 116 kB (115478 bytes)
Hash e6a7526faf4df052d9d51268cec696d1
b43a371eae9e4bcd698b4094cf55645c55bd7072
71584a706884f144da8b87ed68f6e9d38dcb2a02e25f6800ff3a6f1c58927979
GET /?yzgkd=978153 HTTP/1.1
Host: d18kg2zy9x3t96.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 115478
date: Sat, 27 May 2023 15:49:49 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: cXKGHSmsabTKYz6GJkkOONJrxKEfk3CnZww-gK_LUCmgKg8K4su9JA==
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:443
Requested by https://upfilesurls.com/fm94Be
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 May 2023 03:11:48 GMT
expires: Sun, 26 May 2024 03:11:48 GMT
cache-control: public, max-age=31536000
age: 45481
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:443
Requested by https://upfilesurls.com/fm94Be
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 May 2023 07:44:41 GMT
expires: Sun, 26 May 2024 07:44:41 GMT
cache-control: public, max-age=31536000
age: 29108
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
216.58.207.227200 OK 38 kB URL GET HTTP/2 fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP 216.58.207.227:443
Requested by https://upfilesurls.com/fm94Be
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 37924, version 1.0\012- data
Hash e08be6d5d433944f7ad52902e4d24db5
e2600c1d60d12d397b3ee44411a021231d71e974
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
GET /s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 37924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 May 2023 03:18:14 GMT
expires: Sun, 26 May 2024 03:18:14 GMT
cache-control: public, max-age=31536000
age: 45095
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap
142.250.74.106200 OK 39 kB URL GET HTTP/2 fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap
IP 142.250.74.106:443
Requested by https://upfilesurls.com/fm94Be
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C
ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT
File type gzip compressed data, max compression\012- data
Hash 867d613942e51a75598589ec907d5455
32f17cba63888afe774b49d4fd019922f53bc3ed
46356c492500ef884cdb25faaf43a2bdb70c30f8003948b395c29e5a8f7172b0
GET /css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 27 May 2023 15:49:48 GMT
date: Sat, 27 May 2023 15:49:48 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
gforanythingamgl.info/WkZwNmZ1eRNFWzktGwYoMAwxUDdqADEGLG0HFwIjCw4DcCItC1ZCDz57SQFea3NDEBYzIk0HQCkyEUITKXtBEA80IB8LQCx7QRhVbmhDBEhoYAULV3wyAFcBZ3dWRhIuKk0HUGJzQgZUb35ID1Ri
172.67.216.177204 No Content 0 B URL GET HTTP/2 gforanythingamgl.info/WkZwNmZ1eRNFWzktGwYoMAwxUDdqADEGLG0HFwIjCw4DcCItC1ZCDz57SQFea3NDEBYzIk0HQCkyEUITKXtBEA80IB8LQCx7QRhVbmhDBEhoYAULV3wyAFcBZ3dWRhIuKk0HUGJzQgZUb35ID1Ri
IP 172.67.216.177:443
Requested by https://upfilesurls.com/fm94Be
Certificate IssuerGoogle Trust Services LLC
Subjectgforanythingamgl.info
Fingerprint5E:50:F4:C2:4F:D9:85:4E:40:F6:9A:2E:AC:04:DE:C2:79:BB:A8:74
ValidityFri, 05 May 2023 13:46:21 GMT - Thu, 03 Aug 2023 13:46:20 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WkZwNmZ1eRNFWzktGwYoMAwxUDdqADEGLG0HFwIjCw4DcCItC1ZCDz57SQFea3NDEBYzIk0HQCkyEUITKXtBEA80IB8LQCx7QRhVbmhDBEhoYAULV3wyAFcBZ3dWRhIuKk0HUGJzQgZUb35ID1Ri HTTP/1.1
Host: gforanythingamgl.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Sat, 27 May 2023 15:49:49 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1j%2BMUZAa3vP%2FMbra%2Fyk5orkH5yAov5hAsTJ1lSg42gnQ8PrhrQGmCNbq0ius%2Fx6KBsgD4cVpNwmIZ%2F5rrqz7AEWFQfYmlT9fUGNilTnH%2BQdGLVKS42%2BwEhzWZiQAYPRDe17TDpGK0u8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cdf68f6dfb1b515-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
upfilesurls.com/images/arrow-down.png?c98e5283a69cb508d054d30256af43c6
104.26.9.138200 OK 208 B URL GET HTTP/2 upfilesurls.com/images/arrow-down.png?c98e5283a69cb508d054d30256af43c6
IP 104.26.9.138:443
Requested by https://upfilesurls.com/fm94Be
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
File type PNG image data, 6 x 12, 8-bit/color RGBA, non-interlaced\012- data
Hash 31f073499665afb237f3294219d2d7c6
c1ada0510e31f661dab66203c15a3d6c8f5468d0
59b7ad6d6f457b624e25d22959edc7c83af2ac52edba32fd6648c97af0d1780c
Analyzer Verdict Alert fortinet Malware
GET /images/arrow-down.png?c98e5283a69cb508d054d30256af43c6 HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/css/frontend.css?id=2396ffb76e738e465b53
Cookie: XSRF-TOKEN=eyJpdiI6ImFkRkZLMmJzakpMSWhyK2FsRmxCVGc9PSIsInZhbHVlIjoiRzVXRGxybTh0VlRSMjhQT3pHb1dqdWs3OXhKKzJHL3dvems2YTRnanNESU0yMklBQnAvTURYRWtIMmMxTjdoMEdQcmoyL1pYME13SU9LakM5YUlGbXZWbDFFTXRGZEQrVmxQMlB5d1B0aEpwL2I4V2x4OENiVTk5Ty9xNFZtUGYiLCJtYWMiOiJjMjEzOTQ2ZTg1MTY5ZGIwYmRkZjczN2EwYmFhZDNiMTU5MzgzN2Q4YmMwNjgwNmNlMGNhYzc4NjMyNjU1OWU5IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6Imtlb2dhVzZVVzh1b1JGYTdmcllPYmc9PSIsInZhbHVlIjoiNS90RWxDby85eWtNTnB2QjZUSVVBcis1SjFuMndvcTB1TTRUaWFrNXNiVUNUMmwwdERoWFM3cU5LdmFSalliUmZJNkhCKzhpVTBVS0ZWTWFMU2lHdWZmV29CYzRaM0VOcWVLd3dJeWdLWW5wWHRUREQ5OXN6VEVBc2lVRkVSYVkiLCJtYWMiOiI5ZjM5MDdmNTU4NjZhMTJjMGM4YTZiYWM5MzUyMmFlN2JkOTI3MmZhNTBkODJjOTdiNDRhYjg3ZDM5ODA3OTU5IiwidGFnIjoiIn0%3D; auth=eyJpdiI6IlJaNXdzd3RyejlpdkJ2bnNjeFNYVWc9PSIsInZhbHVlIjoiVDZQbDYvN0hVM2NEOWZ0ZCs2NitRQT09IiwibWFjIjoiYjJmODIwMWM4ZjQ3OTcyYWFlNmRhNzIwYmUzZjYxNDQxYjY0OTkzYTg0OTNkMTE3ZWNiYTE0Nzk3NjI2NjMzMyIsInRhZyI6IiJ9; ab=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 27 May 2023 15:49:49 GMT
content-type: image/png
content-length: 208
last-modified: Fri, 08 Apr 2022 10:55:45 GMT
etag: "625014b1-d0"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 257807
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ir5XmEXJrgydr5oWVFeR7fs6WUcC8aZaJ0mosZTog%2BDFxqDJwOc9545yYH1LkZ2rvI0z9H23%2FUU3dR6zzCvAttBj4aim5daBMj%2BL4vmtVSFVzt422Eszm7%2BDzsif6SLgtA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cdf68f889c7b4f1-OSL
X-Firefox-Spdy: h2
fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
216.58.207.227200 OK 38 kB URL GET HTTP/2 fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP 216.58.207.227:443
Requested by https://upfilesurls.com/fm94Be
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 37924, version 1.0\012- data
Hash e08be6d5d433944f7ad52902e4d24db5
e2600c1d60d12d397b3ee44411a021231d71e974
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
GET /s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 37924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 May 2023 03:18:14 GMT
expires: Sun, 26 May 2024 03:18:14 GMT
cache-control: public, max-age=31536000
age: 45095
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:443
Requested by https://upfilesurls.com/fm94Be
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 21:39:40 GMT
expires: Wed, 22 May 2024 21:39:40 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 324609
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
gforanythingamgl.info/Tm9qemthUAkJVh0BJE8mIj1eKwB6JDNJGw08DSwMKCoaMykZDEwOAipSU01feF1eXBsnC1dLTT0bCw4ePVJbXAIgCQVHTThSW1RYekFZSEV8SR9HWmgbGhsMc15MCh86A1dLXXZaWEpZe1dSQ116
172.67.216.177204 No Content 0 B URL GET HTTP/3 gforanythingamgl.info/Tm9qemthUAkJVh0BJE8mIj1eKwB6JDNJGw08DSwMKCoaMykZDEwOAipSU01feF1eXBsnC1dLTT0bCw4ePVJbXAIgCQVHTThSW1RYekFZSEV8SR9HWmgbGhsMc15MCh86A1dLXXZaWEpZe1dSQ116
IP 172.67.216.177:443
Requested by https://upfilesurls.com/fm94Be
Certificate IssuerGoogle Trust Services LLC
Subjectgforanythingamgl.info
Fingerprint5E:50:F4:C2:4F:D9:85:4E:40:F6:9A:2E:AC:04:DE:C2:79:BB:A8:74
ValidityFri, 05 May 2023 13:46:21 GMT - Thu, 03 Aug 2023 13:46:20 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Tm9qemthUAkJVh0BJE8mIj1eKwB6JDNJGw08DSwMKCoaMykZDEwOAipSU01feF1eXBsnC1dLTT0bCw4ePVJbXAIgCQVHTThSW1RYekFZSEV8SR9HWmgbGhsMc15MCh86A1dLXXZaWEpZe1dSQ116 HTTP/1.1
Host: gforanythingamgl.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Sat, 27 May 2023 15:49:49 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KvfXxlU47gDK3jcdMyTZJdJm%2FuIi%2FouDdUWAVCXqC5ccNNsu4OEpgnNLLUpUT2kVCGhgZZPtTJixsfH9gJpw9wxV0rX%2BwroBdnjaVuE9yMVJ%2Brl%2BO%2BhOJj6nGK0B7kkDiCFQiTaqdpw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cdf68f8592e0afa-OSL
alt-svc: h3=":443"; ma=86400
live.demand.supply/up.js
104.16.134.22200 OK 2.1 kB IP 104.16.134.22:443
Requested by https://upfilesurls.com/fm94Be
Certificate IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (3472)
Hash 0feec3278bf7a223e234f1eeb23556bb
a90192459ede1b51622d28a8ff8c4302b9d0b1b2
443112fe9fedad64fe69d5bdbe0ff527e223ffdc0f2477040d415ab52cb02bf4
GET /up.js HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 27 May 2023 15:49:49 GMT
content-type: application/javascript; charset=UTF-8
cf-ray: 7cdf68f68df8b4f4-OSL
cf-cache-status: HIT
age: 1146
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
etag: W/"ad72f581a14aa3fbbf4827fac4449705-ssl-df"
link: <https://live.demand.supply/impl.v16.9.1.js>; rel=preload; as=script,<https://live.demand.supply/p4/v16-2-0/dXBmaWxlc3VybHMuY29tLw==>; rel=preload; as=script
vary: Accept-Encoding
cf-bgj: minify
cf-polished: origSize=4391
timing-allow-origin: *
x-nf-request-id: 01H0JH3JA8TSZ1S1CGSMZY0Q5D
set-cookie: demandSupplyTi=c8585f17-a5bc-4dd7-8626-aa8ec1c7029a; demandSupplyTc = null; demandSupplyTcI = null; SameSite=None; Secure; Max-Age=63072000
__cf_bm=KFGnbcwteVDJa99.p8ggJIJxesfZEnbL18_WMxYqWk0-1685202589-0-AcPyF1CRjEtIAVh4BsKOdBZBm+8R6GSsUMmz2R8ne+kdnQ9cY2sjbe8sNNNz1RkGMVPQMek/uX6vHnkWcKudWVk=; path=/; expires=Sat, 27-May-23 16:19:49 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdntechone.com/stattag.js
188.114.96.1200 OK 7.2 kB URL GET HTTP/2 cdntechone.com/stattag.js
IP 188.114.96.1:443
Requested by https://upfilesurls.com/fm94Be
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint22:B1:48:87:A8:EF:B2:9B:65:EB:D6:C6:FD:8D:EF:A7:A7:DE:52:29
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT
File type ASCII text, with very long lines (17871)
Hash 0fdff67feab23cc69ecfb6800fc54cb7
eb84c650e6d27e290795207b1f37dd7b67f2aa06
456e420aecd5ac679cc2bcb33daf7c063f54894fd076e99e05c06629234d3378
GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 27 May 2023 15:49:49 GMT
content-type: application/javascript
last-modified: Fri, 19 May 2023 08:43:53 GMT
etag: W/"646736c9-4859"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 6574
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PuowQKv7kvmW2MjowJ4X5adl6520rAyszjq79T%2BO1GGlYXN%2FmE1EaGCET7ms4IV1zHF%2FeAcXzXpC5CCv2pqb55lALYCx6v3suQT0YeC%2FBEdqOZo7FIg5HjiB8UH670s4Gw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cdf68f6b9bf0b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
live.demand.supply/x/e.js?ce=fs&dsReferer=dXBmaWxlc3VybHMuY29tL2ZtOTRCZQ==
104.16.134.22200 OK 0 B URL HEAD HTTP/3 live.demand.supply/x/e.js?ce=fs&dsReferer=dXBmaWxlc3VybHMuY29tL2ZtOTRCZQ==
IP 104.16.134.22:443
Requested by https://upfilesurls.com/fm94Be
Certificate IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /x/e.js?ce=fs&dsReferer=dXBmaWxlc3VybHMuY29tL2ZtOTRCZQ== HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 27 May 2023 15:49:49 GMT
content-type: application/javascript; charset=UTF-8
content-length: 1
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=2
etag: "dfe0abe17839ba4f36623d3c9332b694-ssl"
x-nf-request-id: 01H0WH53N5DXY1S5GWJ4J08TX0
cf-cache-status: HIT
age: 606368
accept-ranges: bytes
set-cookie: __cf_bm=kA53IRCg431Go2iQQRGfcyNCf6ugSOhpXiV5FNXW5JU-1685202589-0-AfYrmkmMQuOmJkhXV2G9pwmHpXVTteDLblElAXIWWRWrJmvqGLYTVjojJ2wn8+5fonLNGsFAG2OdfnEO/cjT12k=; path=/; expires=Sat, 27-May-23 16:19:49 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cdf68f958e8fac0-OSL
alt-svc: h3=":443"; ma=86400
etheappyrincea.info/SXZDdGQoFCAZWyhLIVIROxp+UVYPU3EyAHhOKBNWMw96DFc9T3VaByUZNhACOxktAEonEzdRVg8VJzEADhJzLTwCNSQmARg3Nj0POVNxMjABOHEmPA8lDyAxED0CJlIPIgEOKBpGcTsnJTEIHVQuPBYDEw9HBg0gIDh0JlYILwkdAxgTcj0NAjQRQzYeMy0xHRs8IEYlCjxzHxUCJ3MCIwoFLSEKGA8gGQwBL3MuVysRekc2HjxyOjMHMScNCyw9AjFBezAaRDJ7MgtNEwI+ATU9JyNyLVQTRQ01IiMkNC5XG0V6FQB7TxAQIRgRCgw1PTFxPlQELhExACdbGTwAeSRxLVQfRAYdUHkzKjUGGUQNMiUMIHEQVSVEFh4ufiQkUg46GS0EWRoxdi0OOTksRgkiISBMExg
52.85.242.93200 OK 1.2 kB URL GET HTTP/2 etheappyrincea.info/SXZDdGQoFCAZWyhLIVIROxp+UVYPU3EyAHhOKBNWMw96DFc9T3VaByUZNhACOxktAEonEzdRVg8VJzEADhJzLTwCNSQmARg3Nj0POVNxMjABOHEmPA8lDyAxED0CJlIPIgEOKBpGcTsnJTEIHVQuPBYDEw9HBg0gIDh0JlYILwkdAxgTcj0NAjQRQzYeMy0xHRs8IEYlCjxzHxUCJ3MCIwoFLSEKGA8gGQwBL3MuVysRekc2HjxyOjMHMScNCyw9AjFBezAaRDJ7MgtNEwI+ATU9JyNyLVQTRQ01IiMkNC5XG0V6FQB7TxAQIRgRCgw1PTFxPlQELhExACdbGTwAeSRxLVQfRAYdUHkzKjUGGUQNMiUMIHEQVSVEFh4ufiQkUg46GS0EWRoxdi0OOTksRgkiISBMExg
IP 52.85.242.93:443
Requested by https://upfilesurls.com/fm94Be
Certificate IssuerAmazon
Subjectetheappyrincea.info
FingerprintCA:17:98:7B:06:0A:D6:B9:7E:AA:96:FD:C8:F2:25:18:71:71:A8:4E
ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 02 Jun 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3009), with no line terminators
Hash 971633be17d753b28c211aff293d8337
9f7a246e3fd93e6bd409464ec47c475d877cbc56
e0eeed1f09231c388e538afc05a635c985c0e50efb47ac7c52122a2e4cf7a955
GET /SXZDdGQoFCAZWyhLIVIROxp+UVYPU3EyAHhOKBNWMw96DFc9T3VaByUZNhACOxktAEonEzdRVg8VJzEADhJzLTwCNSQmARg3Nj0POVNxMjABOHEmPA8lDyAxED0CJlIPIgEOKBpGcTsnJTEIHVQuPBYDEw9HBg0gIDh0JlYILwkdAxgTcj0NAjQRQzYeMy0xHRs8IEYlCjxzHxUCJ3MCIwoFLSEKGA8gGQwBL3MuVysRekc2HjxyOjMHMScNCyw9AjFBezAaRDJ7MgtNEwI+ATU9JyNyLVQTRQ01IiMkNC5XG0V6FQB7TxAQIRgRCgw1PTFxPlQELhExACdbGTwAeSRxLVQfRAYdUHkzKjUGGUQNMiUMIHEQVSVEFh4ufiQkUg46GS0EWRoxdi0OOTksRgkiISBMExg HTTP/1.1
Host: etheappyrincea.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1164
date: Sat, 27 May 2023 15:49:49 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 f9a0ddc3860252ab6c4d02ab024b4890.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: c6uaX0Ko0HOC-YK-vMstvThZJxUBhiGbVGP9WFP27vyV8qjnW6cstQ==
X-Firefox-Spdy: h2
etheappyrincea.info/blBwdkkPMhMbdg9tElA8HDxNU3sodUIwLV9oGxF7FClJDnoaaUZYKgI/BRIvHD8eAmcANQRTeygkJh09WjQlHXgkEikiLQcZGT4MBicpLgckATgGPicBAxcDFwpCNTM/MyocOiUXKAUuKzkcOw4XERE1HyNpPDVwKAInTn8lOCklLSYRBTAhNGAqRHk0FSMCOwhhRDQGOjsXJBs/aDklLjQSGQUlIgE2IhkqNEIwGwEqIA8qOxY3DiIqBUEULDYeRSUPXigqRTkKAhcCMwsFFywAKjdVRAsvFjJBEwQeMScxNDcWR3gpE0M4fD0RE1N7KDNDEXw8GBwAEzt9GBUrKQJHPjEvISAlGwoCB08iC2AcMCw5NEclHyxnKh95PBIJAT4kETInLBYSRiUcPD4qG3kgAzgRbwQjHxg5UyMxI3keIhxEPzcBSSQ/PyE
52.85.242.93200 OK 1.2 kB URL GET HTTP/2 etheappyrincea.info/blBwdkkPMhMbdg9tElA8HDxNU3sodUIwLV9oGxF7FClJDnoaaUZYKgI/BRIvHD8eAmcANQRTeygkJh09WjQlHXgkEikiLQcZGT4MBicpLgckATgGPicBAxcDFwpCNTM/MyocOiUXKAUuKzkcOw4XERE1HyNpPDVwKAInTn8lOCklLSYRBTAhNGAqRHk0FSMCOwhhRDQGOjsXJBs/aDklLjQSGQUlIgE2IhkqNEIwGwEqIA8qOxY3DiIqBUEULDYeRSUPXigqRTkKAhcCMwsFFywAKjdVRAsvFjJBEwQeMScxNDcWR3gpE0M4fD0RE1N7KDNDEXw8GBwAEzt9GBUrKQJHPjEvISAlGwoCB08iC2AcMCw5NEclHyxnKh95PBIJAT4kETInLBYSRiUcPD4qG3kgAzgRbwQjHxg5UyMxI3keIhxEPzcBSSQ/PyE
IP 52.85.242.93:443
Requested by https://upfilesurls.com/fm94Be
Certificate IssuerAmazon
Subjectetheappyrincea.info
FingerprintCA:17:98:7B:06:0A:D6:B9:7E:AA:96:FD:C8:F2:25:18:71:71:A8:4E
ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 02 Jun 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3030), with no line terminators
Hash 736151cc9327344cbe1028a59ed51e22
6acd523938a02c8a8d13c9222419cff37ce02d06
dcbba9f0bc7157ed06cc6aa255da946045b2efa5fe2e72b16538dd751010543d
GET /blBwdkkPMhMbdg9tElA8HDxNU3sodUIwLV9oGxF7FClJDnoaaUZYKgI/BRIvHD8eAmcANQRTeygkJh09WjQlHXgkEikiLQcZGT4MBicpLgckATgGPicBAxcDFwpCNTM/MyocOiUXKAUuKzkcOw4XERE1HyNpPDVwKAInTn8lOCklLSYRBTAhNGAqRHk0FSMCOwhhRDQGOjsXJBs/aDklLjQSGQUlIgE2IhkqNEIwGwEqIA8qOxY3DiIqBUEULDYeRSUPXigqRTkKAhcCMwsFFywAKjdVRAsvFjJBEwQeMScxNDcWR3gpE0M4fD0RE1N7KDNDEXw8GBwAEzt9GBUrKQJHPjEvISAlGwoCB08iC2AcMCw5NEclHyxnKh95PBIJAT4kETInLBYSRiUcPD4qG3kgAzgRbwQjHxg5UyMxI3keIhxEPzcBSSQ/PyE HTTP/1.1
Host: etheappyrincea.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1183
date: Sat, 27 May 2023 15:49:49 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 f9a0ddc3860252ab6c4d02ab024b4890.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: K_tTVxQFVjq7eGCSrGTLjOgmc-qz345RkHikWJUCaYOg9A59nKhx0Q==
X-Firefox-Spdy: h2
etheappyrincea.info/Yk9lVnkDLQY7RgNyB3AMECNYc0skalcQHVN3DjFLGDZcLkoWdlN4Gg4gEDIfECALIlcMKhFzSyQ6PAI0FSsLAzo6CVEHKgoZBAA8FgIzMRolHSAQMTUaKAw+GgoqDig4DTMQCVYbHWYoBAgCID4xdjwQHisfJwdNIxonPTg6GQEaLBUdAQNJFgo3ZzM3CSA+LyQaNBE+BSAqAygvDCQ6MyYJJA8xMSc8Ej8kNwAODhUsIQBAMBpVNRcgJ1ARLCQCIRE4VwowFCAmASMULSN+EjA+Gh0pECwwCSIHCiUEMBgvJCgoZiwkAiEHHiAeMDgwIB0OLikjN0g6LTB+IwMvMBoAEhE7DCgTHTAOAhQ+MAkgFT83HSMUSBIMIC40LRwdADwvfiQVODQnIwRJOwE3IV8IPAo4CV8iFWJMCwdcPggtFzw6Nwk
52.85.242.93200 OK 1.2 kB URL GET HTTP/2 etheappyrincea.info/Yk9lVnkDLQY7RgNyB3AMECNYc0skalcQHVN3DjFLGDZcLkoWdlN4Gg4gEDIfECALIlcMKhFzSyQ6PAI0FSsLAzo6CVEHKgoZBAA8FgIzMRolHSAQMTUaKAw+GgoqDig4DTMQCVYbHWYoBAgCID4xdjwQHisfJwdNIxonPTg6GQEaLBUdAQNJFgo3ZzM3CSA+LyQaNBE+BSAqAygvDCQ6MyYJJA8xMSc8Ej8kNwAODhUsIQBAMBpVNRcgJ1ARLCQCIRE4VwowFCAmASMULSN+EjA+Gh0pECwwCSIHCiUEMBgvJCgoZiwkAiEHHiAeMDgwIB0OLikjN0g6LTB+IwMvMBoAEhE7DCgTHTAOAhQ+MAkgFT83HSMUSBIMIC40LRwdADwvfiQVODQnIwRJOwE3IV8IPAo4CV8iFWJMCwdcPggtFzw6Nwk
IP 52.85.242.93:443
Requested by https://upfilesurls.com/fm94Be
Certificate IssuerAmazon
Subjectetheappyrincea.info
FingerprintCA:17:98:7B:06:0A:D6:B9:7E:AA:96:FD:C8:F2:25:18:71:71:A8:4E
ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 02 Jun 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3028), with no line terminators
Hash 692cc1a3b369e57813da420dd7da6408
c21b037ccc1497765f0647547a2489758c56e9b3
c363b848305f4aefc8a22d0f3cf6f0a7ecd97a9a85d9a8db46566e8f85af3bc4
GET /Yk9lVnkDLQY7RgNyB3AMECNYc0skalcQHVN3DjFLGDZcLkoWdlN4Gg4gEDIfECALIlcMKhFzSyQ6PAI0FSsLAzo6CVEHKgoZBAA8FgIzMRolHSAQMTUaKAw+GgoqDig4DTMQCVYbHWYoBAgCID4xdjwQHisfJwdNIxonPTg6GQEaLBUdAQNJFgo3ZzM3CSA+LyQaNBE+BSAqAygvDCQ6MyYJJA8xMSc8Ej8kNwAODhUsIQBAMBpVNRcgJ1ARLCQCIRE4VwowFCAmASMULSN+EjA+Gh0pECwwCSIHCiUEMBgvJCgoZiwkAiEHHiAeMDgwIB0OLikjN0g6LTB+IwMvMBoAEhE7DCgTHTAOAhQ+MAkgFT83HSMUSBIMIC40LRwdADwvfiQVODQnIwRJOwE3IV8IPAo4CV8iFWJMCwdcPggtFzw6Nwk HTTP/1.1
Host: etheappyrincea.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1180
date: Sat, 27 May 2023 15:49:49 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 f9a0ddc3860252ab6c4d02ab024b4890.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: ekedistVsanwAbrdZUnLZxWki6aVPjO7RcsdBTXu0yLRkmnk9XggLA==
X-Firefox-Spdy: h2
upfilesurls.com/css/frontend.css?id=2396ffb76e738e465b53
104.26.9.138200 OK 49 kB URL GET HTTP/2 upfilesurls.com/css/frontend.css?id=2396ffb76e738e465b53
IP 104.26.9.138:443
Requested by https://upfilesurls.com/fm94Be
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash cf7148de68c4ff76f21e2200b67fd8c4
ace4770fa2d643e676bccca417f7880c8a6565dd
e51161fcc5b2c4b90c3381e517152eb275d52a6c288954e502479d7421386240
GET /css/frontend.css?id=2396ffb76e738e465b53 HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/fm94Be
Cookie: XSRF-TOKEN=eyJpdiI6ImFkRkZLMmJzakpMSWhyK2FsRmxCVGc9PSIsInZhbHVlIjoiRzVXRGxybTh0VlRSMjhQT3pHb1dqdWs3OXhKKzJHL3dvems2YTRnanNESU0yMklBQnAvTURYRWtIMmMxTjdoMEdQcmoyL1pYME13SU9LakM5YUlGbXZWbDFFTXRGZEQrVmxQMlB5d1B0aEpwL2I4V2x4OENiVTk5Ty9xNFZtUGYiLCJtYWMiOiJjMjEzOTQ2ZTg1MTY5ZGIwYmRkZjczN2EwYmFhZDNiMTU5MzgzN2Q4YmMwNjgwNmNlMGNhYzc4NjMyNjU1OWU5IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6Imtlb2dhVzZVVzh1b1JGYTdmcllPYmc9PSIsInZhbHVlIjoiNS90RWxDby85eWtNTnB2QjZUSVVBcis1SjFuMndvcTB1TTRUaWFrNXNiVUNUMmwwdERoWFM3cU5LdmFSalliUmZJNkhCKzhpVTBVS0ZWTWFMU2lHdWZmV29CYzRaM0VOcWVLd3dJeWdLWW5wWHRUREQ5OXN6VEVBc2lVRkVSYVkiLCJtYWMiOiI5ZjM5MDdmNTU4NjZhMTJjMGM4YTZiYWM5MzUyMmFlN2JkOTI3MmZhNTBkODJjOTdiNDRhYjg3ZDM5ODA3OTU5IiwidGFnIjoiIn0%3D; auth=eyJpdiI6IlJaNXdzd3RyejlpdkJ2bnNjeFNYVWc9PSIsInZhbHVlIjoiVDZQbDYvN0hVM2NEOWZ0ZCs2NitRQT09IiwibWFjIjoiYjJmODIwMWM4ZjQ3OTcyYWFlNmRhNzIwYmUzZjYxNDQxYjY0OTkzYTg0OTNkMTE3ZWNiYTE0Nzk3NjI2NjMzMyIsInRhZyI6IiJ9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 27 May 2023 15:49:48 GMT
content-type: text/css
cf-bgj: minify
etag: W/"63a354a4-3f918"
last-modified: Wed, 21 Dec 2022 18:47:00 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cache-control: max-age=14400
cf-cache-status: HIT
age: 13219010
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tY%2BnA5YRYbE8U1jzb1SS0iQxgoRSO6KrrOn6nIaea920R3u7mVEh87R1lM0WQB0cucSP%2FmGludenLoNwyRYWHluAJ7xIQ9hEc2aPpz8ZMTNXb1gIojAQGP%2BRN2GqcHmgjg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cdf68f42c78b4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
upfilesurls.com/img/menu.svg
104.26.9.138200 OK 414 B URL GET HTTP/2 upfilesurls.com/img/menu.svg
IP 104.26.9.138:443
Requested by https://upfilesurls.com/fm94Be
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text
Hash e194fab3eea9f00d5a3814c4df00ac8c
4a9760c8ec110364d025527e26730e78ae0b3ac0
3d3e6705b468cecdd78fb9a1ee6688d60e1d2c1caa0db7baa88db460315dccea
Analyzer Verdict Alert fortinet Malware
GET /img/menu.svg HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/fm94Be
Cookie: XSRF-TOKEN=eyJpdiI6ImFkRkZLMmJzakpMSWhyK2FsRmxCVGc9PSIsInZhbHVlIjoiRzVXRGxybTh0VlRSMjhQT3pHb1dqdWs3OXhKKzJHL3dvems2YTRnanNESU0yMklBQnAvTURYRWtIMmMxTjdoMEdQcmoyL1pYME13SU9LakM5YUlGbXZWbDFFTXRGZEQrVmxQMlB5d1B0aEpwL2I4V2x4OENiVTk5Ty9xNFZtUGYiLCJtYWMiOiJjMjEzOTQ2ZTg1MTY5ZGIwYmRkZjczN2EwYmFhZDNiMTU5MzgzN2Q4YmMwNjgwNmNlMGNhYzc4NjMyNjU1OWU5IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6Imtlb2dhVzZVVzh1b1JGYTdmcllPYmc9PSIsInZhbHVlIjoiNS90RWxDby85eWtNTnB2QjZUSVVBcis1SjFuMndvcTB1TTRUaWFrNXNiVUNUMmwwdERoWFM3cU5LdmFSalliUmZJNkhCKzhpVTBVS0ZWTWFMU2lHdWZmV29CYzRaM0VOcWVLd3dJeWdLWW5wWHRUREQ5OXN6VEVBc2lVRkVSYVkiLCJtYWMiOiI5ZjM5MDdmNTU4NjZhMTJjMGM4YTZiYWM5MzUyMmFlN2JkOTI3MmZhNTBkODJjOTdiNDRhYjg3ZDM5ODA3OTU5IiwidGFnIjoiIn0%3D; auth=eyJpdiI6IlJaNXdzd3RyejlpdkJ2bnNjeFNYVWc9PSIsInZhbHVlIjoiVDZQbDYvN0hVM2NEOWZ0ZCs2NitRQT09IiwibWFjIjoiYjJmODIwMWM4ZjQ3OTcyYWFlNmRhNzIwYmUzZjYxNDQxYjY0OTkzYTg0OTNkMTE3ZWNiYTE0Nzk3NjI2NjMzMyIsInRhZyI6IiJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 27 May 2023 15:49:48 GMT
content-type: image/svg+xml
last-modified: Tue, 24 Jan 2023 16:39:42 GMT
vary: Accept-Encoding
etag: W/"63d009ce-72e"
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 257809
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KVeBL6cdc7EGfZarSb68gdhy3LS5QcGshs04vgZX%2BhWVDJJQQDKU2Y6Cfoh2ejwF32UeltLav2FV7owsM2%2FekeZ1UhhvCs65I7H9eURVMl2Zs%2BFQCq3jprIq4H0pFqE%2Fsg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cdf68f42c7bb4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
live.demand.supply/x/e.js?ce=bb&r=upfilesurls.com_auto_728x90_sticky_display_bottom&dsReferer=dXBmaWxlc3VybHMuY29tL2ZtOTRCZQ==
104.16.134.22200 OK 0 B URL HEAD HTTP/3 live.demand.supply/x/e.js?ce=bb&r=upfilesurls.com_auto_728x90_sticky_display_bottom&dsReferer=dXBmaWxlc3VybHMuY29tL2ZtOTRCZQ==
IP 104.16.134.22:443
Requested by https://upfilesurls.com/fm94Be
Certificate IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /x/e.js?ce=bb&r=upfilesurls.com_auto_728x90_sticky_display_bottom&dsReferer=dXBmaWxlc3VybHMuY29tL2ZtOTRCZQ== HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 27 May 2023 15:49:49 GMT
content-type: application/javascript; charset=UTF-8
content-length: 1
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=2
etag: "dfe0abe17839ba4f36623d3c9332b694-ssl"
x-nf-request-id: 01H0WH53N5DXY1S5GWJ4J08TX0
cf-cache-status: HIT
age: 606368
accept-ranges: bytes
set-cookie: __cf_bm=t4TR89LHAlTUjkTAQsXD0yXHB5__RJB7tL7HvxZrimI-1685202589-0-AToCoPqjznNKXX1Rn50ymuYfZIniTnKBcn2A5zA7Eg8Ds6toOC3RGqdLKxrWh29GEuk5zkjkQsai1Z0y5wB1V7s=; path=/; expires=Sat, 27-May-23 16:19:49 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cdf68fada68fac0-OSL
alt-svc: h3=":443"; ma=86400
upfilesurls.com/img/plane.svg
104.26.9.138200 OK 411 B URL GET HTTP/2 upfilesurls.com/img/plane.svg
IP 104.26.9.138:443
Requested by https://upfilesurls.com/fm94Be
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (580)
Hash 4f25968fc51a5e49dc1ea503d5d60e38
4221937e757eb15329dbc318092c9058044c5f73
d454583aa343d4c8aa4e42c0876b20e60c20c0b89284e4ef0c662d0426c18254
Analyzer Verdict Alert fortinet Malware
GET /img/plane.svg HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/fm94Be
Cookie: XSRF-TOKEN=eyJpdiI6ImFkRkZLMmJzakpMSWhyK2FsRmxCVGc9PSIsInZhbHVlIjoiRzVXRGxybTh0VlRSMjhQT3pHb1dqdWs3OXhKKzJHL3dvems2YTRnanNESU0yMklBQnAvTURYRWtIMmMxTjdoMEdQcmoyL1pYME13SU9LakM5YUlGbXZWbDFFTXRGZEQrVmxQMlB5d1B0aEpwL2I4V2x4OENiVTk5Ty9xNFZtUGYiLCJtYWMiOiJjMjEzOTQ2ZTg1MTY5ZGIwYmRkZjczN2EwYmFhZDNiMTU5MzgzN2Q4YmMwNjgwNmNlMGNhYzc4NjMyNjU1OWU5IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6Imtlb2dhVzZVVzh1b1JGYTdmcllPYmc9PSIsInZhbHVlIjoiNS90RWxDby85eWtNTnB2QjZUSVVBcis1SjFuMndvcTB1TTRUaWFrNXNiVUNUMmwwdERoWFM3cU5LdmFSalliUmZJNkhCKzhpVTBVS0ZWTWFMU2lHdWZmV29CYzRaM0VOcWVLd3dJeWdLWW5wWHRUREQ5OXN6VEVBc2lVRkVSYVkiLCJtYWMiOiI5ZjM5MDdmNTU4NjZhMTJjMGM4YTZiYWM5MzUyMmFlN2JkOTI3MmZhNTBkODJjOTdiNDRhYjg3ZDM5ODA3OTU5IiwidGFnIjoiIn0%3D; auth=eyJpdiI6IlJaNXdzd3RyejlpdkJ2bnNjeFNYVWc9PSIsInZhbHVlIjoiVDZQbDYvN0hVM2NEOWZ0ZCs2NitRQT09IiwibWFjIjoiYjJmODIwMWM4ZjQ3OTcyYWFlNmRhNzIwYmUzZjYxNDQxYjY0OTkzYTg0OTNkMTE3ZWNiYTE0Nzk3NjI2NjMzMyIsInRhZyI6IiJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 27 May 2023 15:49:48 GMT
content-type: image/svg+xml
last-modified: Fri, 13 Jan 2023 13:29:35 GMT
vary: Accept-Encoding
etag: W/"63c15cbf-2ac"
cache-control: max-age=2592000
cf-cache-status: HIT
age: 257809
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VpWFgUrP4EUZ4m2JnVv%2FixWIr9CeeWlzsbPQqUCv%2BuPopufhNrSFvQjldSt3rFw9TTlLBZKZMn9p2Nr4TkOn7vUquNPW4L22w6hOm3s8rF1MfJ8DjXJwJ12iOb8na7PXNw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cdf68f43c86b4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
etheappyrincea.info/utx?cb=LKNB8iRAGljm&top=upfilesurls.com&tid=974624
52.85.242.93204 No Content 0 B URL GET HTTP/2 etheappyrincea.info/utx?cb=LKNB8iRAGljm&top=upfilesurls.com&tid=974624
IP 52.85.242.93:443
Requested by https://upfilesurls.com/fm94Be
Certificate IssuerAmazon
Subjectetheappyrincea.info
FingerprintCA:17:98:7B:06:0A:D6:B9:7E:AA:96:FD:C8:F2:25:18:71:71:A8:4E
ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 02 Jun 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=LKNB8iRAGljm&top=upfilesurls.com&tid=974624 HTTP/1.1
Host: etheappyrincea.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Sat, 27 May 2023 15:49:49 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://upfilesurls.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sat, 27 May 2023 15:50:49 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 f9a0ddc3860252ab6c4d02ab024b4890.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: cKJ-wqtV-ezPjHpjwTpzkIe-QljHnA90LJZQ6KYgjLI1h0EkNiWHuA==
X-Firefox-Spdy: h2
upfiles.com/authenticate/fm94Be
172.67.173.106302 Found 117 kB URL User Request GET HTTP/2 upfiles.com/authenticate/fm94Be
IP 172.67.173.106:443
Certificate IssuerGoogle Trust Services LLC
Subjectupfiles.com
Fingerprint9E:09:AC:3C:B6:93:92:44:74:9D:D0:8F:D3:57:45:91:1B:B0:CC:7E
ValidityMon, 15 May 2023 04:04:52 GMT - Sun, 13 Aug 2023 04:04:51 GMT
Size 117 kB (116784 bytes)
Hash 0cbd7fbe4df795404f01decf19115cd6
67b4b7bae49b8cf2394bd8433bcfada89ecb59be
53e1817dcf7b2d3f88cae53f547bd9f914c3ecaf0920bfea1147723804f17cac
GET /authenticate/fm94Be HTTP/1.1
Host: upfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sat, 27 May 2023 15:49:48 GMT
content-type: text/html; charset=UTF-8
location: https://upfilesurls.com/fm94Be?auth=eyJpdiI6IlJaNXdzd3RyejlpdkJ2bnNjeFNYVWc9PSIsInZhbHVlIjoiVDZQbDYvN0hVM2NEOWZ0ZCs2NitRQT09IiwibWFjIjoiYjJmODIwMWM4ZjQ3OTcyYWFlNmRhNzIwYmUzZjYxNDQxYjY0OTkzYTg0OTNkMTE3ZWNiYTE0Nzk3NjI2NjMzMyIsInRhZyI6IiJ9
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6InFEdklEcXZ0Qlc2ZWZ3NGJuSUpMRGc9PSIsInZhbHVlIjoid2FKK0JYR1UybXI4SHpHNFkrMWdjZ2Z4aVI5aGRPTGV4RlVnN25NQjYrai8zVUtxS28xTVBPajg2WlJsY2p5MEozblozbGtuMVdPbEZiNGF1ZlRzSGwzMmpYVWRRVE1DYU5URExHVyszaEZXUlhRelF4NFRrUEtuNEgxZTlqZW8iLCJtYWMiOiI0MzFhYWJlOTQxYmJkYmFiY2EwNzdmMTI4MWM1ZDU5NTlhNzM1OGU4NjNkMDY2YzFkMzk0MTU2ZDYwYjIwMjE2IiwidGFnIjoiIn0%3D; expires=Sat, 27-May-2023 17:49:48 GMT; Max-Age=7200; path=/; samesite=lax
upfiles_session=eyJpdiI6IkZFeVpDcUoydVo2dGdrRUZDaWhGYnc9PSIsInZhbHVlIjoiRDBaZjZpWFNFVHRrOE5lU2RvcDJUZXRUQnJXejdiRjZ3RVhDdWc5dlpZaWV5aTZ4ZXZ4VWRuY1RraUVUbGlhKzZ0NFgwSzdpdTFIMndoWXJnUlJXeStwSFlzbXBSSmRwTWpBTS9CVlFETzlveEUyRlBNTStrb2w4aVRvWk5oc3ciLCJtYWMiOiIyMTZjNjBkN2ZiZDk3YmI0ZGNhNWZmMTc4YTlkODcyZWRhMGJkYTM3NzIyYTEyNDdkYWYwZmFkMDJiNmExM2Y3IiwidGFnIjoiIn0%3D; expires=Sat, 27-May-2023 17:49:48 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TOLcUXozj2wnwoAF831dJdpiNBPxgD93GkPP51Yi7lF0Grn%2Fo9thk8u3v1N2pitWuAIXPacvX4dKxU%2BueeeO9LhW8JnTjrDhD8QaRQvG0kkvz4wVqqN8wxuLrVN0jQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cdf68eeead20b45-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
datatechone.com/log/add?cid=099bff94-57af-4b2b-a42c-300c65c51697
139.45.195.253200 OK 2 B URL POST HTTP/1.1 datatechone.com/log/add?cid=099bff94-57af-4b2b-a42c-300c65c51697
IP 139.45.195.253:443
Requested by https://upfilesurls.com/fm94Be
Certificate IssuerSectigo Limited
Subjectdatatechone.com
Fingerprint8E:B7:22:E4:97:95:3C:60:FC:7C:41:39:A6:B7:B7:E2:48:B2:D0:18
ValiditySun, 18 Dec 2022 00:00:00 GMT - Sun, 24 Dec 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /log/add?cid=099bff94-57af-4b2b-a42c-300c65c51697 HTTP/1.1
Host: datatechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1349
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sat, 27 May 2023 15:49:50 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://upfilesurls.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
d18kg2zy9x3t96.cloudfront.net/cdEdGd0YXKCgReQAuIkp/THN2RXFSLTUYKAR6FTBzLS02OClGKi0gJUwwF1EyDiN7R2AYJigQe1IiKBR7RWEnEyRJc2ACJ0kqKQ0vGCsnUnQycmhHY0Z3bg93RWJ1NWNGdyoeKAE/Y0V2DH9wKHBAYnU1Y0Z3NAFjRwZ3R39ad29SdEQgIxQtG2J0MXREdn-ZHd0R2Y0V2Ei40EiAbP2NFAEV2d1l2UjJ7Rg
54.230.245.156 199 B URL d18kg2zy9x3t96.cloudfront.net/cdEdGd0YXKCgReQAuIkp/THN2RXFSLTUYKAR6FTBzLS02OClGKi0gJUwwF1EyDiN7R2AYJigQe1IiKBR7RWEnEyRJc2ACJ0kqKQ0vGCsnUnQycmhHY0Z3bg93RWJ1NWNGdyoeKAE/Y0V2DH9wKHBAYnU1Y0Z3NAFjRwZ3R39ad29SdEQgIxQtG2J0MXREdn-ZHd0R2Y0V2Ei40EiAbP2NFAEV2d1l2UjJ7Rg
IP 54.230.245.156:0
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash f7e291fb46df22287289cd11e6ac6b38
81ce60adcd817e5e65ff879cd20009f8b6e11716
434ab936db340c6863600f38f97430090bd4c23fbd6dd37c2c0e9c96ced9c031
GET /cdEdGd0YXKCgReQAuIkp/THN2RXFSLTUYKAR6FTBzLS02OClGKi0gJUwwF1EyDiN7R2AYJigQe1IiKBR7RWEnEyRJc2ACJ0kqKQ0vGCsnUnQycmhHY0Z3bg93RWJ1NWNGdyoeKAE/Y0V2DH9wKHBAYnU1Y0Z3NAFjRwZ3R39ad29SdEQgIxQtG2J0MXREdn-ZHd0R2Y0V2Ei40EiAbP2NFAEV2d1l2UjJ7Rg HTTP/1.1
Host: d18kg2zy9x3t96.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://etheappyrincea.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 199
date: Sat, 27 May 2023 15:49:50 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZbdMISsFvK1U_s3wwR6LdhZEnrPh_QeNiRvaY6IMyjevzAHpCWYhHA==
X-Firefox-Spdy: h2
d18kg2zy9x3t96.cloudfront.net/uYTMwdnUCXF4QShVaVEtMVgcGREFHWUMZGxEOXQZBVFp4Tx0QfGgvGS9YFgIPBQ4AUBkAXVdLUwRdU0tER1JUFEhVFUQGGgoOUQMCAlJDFAYHShYDFFxeXwwcDV9RU0cnBh5GUFMDGA5EUBYDNFBTA1wfGxRLFURFGQsGKUNVFgM0UFMDQgBQUnIBRkxPAx-lTR1FUVRUeDhYCMEdRAgBGRFECFURFB1pCExMOSxVEM1ACAVhFR0YNRw
54.230.245.156 605 B URL d18kg2zy9x3t96.cloudfront.net/uYTMwdnUCXF4QShVaVEtMVgcGREFHWUMZGxEOXQZBVFp4Tx0QfGgvGS9YFgIPBQ4AUBkAXVdLUwRdU0tER1JUFEhVFUQGGgoOUQMCAlJDFAYHShYDFFxeXwwcDV9RU0cnBh5GUFMDGA5EUBYDNFBTA1wfGxRLFURFGQsGKUNVFgM0UFMDQgBQUnIBRkxPAx-lTR1FUVRUeDhYCMEdRAgBGRFECFURFB1pCExMOSxVEM1ACAVhFR0YNRw
IP 54.230.245.156:0
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (843), with no line terminators
Hash 722a0839e6182c7191246f4c78a8fabd
c9e389779fba68d08683940ed407de5939191fe4
7df6074eb86163ab249226966b19aaabed1317b4039921a1f02ea7ff1e8ec1ff
GET /uYTMwdnUCXF4QShVaVEtMVgcGREFHWUMZGxEOXQZBVFp4Tx0QfGgvGS9YFgIPBQ4AUBkAXVdLUwRdU0tER1JUFEhVFUQGGgoOUQMCAlJDFAYHShYDFFxeXwwcDV9RU0cnBh5GUFMDGA5EUBYDNFBTA1wfGxRLFURFGQsGKUNVFgM0UFMDQgBQUnIBRkxPAx-lTR1FUVRUeDhYCMEdRAgBGRFECFURFB1pCExMOSxVEM1ACAVhFR0YNRw HTTP/1.1
Host: d18kg2zy9x3t96.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://etheappyrincea.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 605
date: Sat, 27 May 2023 15:49:50 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Bc-tR2-4PSme_hFjAEFupxZLyryM2zJu-0B6c351lxpP_Bvm69y6Lg==
X-Firefox-Spdy: h2
d18kg2zy9x3t96.cloudfront.net/tVkt4dUk1JBYTdiIiHEhwYXNJQHpwIQsaJyZ2CzQcZjsKGXsgEilMGyAaCVM9LC9FRW86KhYSdHAuFhZ0Z20ZEStrf14BOTkgRRQ8ISgZBislLQFTPDd2FRozPycUFGxkDU1beXN5SF0xZ3pdRgtzeUgZIDg+AFB7ZjNAQxZgf11GC3N5SAc/c3g5RHlvZU-hcbGR7HxAqPSRdRw9ke0lFeWd7SVB7Zi0RBywwJABQexB6SURnZm0NSHg
54.230.245.156 584 B URL d18kg2zy9x3t96.cloudfront.net/tVkt4dUk1JBYTdiIiHEhwYXNJQHpwIQsaJyZ2CzQcZjsKGXsgEilMGyAaCVM9LC9FRW86KhYSdHAuFhZ0Z20ZEStrf14BOTkgRRQ8ISgZBislLQFTPDd2FRozPycUFGxkDU1beXN5SF0xZ3pdRgtzeUgZIDg+AFB7ZjNAQxZgf11GC3N5SAc/c3g5RHlvZU-hcbGR7HxAqPSRdRw9ke0lFeWd7SVB7Zi0RBywwJABQexB6SURnZm0NSHg
IP 54.230.245.156:0
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (836), with no line terminators
Hash 1e779c13743f02be66b1362499eece4d
4198d159fdaeec25c629ec868978cdb397ec303a
a4bf5c27d6123afaf319636ff368408a371b972a40894bc35df150b14db7a0ab
GET /tVkt4dUk1JBYTdiIiHEhwYXNJQHpwIQsaJyZ2CzQcZjsKGXsgEilMGyAaCVM9LC9FRW86KhYSdHAuFhZ0Z20ZEStrf14BOTkgRRQ8ISgZBislLQFTPDd2FRozPycUFGxkDU1beXN5SF0xZ3pdRgtzeUgZIDg+AFB7ZjNAQxZgf11GC3N5SAc/c3g5RHlvZU-hcbGR7HxAqPSRdRw9ke0lFeWd7SVB7Zi0RBywwJABQexB6SURnZm0NSHg HTTP/1.1
Host: d18kg2zy9x3t96.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://etheappyrincea.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 584
date: Sat, 27 May 2023 15:49:50 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8t_tCWcqb6GfEN_7lN8Dz8Gp3Tgck7IW-C7Q643dWPM93OySi5I73g==
X-Firefox-Spdy: h2
accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneGECHvzTvzSj0Qt55EVKgfGw3vUuFA6iUDa59WLiuG_LRh1yc0p8NVub6D-30G4I9DgN745fA
142.250.74.45302 Found 401 B URL GET HTTP/3 accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneGECHvzTvzSj0Qt55EVKgfGw3vUuFA6iUDa59WLiuG_LRh1yc0p8NVub6D-30G4I9DgN745fA
IP 142.250.74.45:443
Requested by https://upfilesurls.com/fm94Be
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (384)
Hash f1a5ef2e74ff9407906c61399028ec70
fd6cc4d54ace959f114363b99e9f415cb155df2c
2e63ba1959e6905d9840e71e6db2353f88548e865deaec1ed56804321d00aa34
GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneGECHvzTvzSj0Qt55EVKgfGw3vUuFA6iUDa59WLiuG_LRh1yc0p8NVub6D-30G4I9DgN745fA HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:dOZH0LBxCq2ZHWKrcGSVNTVZPEep_Q:KDQDaY9tB0gz-3aP;Path=/;Expires=Mon, 26-May-2025 15:49:50 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 27 May 2023 15:49:50 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S2114041291%3A1685202590558642&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFzeNjeqOq2J4-7y058nm0-qGxaqopoBwSVbr68cyqmk-b11MOA04Rsz6WVoWNPQWygmkZEKw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-Bdntsk4fE9toW0Hz2aI_Vg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 401
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js
142.250.74.35200 OK 166 kB URL GET HTTP/2 www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js
IP 142.250.74.35:443
Requested by https://upfilesurls.com/fm94Be
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type ASCII text, with very long lines (660)
Size 166 kB (166449 bytes)
Hash 95a32a4d8f8be968bc15d6ab9b9491d1
fbfbcb40c8d8997096cd2ea3d8cfc3dee1981015
a41096fbcf982d79bf075bf2378c9c0c2e8ada5bdc94bd7cc794454135ccf981
GET /recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166449
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 22 May 2023 23:49:29 GMT
expires: Tue, 21 May 2024 23:49:29 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 May 2023 20:58:33 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 403221
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneFzPB5gHbAC7eGU69NTER9leOZz82XW_JBPKdDNAYWDu-IYVw9upRfQ0q0q6BrhRMYXpTkPtA
142.250.74.45302 Found 395 B URL GET HTTP/3 accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneFzPB5gHbAC7eGU69NTER9leOZz82XW_JBPKdDNAYWDu-IYVw9upRfQ0q0q6BrhRMYXpTkPtA
IP 142.250.74.45:443
Requested by https://upfilesurls.com/fm94Be
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (380)
Hash 946362c0c03a4265a234aca304578836
55d946e204520e1acd0050238c7f1ff865b1b03f
f30cda27b13d39ececc3a46ff7835106ceb4832c7b513839457b8bcb74aa839e
GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneFzPB5gHbAC7eGU69NTER9leOZz82XW_JBPKdDNAYWDu-IYVw9upRfQ0q0q6BrhRMYXpTkPtA HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:W4gBZ4NAKxlUjh7JZSex4WOJ-XQtwA:5PtFpdaXeAU_-bY6;Path=/;Expires=Mon, 26-May-2025 15:49:50 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 27 May 2023 15:49:50 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-636734838%3A1685202590606669&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneH_cNsieYVBRt2hMDtknE6hI7OzV3K3PXAmIxM6-qZsqqe1wjVFkQDoMstCy7b9G9LBlWu54Q&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: script-src 'nonce-VFWAoU2xZJBee3EgD46uxA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 395
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
accounts.google.com/v3/signin/identifier?dsh=S-636734838%3A1685202590606669&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneH_cNsieYVBRt2hMDtknE6hI7OzV3K3PXAmIxM6-qZsqqe1wjVFkQDoMstCy7b9G9LBlWu54Q&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
142.250.74.45403 Forbidden 805 B URL GET HTTP/3 accounts.google.com/v3/signin/identifier?dsh=S-636734838%3A1685202590606669&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneH_cNsieYVBRt2hMDtknE6hI7OzV3K3PXAmIxM6-qZsqqe1wjVFkQDoMstCy7b9G9LBlWu54Q&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
IP 142.250.74.45:443
Requested by https://upfilesurls.com/fm94Be
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1644), with no line terminators
Hash e8db9a9b9d047c662b0f66555d482654
dcef03dad65d1bc35aeada818e2f2fc72703e51e
86b68328d79442805556c6c504c8e1ad187836b8a6fd3865d0839d09d41e9235
GET /v3/signin/identifier?dsh=S-636734838%3A1685202590606669&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneH_cNsieYVBRt2hMDtknE6hI7OzV3K3PXAmIxM6-qZsqqe1wjVFkQDoMstCy7b9G9LBlWu54Q&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 27 May 2023 15:49:50 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-security-policy: script-src 'nonce-vfecL7ppDFEzsbxrmITB-w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
live.demand.supply/css/sdb.css
104.16.134.22200 OK 3.8 kB URL GET HTTP/3 live.demand.supply/css/sdb.css
IP 104.16.134.22:443
Requested by https://upfilesurls.com/fm94Be
Certificate IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (3765), with no line terminators
Hash 05937abfafb30dc374d6de75acf7b940
d8d47f032e9344f49aca58294b29f7456ef6a8c3
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
GET /css/sdb.css HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Cookie: demandSupplyTi=c8585f17-a5bc-4dd7-8626-aa8ec1c7029a; __cf_bm=KFGnbcwteVDJa99.p8ggJIJxesfZEnbL18_WMxYqWk0-1685202589-0-AcPyF1CRjEtIAVh4BsKOdBZBm+8R6GSsUMmz2R8ne+kdnQ9cY2sjbe8sNNNz1RkGMVPQMek/uX6vHnkWcKudWVk=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 27 May 2023 15:49:49 GMT
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-bgj: minify
etag: W/"281c43d3e253957887c3e1dad5bbb310-ssl-df"
vary: Accept-Encoding
x-nf-request-id: 01GZGR6SCB0Q49R1S22Y9RAR9T
cf-cache-status: HIT
age: 47312
server: cloudflare
cf-ray: 7cdf68fadb351c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
104.26.9.138302 Found 87 kB URL User Request GET HTTP/2 IP 104.26.9.138:443
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /fm94Be HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sat, 27 May 2023 15:49:47 GMT
content-type: text/html; charset=UTF-8
location: https://upfiles.com/authenticate/fm94Be
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6IlpuRjZyYXp1K0ZsdlZRcStYRUhRMFE9PSIsInZhbHVlIjoiSXZ6UXhWUmExKzFObndCL0hYMXFvcmV1WndSZTdjdUVmSEZNeExLTGR5MEN0ejJUTnJRSnVpTHFNWlNPK0ZnRWVtV1BHbDBqY2hhVlJDUmttbWNLalFqWUFnRk9naGkwbWtxL1o4bmRtQkd0VFg3bEFObmY1TXNoQTAydDArb0IiLCJtYWMiOiIzZjE1MmVlMmU4ZmQzMjdhOGJkNmVmNzUwYWMyM2UyOTgxODM4MmEwYzZlY2M0NDUwNDQxODU1MzBjMGRlOTg4IiwidGFnIjoiIn0%3D; expires=Sat, 27-May-2023 17:49:47 GMT; Max-Age=7200; path=/; samesite=lax
upfiles_session=eyJpdiI6Ik5MWWFKa2QzOEMzWkppd3ROR2k0WHc9PSIsInZhbHVlIjoiajJKdTdDYVZVVy8wc0kxb0taaXV1N2hrQ21ialNFTFUwaHNMd1J5ZHdOYS9XS2dKUEtKN2phQ1NTREdBbjJncFRucjZZUFd6ajF6MTh2ZDhKNWhDV0hWYXpreTRwVWtxSTcrSWh6dW9FekppakU2b0cxWVdMUlRod1VGS2gyYWEiLCJtYWMiOiJjMjI1OTI1N2ZkZmQ3MjVlYWZhMDdmNGE4NDQxOWFmYTFlM2JlNWE4ZDRmOTgyOTgxN2IwZmZlMDkyYTcxMTMxIiwidGFnIjoiIn0%3D; expires=Sat, 27-May-2023 17:49:47 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iiIu6qxrcUCtsG5omuZyVL4rT7htDBH8RLyCtPKJ6x4J8LSG5HSsMUsH0SqY2k%2FUIDWbcuByfKtx6pDt0yzgzoEOjO3RYQZk2TySUcd%2F%2B69XLs4Jr9Wnp2f%2B4xDihemeCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cdf68ed2a73b4f1-OSL
X-Firefox-Spdy: h2
gforanythingamgl.info/OFA4U24Xb1sgU1kUUBo7CTxiFzZUPGEFXnI2fxUGYBFMag8KER4nB1xtAWtaCGIPdR5RNAViVh4jTDIaTSMFYkhRPl48Ux4mBWJACH4KfV0eJQViSEwgWTRTCXZIJxpUbQllVg1iCGFbAGgBZFg
172.67.216.177204 No Content 0 B URL GET HTTP/3 gforanythingamgl.info/OFA4U24Xb1sgU1kUUBo7CTxiFzZUPGEFXnI2fxUGYBFMag8KER4nB1xtAWtaCGIPdR5RNAViVh4jTDIaTSMFYkhRPl48Ux4mBWJACH4KfV0eJQViSEwgWTRTCXZIJxpUbQllVg1iCGFbAGgBZFg
IP 172.67.216.177:443
Requested by https://upfilesurls.com/fm94Be
Certificate IssuerGoogle Trust Services LLC
Subjectgforanythingamgl.info
Fingerprint5E:50:F4:C2:4F:D9:85:4E:40:F6:9A:2E:AC:04:DE:C2:79:BB:A8:74
ValidityFri, 05 May 2023 13:46:21 GMT - Thu, 03 Aug 2023 13:46:20 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /OFA4U24Xb1sgU1kUUBo7CTxiFzZUPGEFXnI2fxUGYBFMag8KER4nB1xtAWtaCGIPdR5RNAViVh4jTDIaTSMFYkhRPl48Ux4mBWJACH4KfV0eJQViSEwgWTRTCXZIJxpUbQllVg1iCGFbAGgBZFg HTTP/1.1
Host: gforanythingamgl.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 204 No Content
date: Sat, 27 May 2023 15:49:49 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3PyCOtlEo2FZ0VuloLJmz9LCJZhRoTU2rB7RZ0JroH%2FckjX1Xfjx8y5W03Dte%2FpczeZQFGOVC9OfXzRJUf5T6eZPfLOwdnbMzCUz0N06l%2FvzFUzknmbiTkDQ3Ie%2FVEaCUJN%2FfkNWgX0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cdf68f869410afa-OSL
alt-svc: h3=":443"; ma=86400
live.demand.supply/e/e.js?e=ll&d=317&cs=c&dsReferer=dXBmaWxlc3VybHMuY29tL2ZtOTRCZQ==
104.16.134.22200 OK 0 B URL HEAD HTTP/3 live.demand.supply/e/e.js?e=ll&d=317&cs=c&dsReferer=dXBmaWxlc3VybHMuY29tL2ZtOTRCZQ==
IP 104.16.134.22:443
Requested by https://upfilesurls.com/fm94Be
Certificate IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /e/e.js?e=ll&d=317&cs=c&dsReferer=dXBmaWxlc3VybHMuY29tL2ZtOTRCZQ== HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 27 May 2023 15:49:49 GMT
content-type: application/javascript; charset=UTF-8
content-length: 1
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=2
etag: "dfe0abe17839ba4f36623d3c9332b694-ssl"
x-nf-request-id: 01H0WH535VZPRFR8SSXVB2WVS7
cf-cache-status: HIT
age: 606368
accept-ranges: bytes
set-cookie: __cf_bm=yZRK2gd0Tb.0Cq3Yx5mmpcQ4lX2Gf8GuGFXSgtyh9gg-1685202589-0-ATY2nCUZivL85DRE3yKjEIEDRGJdSB1Urj4ULcmm8GLg55C/R4hQ1JoTH/9t0X0jGgmi0jcc7qPE6Z+9IvD/v+s=; path=/; expires=Sat, 27-May-23 16:19:49 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cdf68f8d843fac0-OSL
alt-svc: h3=":443"; ma=86400
upfilesurls.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/938e2b5c/invisible.js
104.26.9.138200 OK 26 kB URL GET HTTP/2 upfilesurls.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/938e2b5c/invisible.js
IP 104.26.9.138:443
Requested by https://upfilesurls.com/fm94Be
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
File type ASCII text, with very long lines (25576), with no line terminators
Hash 78048827c011b4ae967d6db87bd8a457
6b8a4042cede88d34e9c098b3f29fea43aec880e
de4338d4b40dad6adac55a7176f9d220a5f8f5f58bbcb9f2d4028b7d9c60142b
Analyzer Verdict Alert fortinet Malware
GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/938e2b5c/invisible.js HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImFkRkZLMmJzakpMSWhyK2FsRmxCVGc9PSIsInZhbHVlIjoiRzVXRGxybTh0VlRSMjhQT3pHb1dqdWs3OXhKKzJHL3dvems2YTRnanNESU0yMklBQnAvTURYRWtIMmMxTjdoMEdQcmoyL1pYME13SU9LakM5YUlGbXZWbDFFTXRGZEQrVmxQMlB5d1B0aEpwL2I4V2x4OENiVTk5Ty9xNFZtUGYiLCJtYWMiOiJjMjEzOTQ2ZTg1MTY5ZGIwYmRkZjczN2EwYmFhZDNiMTU5MzgzN2Q4YmMwNjgwNmNlMGNhYzc4NjMyNjU1OWU5IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6Imtlb2dhVzZVVzh1b1JGYTdmcllPYmc9PSIsInZhbHVlIjoiNS90RWxDby85eWtNTnB2QjZUSVVBcis1SjFuMndvcTB1TTRUaWFrNXNiVUNUMmwwdERoWFM3cU5LdmFSalliUmZJNkhCKzhpVTBVS0ZWTWFMU2lHdWZmV29CYzRaM0VOcWVLd3dJeWdLWW5wWHRUREQ5OXN6VEVBc2lVRkVSYVkiLCJtYWMiOiI5ZjM5MDdmNTU4NjZhMTJjMGM4YTZiYWM5MzUyMmFlN2JkOTI3MmZhNTBkODJjOTdiNDRhYjg3ZDM5ODA3OTU5IiwidGFnIjoiIn0%3D; auth=eyJpdiI6IlJaNXdzd3RyejlpdkJ2bnNjeFNYVWc9PSIsInZhbHVlIjoiVDZQbDYvN0hVM2NEOWZ0ZCs2NitRQT09IiwibWFjIjoiYjJmODIwMWM4ZjQ3OTcyYWFlNmRhNzIwYmUzZjYxNDQxYjY0OTkzYTg0OTNkMTE3ZWNiYTE0Nzk3NjI2NjMzMyIsInRhZyI6IiJ9; ab=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 27 May 2023 15:49:49 GMT
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
cache-control: max-age=14400, public
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xrhQ1tedItKXygVoHgli%2F7AcatGjYx4CIojtErodM3cyu94zpcL%2FbrpiWt3Dcq3KKSrCcogM%2BzyzsC%2B060uFVhy6DqSkruWYVExIFbcfZvbnTYfKX%2BkNscVPlR1ko%2FPYUg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cdf68f93a85b4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
live.demand.supply/p4/v16-2-0/dXBmaWxlc3VybHMuY29tL2ZtOTRCZQ==
104.16.134.22200 OK 984 B URL GET HTTP/3 live.demand.supply/p4/v16-2-0/dXBmaWxlc3VybHMuY29tL2ZtOTRCZQ==
IP 104.16.134.22:443
Requested by https://upfilesurls.com/fm94Be
Certificate IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (1122), with no line terminators
Hash 640ccbb80a8e0195a923023aef78d900
64e91e8dd38a76386f5317fa19f77ff7f4c39124
b61a9938d1a378bac00a63de0371b7cba9574f3a25716de807deb5bde7edca63
GET /p4/v16-2-0/dXBmaWxlc3VybHMuY29tL2ZtOTRCZQ== HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Cookie: demandSupplyTi=c8585f17-a5bc-4dd7-8626-aa8ec1c7029a; __cf_bm=KFGnbcwteVDJa99.p8ggJIJxesfZEnbL18_WMxYqWk0-1685202589-0-AcPyF1CRjEtIAVh4BsKOdBZBm+8R6GSsUMmz2R8ne+kdnQ9cY2sjbe8sNNNz1RkGMVPQMek/uX6vHnkWcKudWVk=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 27 May 2023 15:49:49 GMT
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cdf68f8b8e91c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
142.250.74.131200 OK 921 B URL GET HTTP/2 www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
IP 142.250.74.131:443
Requested by https://upfilesurls.com/fm94Be
Certificate IssuerGoogle Trust Services LLC
Subjectmisc.google.com
Fingerprint84:2B:3C:EA:5D:89:48:EC:DE:99:FD:C0:2A:32:C6:E3:35:2B:B5:44
ValidityMon, 08 May 2023 08:21:14 GMT - Mon, 31 Jul 2023 08:21:13 GMT
File type ASCII text, with very long lines (921), with no line terminators
Hash c0c5f1bc3dc1207fc4647a1971f7f8b2
a94949b5e56d94885045927d8d421d58297a8731
6813158c368d2541a76ab7284095e1987ec7ac6c39eed3a6312faf5f9a939249
GET /recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit HTTP/1.1
Host: www.recaptcha.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
expires: Sat, 27 May 2023 15:49:49 GMT
date: Sat, 27 May 2023 15:49:49 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 586
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
upfilesurls.com/cdn-cgi/challenge-platform/scripts/invisible.js
104.26.9.138302 Found 26 kB URL GET HTTP/2 upfilesurls.com/cdn-cgi/challenge-platform/scripts/invisible.js
IP 104.26.9.138:443
Requested by https://upfilesurls.com/fm94Be
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /cdn-cgi/challenge-platform/scripts/invisible.js HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImFkRkZLMmJzakpMSWhyK2FsRmxCVGc9PSIsInZhbHVlIjoiRzVXRGxybTh0VlRSMjhQT3pHb1dqdWs3OXhKKzJHL3dvems2YTRnanNESU0yMklBQnAvTURYRWtIMmMxTjdoMEdQcmoyL1pYME13SU9LakM5YUlGbXZWbDFFTXRGZEQrVmxQMlB5d1B0aEpwL2I4V2x4OENiVTk5Ty9xNFZtUGYiLCJtYWMiOiJjMjEzOTQ2ZTg1MTY5ZGIwYmRkZjczN2EwYmFhZDNiMTU5MzgzN2Q4YmMwNjgwNmNlMGNhYzc4NjMyNjU1OWU5IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6Imtlb2dhVzZVVzh1b1JGYTdmcllPYmc9PSIsInZhbHVlIjoiNS90RWxDby85eWtNTnB2QjZUSVVBcis1SjFuMndvcTB1TTRUaWFrNXNiVUNUMmwwdERoWFM3cU5LdmFSalliUmZJNkhCKzhpVTBVS0ZWTWFMU2lHdWZmV29CYzRaM0VOcWVLd3dJeWdLWW5wWHRUREQ5OXN6VEVBc2lVRkVSYVkiLCJtYWMiOiI5ZjM5MDdmNTU4NjZhMTJjMGM4YTZiYWM5MzUyMmFlN2JkOTI3MmZhNTBkODJjOTdiNDRhYjg3ZDM5ODA3OTU5IiwidGFnIjoiIn0%3D; auth=eyJpdiI6IlJaNXdzd3RyejlpdkJ2bnNjeFNYVWc9PSIsInZhbHVlIjoiVDZQbDYvN0hVM2NEOWZ0ZCs2NitRQT09IiwibWFjIjoiYjJmODIwMWM4ZjQ3OTcyYWFlNmRhNzIwYmUzZjYxNDQxYjY0OTkzYTg0OTNkMTE3ZWNiYTE0Nzk3NjI2NjMzMyIsInRhZyI6IiJ9; ab=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sat, 27 May 2023 15:49:49 GMT
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/938e2b5c/invisible.js
vary: accept-encoding
cache-control: max-age=300, public
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H7ycmchsn2%2BrPVY5B8TH%2BT3oc9XoPMy9NDcAO0j9CAPmp4yfMjShts6aJKUZo6uRa4Q94yFPpXR6gkJC0Y8uHKfmLrbiruJLWhCJGO8wruORs82gw%2FdwEQe%2FEDjUGIhFuw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cdf68f8ca07b4f1-OSL
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S2114041291%3A1685202590558642&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFzeNjeqOq2J4-7y058nm0-qGxaqopoBwSVbr68cyqmk-b11MOA04Rsz6WVoWNPQWygmkZEKw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
142.250.74.45403 Forbidden 0 B URL GET HTTP/3 accounts.google.com/v3/signin/identifier?dsh=S2114041291%3A1685202590558642&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFzeNjeqOq2J4-7y058nm0-qGxaqopoBwSVbr68cyqmk-b11MOA04Rsz6WVoWNPQWygmkZEKw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
IP 142.250.74.45:443
Requested by https://upfilesurls.com/fm94Be
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/signin/identifier?dsh=S2114041291%3A1685202590558642&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFzeNjeqOq2J4-7y058nm0-qGxaqopoBwSVbr68cyqmk-b11MOA04Rsz6WVoWNPQWygmkZEKw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 27 May 2023 15:49:50 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-security-policy: script-src 'nonce-gpG46gK2ocri8rTi9ZkEtw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
104.26.9.138200 OK 87 kB URL User Request GET HTTP/2 IP 104.26.9.138:443
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /fm94Be HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IitzWVRFMjQ4Wm0xTFhYd3FrTVlFckE9PSIsInZhbHVlIjoiYzFZT3I1RFpIUjRjcW5yQnJUVy9RWG00dURiR1lLWWpQMGtIUlpPbGN0Zm9rSjQ3N1I1NVZ0bXZIOEFHOHRQY2VZNE5yU0ZvZmRsMGV5REk0dlI2NitnMENUQ2ZoTjZpTjJsUVpXUmpDTmVYOTF4aXBDZFdhRzdmSkQwUXpLY04iLCJtYWMiOiIwYjI5MjIwYmZkODlkOTNmNjBlNjY0MGQxNjI0OTgwODZmMTg1OGMyZjU1ZTdkMjJkYWEwYzA3MWM4MGJlNzU0IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6Imx6Yk5UNFYwREJrVG1kUTlWVVlqK3c9PSIsInZhbHVlIjoiUDZ3anpiMlErb3JBRXVybDdlaXlVTFBzTWU3VnZPY0dYc0hxL2REblI3b1dqR0xTV2hSYUdWSXJrWkQxTnh0amc2QU5YcUNSTjRBMEtYcHN4VGtMb014emdjcDgzdGxPakhIaHZmOGVJNHlSK0wwWUM4NDF5a3dBWEFjWC9WU3IiLCJtYWMiOiIzNTcwMGUxM2Y4ZDM5MjI1MmQzMzEyMDQxNWY3OWRjYjYzMTYwODk3ZTcxMmY4YWE5ZTFhYjg3MTVjYzViNTgxIiwidGFnIjoiIn0%3D; auth=eyJpdiI6IlJaNXdzd3RyejlpdkJ2bnNjeFNYVWc9PSIsInZhbHVlIjoiVDZQbDYvN0hVM2NEOWZ0ZCs2NitRQT09IiwibWFjIjoiYjJmODIwMWM4ZjQ3OTcyYWFlNmRhNzIwYmUzZjYxNDQxYjY0OTkzYTg0OTNkMTE3ZWNiYTE0Nzk3NjI2NjMzMyIsInRhZyI6IiJ9
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 27 May 2023 15:49:48 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6ImFkRkZLMmJzakpMSWhyK2FsRmxCVGc9PSIsInZhbHVlIjoiRzVXRGxybTh0VlRSMjhQT3pHb1dqdWs3OXhKKzJHL3dvems2YTRnanNESU0yMklBQnAvTURYRWtIMmMxTjdoMEdQcmoyL1pYME13SU9LakM5YUlGbXZWbDFFTXRGZEQrVmxQMlB5d1B0aEpwL2I4V2x4OENiVTk5Ty9xNFZtUGYiLCJtYWMiOiJjMjEzOTQ2ZTg1MTY5ZGIwYmRkZjczN2EwYmFhZDNiMTU5MzgzN2Q4YmMwNjgwNmNlMGNhYzc4NjMyNjU1OWU5IiwidGFnIjoiIn0%3D; expires=Sat, 27-May-2023 17:49:48 GMT; Max-Age=7200; path=/; samesite=lax
upfiles_session=eyJpdiI6Imtlb2dhVzZVVzh1b1JGYTdmcllPYmc9PSIsInZhbHVlIjoiNS90RWxDby85eWtNTnB2QjZUSVVBcis1SjFuMndvcTB1TTRUaWFrNXNiVUNUMmwwdERoWFM3cU5LdmFSalliUmZJNkhCKzhpVTBVS0ZWTWFMU2lHdWZmV29CYzRaM0VOcWVLd3dJeWdLWW5wWHRUREQ5OXN6VEVBc2lVRkVSYVkiLCJtYWMiOiI5ZjM5MDdmNTU4NjZhMTJjMGM4YTZiYWM5MzUyMmFlN2JkOTI3MmZhNTBkODJjOTdiNDRhYjg3ZDM5ODA3OTU5IiwidGFnIjoiIn0%3D; expires=Sat, 27-May-2023 17:49:48 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i3sjPbcF2ENV4mmwWBfOxyKqkhbWJijXivaqGUx7oZlik0XQfMoaqyMbphM1Rv8j4MBH2Gj%2FhlpKeec%2BD%2FnyBAhS2lpAbSkn4M9liOPqpJqDiR0BmHNAvXzk1s0ROouX2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cdf68f0dfe8b4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
upfilesurls.com/js/frontend.js?id=88f283c744d8a6e43cfb
104.26.9.138200 OK 981 kB URL GET HTTP/2 upfilesurls.com/js/frontend.js?id=88f283c744d8a6e43cfb
IP 104.26.9.138:443
Requested by https://upfilesurls.com/fm94Be
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
Size 981 kB (980828 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /js/frontend.js?id=88f283c744d8a6e43cfb HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/fm94Be
Cookie: XSRF-TOKEN=eyJpdiI6ImFkRkZLMmJzakpMSWhyK2FsRmxCVGc9PSIsInZhbHVlIjoiRzVXRGxybTh0VlRSMjhQT3pHb1dqdWs3OXhKKzJHL3dvems2YTRnanNESU0yMklBQnAvTURYRWtIMmMxTjdoMEdQcmoyL1pYME13SU9LakM5YUlGbXZWbDFFTXRGZEQrVmxQMlB5d1B0aEpwL2I4V2x4OENiVTk5Ty9xNFZtUGYiLCJtYWMiOiJjMjEzOTQ2ZTg1MTY5ZGIwYmRkZjczN2EwYmFhZDNiMTU5MzgzN2Q4YmMwNjgwNmNlMGNhYzc4NjMyNjU1OWU5IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6Imtlb2dhVzZVVzh1b1JGYTdmcllPYmc9PSIsInZhbHVlIjoiNS90RWxDby85eWtNTnB2QjZUSVVBcis1SjFuMndvcTB1TTRUaWFrNXNiVUNUMmwwdERoWFM3cU5LdmFSalliUmZJNkhCKzhpVTBVS0ZWTWFMU2lHdWZmV29CYzRaM0VOcWVLd3dJeWdLWW5wWHRUREQ5OXN6VEVBc2lVRkVSYVkiLCJtYWMiOiI5ZjM5MDdmNTU4NjZhMTJjMGM4YTZiYWM5MzUyMmFlN2JkOTI3MmZhNTBkODJjOTdiNDRhYjg3ZDM5ODA3OTU5IiwidGFnIjoiIn0%3D; auth=eyJpdiI6IlJaNXdzd3RyejlpdkJ2bnNjeFNYVWc9PSIsInZhbHVlIjoiVDZQbDYvN0hVM2NEOWZ0ZCs2NitRQT09IiwibWFjIjoiYjJmODIwMWM4ZjQ3OTcyYWFlNmRhNzIwYmUzZjYxNDQxYjY0OTkzYTg0OTNkMTE3ZWNiYTE0Nzk3NjI2NjMzMyIsInRhZyI6IiJ9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 27 May 2023 15:49:48 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=980842
etag: W/"63baab19-ef76a"
last-modified: Sun, 08 Jan 2023 11:38:01 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Accept-Encoding
cf-cache-status: HIT
age: 12022457
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3F4Db8HAI2FEAE08kgG1S63ICHw2Sx5Ju%2BJvH4zE7opf7hZPX2rLwc8d%2FGNQQXdrIo5WBgiAPByUQx%2BEe7%2FRZjU0pPZN8%2FwD9KpRhJ5ld8EYwhXKMwlc6z%2FoNTsGqqk1fQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cdf68f43c8cb4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
live.demand.supply/ds.2.html
104.16.134.22200 OK 413 B URL GET HTTP/3 live.demand.supply/ds.2.html
IP 104.16.134.22:443
Requested by https://upfilesurls.com/fm94Be
Certificate IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (430), with no line terminators
Hash 68dce237203af5e16657b39e1f2e7b46
8084ece9e2500c1a0731aaf8f33290744b174b9c
8534d0076676e85517a298ded722e84bb64abf655fbc565588f76a7e26ad4680
GET /ds.2.html HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 27 May 2023 15:49:49 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
x-nf-request-id: 01GZ1TRE6JCM1Y4N530MF91ECS
cf-cache-status: HIT
age: 536009
set-cookie: __cf_bm=310aNjv_zZzX5KTpQ_IukvGogBvp8NRrmiaSr9fAyFs-1685202589-0-AbuzQEfPsqU7L2Zpbf7YYwz+6tPASNKULQFFeVEgvB9RnTaDh92MczPCh98mEkInarbRIrhTAA0vndJ3RGyuNNQ=; path=/; expires=Sat, 27-May-23 16:19:49 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cdf68f8b8e71c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
gforanythingamgl.info/popunder.gif
172.67.216.177200 OK 35 B URL GET HTTP/3 gforanythingamgl.info/popunder.gif
IP 172.67.216.177:443
Requested by https://upfilesurls.com/fm94Be
Certificate IssuerGoogle Trust Services LLC
Subjectgforanythingamgl.info
Fingerprint5E:50:F4:C2:4F:D9:85:4E:40:F6:9A:2E:AC:04:DE:C2:79:BB:A8:74
ValidityFri, 05 May 2023 13:46:21 GMT - Thu, 03 Aug 2023 13:46:20 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /popunder.gif HTTP/1.1
Host: gforanythingamgl.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 27 May 2023 15:49:51 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 488729
last-modified: Mon, 22 May 2023 00:04:22 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Su%2By3PG62%2B8iqvIEbcIQZAAFcjSyIU49ox%2BrAite8bz4KBbCaHRJwioaJozC9k2hPkcLQL4SvGVFLBn67%2FiQb4PexrNc9zIAgKBB4nlwPSmSsSNlk9kQCS5Becb1ktC64FoaJT60Hdg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cdf6902df6e0afa-OSL
alt-svc: h3=":443"; ma=86400
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.66200 OK 0 B URL HEAD HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.66:443
Requested by https://upfilesurls.com/fm94Be
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint4D:38:FE:62:28:C3:2C:26:D3:E4:2A:D2:FD:07:5A:0E:7D:C6:AD:7C
ValidityMon, 08 May 2023 08:20:04 GMT - Mon, 31 Jul 2023 08:20:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 27 May 2023 15:49:49 GMT
expires: Sat, 27 May 2023 15:49:49 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 16558996204153590419
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 47245
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
upfilesurls.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
104.26.9.138200 OK 5.7 kB URL GET HTTP/2 upfilesurls.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
IP 104.26.9.138:443
Requested by https://upfilesurls.com/fm94Be
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
File type ASCII text, with very long lines (5680), with no line terminators
Hash 1a35072d3624933610ce59c51c83e972
123a6f330683d32ea4864b95a5946f15788baebd
d01d0202235331ea0a81ed137aaa05c768d7577941f3902c8952f308d95e3e4f
Analyzer Verdict Alert fortinet Malware
GET /cdn-cgi/challenge-platform/h/b/scripts/pica.js HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/fm94Be
Cookie: XSRF-TOKEN=eyJpdiI6ImFkRkZLMmJzakpMSWhyK2FsRmxCVGc9PSIsInZhbHVlIjoiRzVXRGxybTh0VlRSMjhQT3pHb1dqdWs3OXhKKzJHL3dvems2YTRnanNESU0yMklBQnAvTURYRWtIMmMxTjdoMEdQcmoyL1pYME13SU9LakM5YUlGbXZWbDFFTXRGZEQrVmxQMlB5d1B0aEpwL2I4V2x4OENiVTk5Ty9xNFZtUGYiLCJtYWMiOiJjMjEzOTQ2ZTg1MTY5ZGIwYmRkZjczN2EwYmFhZDNiMTU5MzgzN2Q4YmMwNjgwNmNlMGNhYzc4NjMyNjU1OWU5IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6Imtlb2dhVzZVVzh1b1JGYTdmcllPYmc9PSIsInZhbHVlIjoiNS90RWxDby85eWtNTnB2QjZUSVVBcis1SjFuMndvcTB1TTRUaWFrNXNiVUNUMmwwdERoWFM3cU5LdmFSalliUmZJNkhCKzhpVTBVS0ZWTWFMU2lHdWZmV29CYzRaM0VOcWVLd3dJeWdLWW5wWHRUREQ5OXN6VEVBc2lVRkVSYVkiLCJtYWMiOiI5ZjM5MDdmNTU4NjZhMTJjMGM4YTZiYWM5MzUyMmFlN2JkOTI3MmZhNTBkODJjOTdiNDRhYjg3ZDM5ODA3OTU5IiwidGFnIjoiIn0%3D; auth=eyJpdiI6IlJaNXdzd3RyejlpdkJ2bnNjeFNYVWc9PSIsInZhbHVlIjoiVDZQbDYvN0hVM2NEOWZ0ZCs2NitRQT09IiwibWFjIjoiYjJmODIwMWM4ZjQ3OTcyYWFlNmRhNzIwYmUzZjYxNDQxYjY0OTkzYTg0OTNkMTE3ZWNiYTE0Nzk3NjI2NjMzMyIsInRhZyI6IiJ9; ab=1
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 27 May 2023 15:49:49 GMT
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
cache-control: max-age=14400, public
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C8C7Hqd8by%2Fo9yT75c7JJkcQ4XxH%2B4HJXBCi6CL2IRBWMfwxaAgtcktNqjLPv6UShcwZBmFSKBrVlOKT7tRzh9%2Bw88lG7wRASS%2FlmZsSVyj3AywcO4jU6n5OofiLvrEiPA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cdf68fa8c3ab4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
live.demand.supply/impl.v16.9.1.js
104.16.134.22200 OK 75 kB URL GET HTTP/3 live.demand.supply/impl.v16.9.1.js
IP 104.16.134.22:443
Requested by https://upfilesurls.com/fm94Be
Certificate IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (27958)
Hash 20e3de9acd919eb7e518640761f616a6
a39badf38168691698ca2b2ea2aa070b34d01a3d
cdeda8658c3f891c883f5a83c5f2b5e20a18c2fa65658d77a1522fe440b6d0e0
GET /impl.v16.9.1.js HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Cookie: demandSupplyTi=c8585f17-a5bc-4dd7-8626-aa8ec1c7029a; __cf_bm=KFGnbcwteVDJa99.p8ggJIJxesfZEnbL18_WMxYqWk0-1685202589-0-AcPyF1CRjEtIAVh4BsKOdBZBm+8R6GSsUMmz2R8ne+kdnQ9cY2sjbe8sNNNz1RkGMVPQMek/uX6vHnkWcKudWVk=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 27 May 2023 15:49:49 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=75573
etag: W/"a92236f0259b51d5fbe112e5ac680198-ssl-df"
timing-allow-origin: *
vary: Accept-Encoding
x-nf-request-id: 01H0JGE5H42NN0NCVBZSKPPTF4
cf-cache-status: HIT
age: 954181
server: cloudflare
cf-ray: 7cdf68f8b8df1c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
pogothere.xyz/asd100.bin
172.64.132.29200 OK 102 kB IP 172.64.132.29:443
Requested by https://upfilesurls.com/fm94Be
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
Size 102 kB (102400 bytes)
Hash 4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 27 May 2023 15:49:49 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://upfilesurls.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 5046
last-modified: Sat, 27 May 2023 14:25:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jwfuXFS1LREJ%2BK9f%2FlcmOu4aKySASZrsNEfLXsHoT73TMD%2F85%2F%2BFlE8BFv4WHEWJm3iLi46RQ253TTAFhRMImtDjtEBk928V%2BYyFuHY9qyQeul72%2FePlHoLv%2F1tGBoQF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cdf68fb4e224189-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.132.29200 OK 102 kB IP 172.64.132.29:443
Requested by https://upfilesurls.com/fm94Be
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
Size 102 kB (102400 bytes)
Hash 4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 27 May 2023 15:49:49 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://upfilesurls.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 5046
last-modified: Sat, 27 May 2023 14:25:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I0i6dLVSanH3xDf6bci6hNzvbst13Xf1jvsH7khee%2FsV1Bv0ikylYNFuEaf6fvkPhUk3P7xkY4qNEEYb4ur%2FpJbr6IrImLTsC5p700Hmc%2B5snOjGwjl1K4UotyVVBFSm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cdf68fb4e184189-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
upfilesurls.com/img/logo.svg
104.26.9.138200 OK 22 kB URL GET HTTP/2 upfilesurls.com/img/logo.svg
IP 104.26.9.138:443
Requested by https://upfilesurls.com/fm94Be
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1361)
Hash 1e28749acbd90e7e99a883c1890327cd
638b4525d3f0ed776db136ca1025a8961f46c9e0
d526da1f4d4af45cefd2a0d140abec2beddc3150d13c47d3de893eaa278a369d
Analyzer Verdict Alert fortinet Malware
GET /img/logo.svg HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/fm94Be
Cookie: XSRF-TOKEN=eyJpdiI6ImFkRkZLMmJzakpMSWhyK2FsRmxCVGc9PSIsInZhbHVlIjoiRzVXRGxybTh0VlRSMjhQT3pHb1dqdWs3OXhKKzJHL3dvems2YTRnanNESU0yMklBQnAvTURYRWtIMmMxTjdoMEdQcmoyL1pYME13SU9LakM5YUlGbXZWbDFFTXRGZEQrVmxQMlB5d1B0aEpwL2I4V2x4OENiVTk5Ty9xNFZtUGYiLCJtYWMiOiJjMjEzOTQ2ZTg1MTY5ZGIwYmRkZjczN2EwYmFhZDNiMTU5MzgzN2Q4YmMwNjgwNmNlMGNhYzc4NjMyNjU1OWU5IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6Imtlb2dhVzZVVzh1b1JGYTdmcllPYmc9PSIsInZhbHVlIjoiNS90RWxDby85eWtNTnB2QjZUSVVBcis1SjFuMndvcTB1TTRUaWFrNXNiVUNUMmwwdERoWFM3cU5LdmFSalliUmZJNkhCKzhpVTBVS0ZWTWFMU2lHdWZmV29CYzRaM0VOcWVLd3dJeWdLWW5wWHRUREQ5OXN6VEVBc2lVRkVSYVkiLCJtYWMiOiI5ZjM5MDdmNTU4NjZhMTJjMGM4YTZiYWM5MzUyMmFlN2JkOTI3MmZhNTBkODJjOTdiNDRhYjg3ZDM5ODA3OTU5IiwidGFnIjoiIn0%3D; auth=eyJpdiI6IlJaNXdzd3RyejlpdkJ2bnNjeFNYVWc9PSIsInZhbHVlIjoiVDZQbDYvN0hVM2NEOWZ0ZCs2NitRQT09IiwibWFjIjoiYjJmODIwMWM4ZjQ3OTcyYWFlNmRhNzIwYmUzZjYxNDQxYjY0OTkzYTg0OTNkMTE3ZWNiYTE0Nzk3NjI2NjMzMyIsInRhZyI6IiJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 27 May 2023 15:49:48 GMT
content-type: image/svg+xml
last-modified: Fri, 08 Apr 2022 10:55:45 GMT
etag: W/"625014b1-56e8"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 257809
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gQ86Pk8z8YZ4f3Ds%2FuokNFiQbkJqUD0hsI5CoCVsNSCQnz1lN9ABJ%2FNR%2BLs0ZeTbJBItG16FwIhDz7ffpZwqqS%2BBqTq7%2B7UoGFAryFFdYRhIZ2P0KlLpkKCxW31B2vMpfw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cdf68f42c7ab4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
upfilesurls.com/favicon.ico
104.26.9.138200 OK 1.5 kB URL GET HTTP/2 upfilesurls.com/favicon.ico
IP 104.26.9.138:443
Requested by https://upfilesurls.com/fm94Be
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
File type MS Windows icon resource - 1 icon, 32x32 with PNG image data, 32 x 32, 8-bit colormap, non-interlaced, 32 bits/pixel\012- data
Hash ba3a9d1041ae9a7a655f9632756b1e92
fbb065d1df15871da0b7df14ca22041a729dda88
180c85c0caca07f8411a77e2392751d979f74982f0ed7062a0093b322924f38f
GET /favicon.ico HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/fm94Be
Cookie: XSRF-TOKEN=eyJpdiI6ImFkRkZLMmJzakpMSWhyK2FsRmxCVGc9PSIsInZhbHVlIjoiRzVXRGxybTh0VlRSMjhQT3pHb1dqdWs3OXhKKzJHL3dvems2YTRnanNESU0yMklBQnAvTURYRWtIMmMxTjdoMEdQcmoyL1pYME13SU9LakM5YUlGbXZWbDFFTXRGZEQrVmxQMlB5d1B0aEpwL2I4V2x4OENiVTk5Ty9xNFZtUGYiLCJtYWMiOiJjMjEzOTQ2ZTg1MTY5ZGIwYmRkZjczN2EwYmFhZDNiMTU5MzgzN2Q4YmMwNjgwNmNlMGNhYzc4NjMyNjU1OWU5IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6Imtlb2dhVzZVVzh1b1JGYTdmcllPYmc9PSIsInZhbHVlIjoiNS90RWxDby85eWtNTnB2QjZUSVVBcis1SjFuMndvcTB1TTRUaWFrNXNiVUNUMmwwdERoWFM3cU5LdmFSalliUmZJNkhCKzhpVTBVS0ZWTWFMU2lHdWZmV29CYzRaM0VOcWVLd3dJeWdLWW5wWHRUREQ5OXN6VEVBc2lVRkVSYVkiLCJtYWMiOiI5ZjM5MDdmNTU4NjZhMTJjMGM4YTZiYWM5MzUyMmFlN2JkOTI3MmZhNTBkODJjOTdiNDRhYjg3ZDM5ODA3OTU5IiwidGFnIjoiIn0%3D; auth=eyJpdiI6IlJaNXdzd3RyejlpdkJ2bnNjeFNYVWc9PSIsInZhbHVlIjoiVDZQbDYvN0hVM2NEOWZ0ZCs2NitRQT09IiwibWFjIjoiYjJmODIwMWM4ZjQ3OTcyYWFlNmRhNzIwYmUzZjYxNDQxYjY0OTkzYTg0OTNkMTE3ZWNiYTE0Nzk3NjI2NjMzMyIsInRhZyI6IiJ9; ab=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 27 May 2023 15:49:49 GMT
content-type: image/x-icon
last-modified: Fri, 08 Apr 2022 10:55:45 GMT
vary: Accept-Encoding
etag: W/"625014b1-5b8"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 2295
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FtSASni9k%2Bk%2Fuo16Zc6qni4TrQq2DZB33mrOimTKU4g4tXYXc0P1IiGMeL9xXyfZ4GlEdaPS7SBA5Ul9bXsbPqa8mqMC%2FL8uh7eVCk6zbn2IyYYqV0g%2BFqR39TJ92vcP6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cdf68fa6c09b4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
142.250.74.45302 Found 0 B URL GET HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 142.250.74.45:443
Requested by https://upfilesurls.com/fm94Be
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint6C:C9:34:01:32:00:11:F3:7A:E2:AA:FC:7C:E3:13:17:3D:17:71:8A
ValidityMon, 08 May 2023 08:25:19 GMT - Mon, 31 Jul 2023 08:25:18 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
set-cookie: __Host-GAPS=1:gkbVLLQVYefaDG-7XdxowX4fLt8KLQ:iSZ8tgjtNYYAESh-; Expires=Mon, 26-May-2025 15:49:49 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 27 May 2023 15:49:49 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneGECHvzTvzSj0Qt55EVKgfGw3vUuFA6iUDa59WLiuG_LRh1yc0p8NVub6D-30G4I9DgN745fA
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-a-I3Xd523z7eFFVKGUqW2w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
content-type: application/binary
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
upfilesurls.com/fm94Be?auth=eyJpdiI6IlJaNXdzd3RyejlpdkJ2bnNjeFNYVWc9PSIsInZhbHVlIjoiVDZQbDYvN0hVM2NEOWZ0ZCs2NitRQT09IiwibWFjIjoiYjJmODIwMWM4ZjQ3OTcyYWFlNmRhNzIwYmUzZjYxNDQxYjY0OTkzYTg0OTNkMTE3ZWNiYTE0Nzk3NjI2NjMzMyIsInRhZyI6IiJ9
104.26.9.138302 Found 87 kB URL User Request GET HTTP/2 upfilesurls.com/fm94Be?auth=eyJpdiI6IlJaNXdzd3RyejlpdkJ2bnNjeFNYVWc9PSIsInZhbHVlIjoiVDZQbDYvN0hVM2NEOWZ0ZCs2NitRQT09IiwibWFjIjoiYjJmODIwMWM4ZjQ3OTcyYWFlNmRhNzIwYmUzZjYxNDQxYjY0OTkzYTg0OTNkMTE3ZWNiYTE0Nzk3NjI2NjMzMyIsInRhZyI6IiJ9
IP 104.26.9.138:443
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /fm94Be?auth=eyJpdiI6IlJaNXdzd3RyejlpdkJ2bnNjeFNYVWc9PSIsInZhbHVlIjoiVDZQbDYvN0hVM2NEOWZ0ZCs2NitRQT09IiwibWFjIjoiYjJmODIwMWM4ZjQ3OTcyYWFlNmRhNzIwYmUzZjYxNDQxYjY0OTkzYTg0OTNkMTE3ZWNiYTE0Nzk3NjI2NjMzMyIsInRhZyI6IiJ9 HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlpuRjZyYXp1K0ZsdlZRcStYRUhRMFE9PSIsInZhbHVlIjoiSXZ6UXhWUmExKzFObndCL0hYMXFvcmV1WndSZTdjdUVmSEZNeExLTGR5MEN0ejJUTnJRSnVpTHFNWlNPK0ZnRWVtV1BHbDBqY2hhVlJDUmttbWNLalFqWUFnRk9naGkwbWtxL1o4bmRtQkd0VFg3bEFObmY1TXNoQTAydDArb0IiLCJtYWMiOiIzZjE1MmVlMmU4ZmQzMjdhOGJkNmVmNzUwYWMyM2UyOTgxODM4MmEwYzZlY2M0NDUwNDQxODU1MzBjMGRlOTg4IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6Ik5MWWFKa2QzOEMzWkppd3ROR2k0WHc9PSIsInZhbHVlIjoiajJKdTdDYVZVVy8wc0kxb0taaXV1N2hrQ21ialNFTFUwaHNMd1J5ZHdOYS9XS2dKUEtKN2phQ1NTREdBbjJncFRucjZZUFd6ajF6MTh2ZDhKNWhDV0hWYXpreTRwVWtxSTcrSWh6dW9FekppakU2b0cxWVdMUlRod1VGS2gyYWEiLCJtYWMiOiJjMjI1OTI1N2ZkZmQ3MjVlYWZhMDdmNGE4NDQxOWFmYTFlM2JlNWE4ZDRmOTgyOTgxN2IwZmZlMDkyYTcxMTMxIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sat, 27 May 2023 15:49:48 GMT
content-type: text/html; charset=UTF-8
location: https://upfilesurls.com/fm94Be
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: auth=eyJpdiI6IlJaNXdzd3RyejlpdkJ2bnNjeFNYVWc9PSIsInZhbHVlIjoiVDZQbDYvN0hVM2NEOWZ0ZCs2NitRQT09IiwibWFjIjoiYjJmODIwMWM4ZjQ3OTcyYWFlNmRhNzIwYmUzZjYxNDQxYjY0OTkzYTg0OTNkMTE3ZWNiYTE0Nzk3NjI2NjMzMyIsInRhZyI6IiJ9; path=/; secure; httponly; samesite=lax
XSRF-TOKEN=eyJpdiI6IitzWVRFMjQ4Wm0xTFhYd3FrTVlFckE9PSIsInZhbHVlIjoiYzFZT3I1RFpIUjRjcW5yQnJUVy9RWG00dURiR1lLWWpQMGtIUlpPbGN0Zm9rSjQ3N1I1NVZ0bXZIOEFHOHRQY2VZNE5yU0ZvZmRsMGV5REk0dlI2NitnMENUQ2ZoTjZpTjJsUVpXUmpDTmVYOTF4aXBDZFdhRzdmSkQwUXpLY04iLCJtYWMiOiIwYjI5MjIwYmZkODlkOTNmNjBlNjY0MGQxNjI0OTgwODZmMTg1OGMyZjU1ZTdkMjJkYWEwYzA3MWM4MGJlNzU0IiwidGFnIjoiIn0%3D; expires=Sat, 27-May-2023 17:49:48 GMT; Max-Age=7200; path=/; samesite=lax
upfiles_session=eyJpdiI6Imx6Yk5UNFYwREJrVG1kUTlWVVlqK3c9PSIsInZhbHVlIjoiUDZ3anpiMlErb3JBRXVybDdlaXlVTFBzTWU3VnZPY0dYc0hxL2REblI3b1dqR0xTV2hSYUdWSXJrWkQxTnh0amc2QU5YcUNSTjRBMEtYcHN4VGtMb014emdjcDgzdGxPakhIaHZmOGVJNHlSK0wwWUM4NDF5a3dBWEFjWC9WU3IiLCJtYWMiOiIzNTcwMGUxM2Y4ZDM5MjI1MmQzMzEyMDQxNWY3OWRjYjYzMTYwODk3ZTcxMmY4YWE5ZTFhYjg3MTVjYzViNTgxIiwidGFnIjoiIn0%3D; expires=Sat, 27-May-2023 17:49:48 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LoJhxLS9sPiyVRHtr8fDbiqW39JkC%2BHu52AO%2BeydfQR1KOCG%2FlnbNze2ulyF89C%2FfK7CFFQt66nNkjxtCdrJtbJp1g29iEsEer%2F5hwe8wLLVYdmQX6IgfI%2FxY9eCpscNJw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cdf68f05f3fb4f1-OSL
X-Firefox-Spdy: h2
upfilesurls.com/js/ads.js
104.26.9.138200 OK 1.5 kB URL GET HTTP/2 upfilesurls.com/js/ads.js
IP 104.26.9.138:443
Requested by https://upfilesurls.com/fm94Be
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
File type ASCII text, with very long lines (1551), with no line terminators
Hash 18062be5f40e561d47292c4c3e16e968
a527704208e4e365d0119360f6dd5fb1ce8eb3c8
63e619bf91f115635c5f302e9352cca845a7c498eaef9c2fee9b50a16001be37
Analyzer Verdict Alert fortinet Malware
GET /js/ads.js HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/fm94Be
Cookie: XSRF-TOKEN=eyJpdiI6ImFkRkZLMmJzakpMSWhyK2FsRmxCVGc9PSIsInZhbHVlIjoiRzVXRGxybTh0VlRSMjhQT3pHb1dqdWs3OXhKKzJHL3dvems2YTRnanNESU0yMklBQnAvTURYRWtIMmMxTjdoMEdQcmoyL1pYME13SU9LakM5YUlGbXZWbDFFTXRGZEQrVmxQMlB5d1B0aEpwL2I4V2x4OENiVTk5Ty9xNFZtUGYiLCJtYWMiOiJjMjEzOTQ2ZTg1MTY5ZGIwYmRkZjczN2EwYmFhZDNiMTU5MzgzN2Q4YmMwNjgwNmNlMGNhYzc4NjMyNjU1OWU5IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6Imtlb2dhVzZVVzh1b1JGYTdmcllPYmc9PSIsInZhbHVlIjoiNS90RWxDby85eWtNTnB2QjZUSVVBcis1SjFuMndvcTB1TTRUaWFrNXNiVUNUMmwwdERoWFM3cU5LdmFSalliUmZJNkhCKzhpVTBVS0ZWTWFMU2lHdWZmV29CYzRaM0VOcWVLd3dJeWdLWW5wWHRUREQ5OXN6VEVBc2lVRkVSYVkiLCJtYWMiOiI5ZjM5MDdmNTU4NjZhMTJjMGM4YTZiYWM5MzUyMmFlN2JkOTI3MmZhNTBkODJjOTdiNDRhYjg3ZDM5ODA3OTU5IiwidGFnIjoiIn0%3D; auth=eyJpdiI6IlJaNXdzd3RyejlpdkJ2bnNjeFNYVWc9PSIsInZhbHVlIjoiVDZQbDYvN0hVM2NEOWZ0ZCs2NitRQT09IiwibWFjIjoiYjJmODIwMWM4ZjQ3OTcyYWFlNmRhNzIwYmUzZjYxNDQxYjY0OTkzYTg0OTNkMTE3ZWNiYTE0Nzk3NjI2NjMzMyIsInRhZyI6IiJ9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 27 May 2023 15:49:48 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-bgj: minify
etag: W/"63baab19-608"
last-modified: Sun, 08 Jan 2023 11:38:01 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding
cf-cache-status: HIT
age: 418005
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CnAXwnXzes8mmsMIIHv8yiUCynP7jGCTI0f60UdEDbycYat0bOkzzFbyNFwf9Ks51O3aSKJNJonBdIbmlBGV5FHcu2hLG%2BNfUQgZ2gNrdI%2FuXQ2OQbaNM7JD6eJ%2Bre4BjA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cdf68f43c87b4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
pogothere.xyz/
172.64.132.29200 OK 26 B IP 172.64.132.29:443
Requested by https://upfilesurls.com/fm94Be
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash f209bc919746494602f1aa26c6792e82
ac7e96de2304572001e810ebd915be55ef3de7d4
89c374e935b98cf9f3416ec94bdc253fe7e4ecb3be10bec5b323e48b9a1b297b
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 27 May 2023 15:49:50 GMT
content-type: text/plain
set-cookie: csu=283897712503600@1@1685202589; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://upfilesurls.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r6J56RlMGiSw8Y0ZUHZayiRqTss0k%2BOhgV3MlCNAtms7YdfX7TsJ%2BJcumrc6jLzhvZaLAY2zNaVdcPmtpdi8pQWZEAgJz4cvFVFlKYUyrSs5yaWf7t3eGmHNsy1a2IYz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cdf68fb3e0d4189-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
142.250.74.45302 Found 0 B URL GET HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 142.250.74.45:443
Requested by https://upfilesurls.com/fm94Be
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint6C:C9:34:01:32:00:11:F3:7A:E2:AA:FC:7C:E3:13:17:3D:17:71:8A
ValidityMon, 08 May 2023 08:25:19 GMT - Mon, 31 Jul 2023 08:25:18 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
set-cookie: __Host-GAPS=1:fr54IV16wgnEaOgngKcuTTtIeQ_pHA:LL0vbTs3gblNj6s1; Expires=Mon, 26-May-2025 15:49:49 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 27 May 2023 15:49:49 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneFzPB5gHbAC7eGU69NTER9leOZz82XW_JBPKdDNAYWDu-IYVw9upRfQ0q0q6BrhRMYXpTkPtA
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: unsafe-none
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-eec618viVM11oD4Vjx4omw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /cspreport
content-type: application/binary
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pogothere.xyz/
172.64.132.29200 OK 27 B IP 172.64.132.29:443
Requested by https://upfilesurls.com/fm94Be
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 95bc435eaaaf513d0030160a860b2e51
04d2fd60f677cefd59aeda122ce2027793b8642a
1c1bb1de0c78833e0ae92cf1c0307c82f1e1fa46b1e8935779fa45d206a1fffa
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 27 May 2023 15:49:50 GMT
content-type: text/plain
set-cookie: csu=1325114182054585@1@1685202590; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://upfilesurls.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LIrNICxH1Y7wem5yP8EMgU%2BtWqYtc1TDMIypWkqXV%2FKEcyT0r%2Fsx6mxCFFVsKYevUP%2BvnSCO9u8iVQfgo338Hba3fdZsIey0sXx57k6nX9ZymIvxXiJnVDNxt6vblA83"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cdf68fb3e084189-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
etheappyrincea.info/utx?cb=UL7yUHgLoHFQ&top=upfilesurls.com&tid=978153
52.85.242.93204 No Content 0 B URL GET HTTP/2 etheappyrincea.info/utx?cb=UL7yUHgLoHFQ&top=upfilesurls.com&tid=978153
IP 52.85.242.93:443
Requested by https://upfilesurls.com/fm94Be
Certificate IssuerAmazon
Subjectetheappyrincea.info
FingerprintCA:17:98:7B:06:0A:D6:B9:7E:AA:96:FD:C8:F2:25:18:71:71:A8:4E
ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 02 Jun 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=UL7yUHgLoHFQ&top=upfilesurls.com&tid=978153 HTTP/1.1
Host: etheappyrincea.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Sat, 27 May 2023 15:49:49 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://upfilesurls.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sat, 27 May 2023 15:50:49 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 f9a0ddc3860252ab6c4d02ab024b4890.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: xEJ9pF6U2b-HeF2i4cUilqAsk4QK8j94o8pK6nKveTaJe7WnLddEMQ==
X-Firefox-Spdy: h2
upfilesurls.com/cdn-cgi/challenge-platform/h/b/cv/result/7cdf68f0dfe8b4f1
104.26.9.138200 OK 2 B URL POST HTTP/2 upfilesurls.com/cdn-cgi/challenge-platform/h/b/cv/result/7cdf68f0dfe8b4f1
IP 104.26.9.138:443
Requested by https://upfilesurls.com/fm94Be
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Analyzer Verdict Alert fortinet Malware
POST /cdn-cgi/challenge-platform/h/b/cv/result/7cdf68f0dfe8b4f1 HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12376
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/fm94Be
Cookie: XSRF-TOKEN=eyJpdiI6ImFkRkZLMmJzakpMSWhyK2FsRmxCVGc9PSIsInZhbHVlIjoiRzVXRGxybTh0VlRSMjhQT3pHb1dqdWs3OXhKKzJHL3dvems2YTRnanNESU0yMklBQnAvTURYRWtIMmMxTjdoMEdQcmoyL1pYME13SU9LakM5YUlGbXZWbDFFTXRGZEQrVmxQMlB5d1B0aEpwL2I4V2x4OENiVTk5Ty9xNFZtUGYiLCJtYWMiOiJjMjEzOTQ2ZTg1MTY5ZGIwYmRkZjczN2EwYmFhZDNiMTU5MzgzN2Q4YmMwNjgwNmNlMGNhYzc4NjMyNjU1OWU5IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6Imtlb2dhVzZVVzh1b1JGYTdmcllPYmc9PSIsInZhbHVlIjoiNS90RWxDby85eWtNTnB2QjZUSVVBcis1SjFuMndvcTB1TTRUaWFrNXNiVUNUMmwwdERoWFM3cU5LdmFSalliUmZJNkhCKzhpVTBVS0ZWTWFMU2lHdWZmV29CYzRaM0VOcWVLd3dJeWdLWW5wWHRUREQ5OXN6VEVBc2lVRkVSYVkiLCJtYWMiOiI5ZjM5MDdmNTU4NjZhMTJjMGM4YTZiYWM5MzUyMmFlN2JkOTI3MmZhNTBkODJjOTdiNDRhYjg3ZDM5ODA3OTU5IiwidGFnIjoiIn0%3D; auth=eyJpdiI6IlJaNXdzd3RyejlpdkJ2bnNjeFNYVWc9PSIsInZhbHVlIjoiVDZQbDYvN0hVM2NEOWZ0ZCs2NitRQT09IiwibWFjIjoiYjJmODIwMWM4ZjQ3OTcyYWFlNmRhNzIwYmUzZjYxNDQxYjY0OTkzYTg0OTNkMTE3ZWNiYTE0Nzk3NjI2NjMzMyIsInRhZyI6IiJ9; ab=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 27 May 2023 15:49:50 GMT
content-type: text/plain; charset=UTF-8
set-cookie: __cf_bm=pqEim5rV0zS5Zbc3moyF7vmYNDhhyNahHtKYGiSrIoY-1685202590-0-AeOzbVIAPHnh6ZBPzo2r++yJL13OoKxDKwQXhwbeCWzIQ9w/VhFI9mLAwIoZBuojlEglcOx1+9KMP6rBPGnrlL+WslZzNNy9KhPBWlnLodil; path=/; expires=Sat, 27-May-23 16:19:50 GMT; domain=.upfilesurls.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lRdHVq9XKDqGasrq%2F72oHs%2B6kmlXv%2F%2BtT8xplkn7W%2B8OYueVYb0my7PgZ3%2B9yZSWiYYRHy3Tu9WwrgDEm5r1QpsX1Ddl7KdUtkTZyzGjaJr777SyJS6ti4euh6pGs%2FHT1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cdf68fe2980b4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
upfilesurls.com/img/faqs-image.svg
104.26.9.138200 OK 38 kB URL GET HTTP/2 upfilesurls.com/img/faqs-image.svg
IP 104.26.9.138:443
Requested by https://upfilesurls.com/fm94Be
Certificate IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
Fingerprint16:2E:A7:87:EB:F7:2C:1F:7A:EA:4D:DC:38:4F:20:75:81:0E:86:58
ValiditySat, 27 May 2023 06:03:19 GMT - Fri, 25 Aug 2023 06:03:18 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (4190)
Hash a60b7216905928c625ae9592044476cd
e70c5be728c7bd1198100337487aafe126834ca3
9a717285429d468fadc4d25179fc6feb49e6335f3af1675fb6be1cb50e7e8322
Analyzer Verdict Alert fortinet Malware
GET /img/faqs-image.svg HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/fm94Be
Cookie: XSRF-TOKEN=eyJpdiI6ImFkRkZLMmJzakpMSWhyK2FsRmxCVGc9PSIsInZhbHVlIjoiRzVXRGxybTh0VlRSMjhQT3pHb1dqdWs3OXhKKzJHL3dvems2YTRnanNESU0yMklBQnAvTURYRWtIMmMxTjdoMEdQcmoyL1pYME13SU9LakM5YUlGbXZWbDFFTXRGZEQrVmxQMlB5d1B0aEpwL2I4V2x4OENiVTk5Ty9xNFZtUGYiLCJtYWMiOiJjMjEzOTQ2ZTg1MTY5ZGIwYmRkZjczN2EwYmFhZDNiMTU5MzgzN2Q4YmMwNjgwNmNlMGNhYzc4NjMyNjU1OWU5IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6Imtlb2dhVzZVVzh1b1JGYTdmcllPYmc9PSIsInZhbHVlIjoiNS90RWxDby85eWtNTnB2QjZUSVVBcis1SjFuMndvcTB1TTRUaWFrNXNiVUNUMmwwdERoWFM3cU5LdmFSalliUmZJNkhCKzhpVTBVS0ZWTWFMU2lHdWZmV29CYzRaM0VOcWVLd3dJeWdLWW5wWHRUREQ5OXN6VEVBc2lVRkVSYVkiLCJtYWMiOiI5ZjM5MDdmNTU4NjZhMTJjMGM4YTZiYWM5MzUyMmFlN2JkOTI3MmZhNTBkODJjOTdiNDRhYjg3ZDM5ODA3OTU5IiwidGFnIjoiIn0%3D; auth=eyJpdiI6IlJaNXdzd3RyejlpdkJ2bnNjeFNYVWc9PSIsInZhbHVlIjoiVDZQbDYvN0hVM2NEOWZ0ZCs2NitRQT09IiwibWFjIjoiYjJmODIwMWM4ZjQ3OTcyYWFlNmRhNzIwYmUzZjYxNDQxYjY0OTkzYTg0OTNkMTE3ZWNiYTE0Nzk3NjI2NjMzMyIsInRhZyI6IiJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 27 May 2023 15:49:48 GMT
content-type: image/svg+xml
last-modified: Fri, 13 Jan 2023 13:29:35 GMT
vary: Accept-Encoding
etag: W/"63c15cbf-95fb"
cache-control: max-age=2592000
cf-cache-status: HIT
age: 257809
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sYVnVLhcYoRs43ORYzolNaH5h7dGRFUmZHbYu061%2B0xU5aWLWsycLgpx3Sv52ulYN3l6yquogdzbCe5X3frBHvoXUeDpTW%2FrQLDjWzD1cJr8lQzSSwl8uCsisNuHZ4SkfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cdf68f43c85b4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.66200 OK 0 B URL HEAD HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.66:443
Requested by https://upfilesurls.com/fm94Be
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint4D:38:FE:62:28:C3:2C:26:D3:E4:2A:D2:FD:07:5A:0E:7D:C6:AD:7C
ValidityMon, 08 May 2023 08:20:04 GMT - Mon, 31 Jul 2023 08:20:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 27 May 2023 15:49:51 GMT
expires: Sat, 27 May 2023 15:49:51 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 5882661820655568117
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 47247
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2