Report - upfilesurls.com/XC1j?token=eyJpdiI6IktXMGtJNlZZTWUwYkFCdXNKMFdWNEE9PSIsInZhbHVlIjoiQ2tNSExzYWV6VklCVVovd1JWdkdsdz09IiwibWFjIjoiMDM5ZTA4ZmQ0MzI1Y2VlZDEzMWI2YzFkY2JjMmI3YmQ0ZmM4Mjg2OTZmZTFmZTU0OGFiOTY5ZTdlZjk3ZTRjNiIsInRhZyI6IiJ9

Report Overview

Visited public
2023-12-02 22:23:19
Tags
URL
upfilesurls.com/XC1j?token=eyJpdiI6IktXMGtJNlZZTWUwYkFCdXNKMFdWNEE9PSIsInZhbHVlIjoiQ2tNSExzYWV6VklCVVovd1JWdkdsdz09IiwibWFjIjoiMDM5ZTA4ZmQ0MzI1Y2VlZDEzMWI2YzFkY2JjMmI3YmQ0ZmM4Mjg2OTZmZTFmZTU0OGFiOTY5ZTdlZjk3ZTRjNiIsInRhZyI6IiJ9
Finishing URL
upfilesurls.com/XC1j
IP / ASN
104.26.9.138
#13335 CLOUDFLARENET
Title
IMG_20231202_609171716.jpg

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.gstatic.com	unknown	2008-02-11	2016-07-26 11:37:06	2023-12-02 06:23:17	492 B	192 kB	142.250.74.35
ldrenandthe.org	unknown	2023-11-07	2023-11-29 08:03:40	2023-12-02 13:22:00	1.2 kB	1.1 kB	104.21.20.207
cdntechone.com	64371	2021-12-24	2021-12-24 18:09:58	2023-12-02 19:49:13	411 B	9.4 kB	188.114.97.1
lingrethertantin.com	unknown	2023-11-07	2023-12-01 15:42:27	2023-12-02 19:45:55	2.9 kB	8.8 kB	108.157.214.128
accounts.google.com	81	1997-09-15	2016-03-20 13:44:49	2023-12-02 09:03:54	3.8 kB	12 kB	142.250.150.84
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-12-02 07:32:34	903 B	273 kB	142.250.74.168
cschyogh.com	unknown	2022-10-24	2022-10-24 14:58:05	2023-11-24 20:05:55	410 B	1.1 kB	23.109.150.234
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-02 07:24:06	2.2 kB	128 kB	142.250.74.131
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-12-02 07:17:09	507 B	2.8 kB	142.250.74.106
pogothere.xyz	unknown	2022-08-22	2022-09-04 21:11:25	2023-12-01 21:16:49	870 B	104 kB	188.114.96.1
www.recaptcha.net	2060	2007-01-06	2012-07-11 16:32:37	2023-12-02 20:25:08	469 B	1.4 kB	142.250.74.131
datatechone.com	unknown	2021-12-24	2015-06-17 15:52:19	2023-12-02 13:01:35	544 B	468 B	37.48.68.71
dv663fc06d35i.cloudfront.net	unknown	2008-04-25	2023-11-21 21:26:58	2023-12-01 21:37:53	2.3 kB	208 kB	143.204.42.118
upfilesurls.com	unknown	2022-11-30	2022-11-30 13:09:38	2023-11-28 20:13:21	14 kB	824 kB	104.26.8.138
pagead2.googlesyndication.com	101	2003-01-21	2021-02-20 16:52:05	2023-12-02 13:34:55	894 B	1.4 kB	142.250.74.2
live.demand.supply	31265	2014-06-22	2018-03-13 18:27:23	2023-12-02 14:18:51	5.4 kB	100 kB	104.16.133.22
api.demand.supply	54270	2014-06-22	2018-05-24 04:58:27	2023-12-01 23:07:41	1.6 kB	3.1 kB	104.16.133.22

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

Scan Date	Severity	Indicator	Alert
2023-12-02	medium	upfilesurls.com/js/frontend.js?id=88f283c744d8a6e43cfb	Unique code from Jetriz, Swid & Jeniva of the Tetris framework

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-02	medium	datatechone.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (30)

	URL	From	Size	First Seen	Last Seen
	unknown	ScriptElement	247 B	2024-08-20	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 17:00 Last Seen2024-08-20 17:00 Times Seen1 Hash 7db0591d3e4a97a9593e38e506dae605 15a01ce973c1e0c62d4cbec0a29e5037bac7cb0b e630b95053758c3bcc215ca3470069b1bf68a16b01e097004979e1b0dcab3444 Loading...

	upfilesurls.com/XC1j	ScriptElement	119 B	2023-03-08	2024-05-22
Pretty URL upfilesurls.com/XC1j IP 104.26.8.138 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 15:28 Last Seen2024-05-22 10:51 Times Seen947 Hash bbdd43a315309ebd811a1e555db11f7f 4f221fbceb33ca51ca52ebe80577f681bc8c17df 212dfa0151b22549ac14757d4e65f3909dd45c9cdb366d8bd00fd6b17b906a09 Loading...

	upfilesurls.com/js/frontend.js?id=88f283c744d8a6e43cfb	ScriptElement	981 kB	2023-03-12	2024-08-21
Pretty URL upfilesurls.com/js/frontend.js?id=88f283c744d8a6e43cfb IP 104.26.8.138 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 18:36 Last Seen2024-08-21 09:44 Times Seen738 Hash e38c15d82ba94f65edf148d0f1a98487 cd8ecadbc330cd3e12d55927483e87b0785dfcaa e87e0991dcfaa2c7b015d284d8b5d872363eb52af458b63c8449351b4b24612f Loading...

	live.demand.supply/up.js	ScriptElement	5.1 kB	2023-12-02	2023-12-02
Pretty URL live.demand.supply/up.js IP 104.16.133.22 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-02 23:23 Last Seen2023-12-02 23:23 Times Seen1 Hash 1b4d8359a500bcf4f08321e9f9e17087 ec33eee9bd2eb30c6162511852509becbcd0ab65 bfde6cc13dc249de6507e02c9519040b083456660f90f61cc83660709cc1655e Loading...

	unknown	Function	49 B	2023-04-11	2025-05-11
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:23 Last Seen2025-05-11 17:34 Times Seen2202 Hash efde3719ad2205f4e3b6504a9bf45646 83101bef8fc5445fd9dcf54dd04495fc490e939a d84287d2b4f27cb1c02d18a77c979f739a5107585cf81911fea18a14b204f9ba Loading...

	upfilesurls.com/XC1j	ScriptElement	533 B	2024-08-20	2024-08-20
Pretty URL upfilesurls.com/XC1j IP 104.26.8.138 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 17:00 Last Seen2024-08-20 17:00 Times Seen1 Hash 74e9f72fe970a5845faae740452093bb cae6ba7a8c9e253c7450c6d87dbbe778b06f6150 131fdf84d3b5e57bcaa1180abc31965885a31056674d82490d5acb007a30a0ee Loading...

	upfilesurls.com/XC1j	ScriptElement	2.9 kB	2023-03-12	2024-08-21
Pretty URL upfilesurls.com/XC1j IP 104.26.8.138 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 16:23 Last Seen2024-08-21 09:44 Times Seen1514 Hash b9dd502c04f179299a891e65a107e887 8e02ecbfb34c4371548dd0213076bcbf9a2b1523 fb6d9228943aa1956f95e9e330577772a47470e279ffbf84c2bc4e4ed4885c1a Loading...

	unknown	Function	38 B	2023-04-11	2025-05-11
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:23 Last Seen2025-05-11 17:34 Times Seen29314 Hash caf13b633ab4249aeadda1952a9038ae 1eb64473acd8bff2d081a66f128c611d079f6cbe 30d90270fd3125eb763b9958a72bd513c90cd6207b97dd0ef40c06aa22111ac7 Loading...

	securepubads.g.doubleclick.net/tag/js/gpt.js	ScriptElement	13 kB	2023-04-05	2025-05-11
Pretty URL securepubads.g.doubleclick.net/tag/js/gpt.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 04:46 Last Seen2025-05-11 19:28 Times Seen39499 Hash 0c9ed134ae3d5ffe972da2a3e59dc428 620df222551395592e46e4c5f425cf23dcdad891 5f9efa604bfe2aee8c1a90376125a098306ba390530a6f9b2ecb0a67cdac178d Loading...

	www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js	ScriptElement	476 kB	2023-11-14	2024-08-20
Pretty URL www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-14 09:02 Last Seen2024-08-20 19:39 Times Seen12206 Hash 23b9dd721490a4062ba8d01454ef6ba9 efdbb7331585411f7d397dacbf51fd3e95f3031d 4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7 Loading...

	upfilesurls.com/js/ads.js	ScriptElement	1.5 kB	2023-03-26	2024-08-21
Pretty URL upfilesurls.com/js/ads.js IP 104.26.8.138 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 03:42 Last Seen2024-08-21 09:44 Times Seen875 Hash 474dab2bae672cd84661a241806c67af c4e9f460c20e1535000feef7a0c748d1287734c9 ba4689299e8a29627b02f9dd8bb5ecec1ca32122dab181724dee2313627d9d85 Loading...

	www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit	ScriptElement	921 B	2023-11-14	2023-12-08
Pretty URL www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit IP 142.250.74.131 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-14 22:29 Last Seen2023-12-08 23:14 Times Seen336 Hash 5b6f08f1e0f0284cf893616838da61f3 b267f92b338a62dc38640f2ef7c6c33ab129e962 04accf2271af1d069333bfbe89d2002c5e92cfd66b7fd41a31e71616cdd47b28 Loading...

	upfilesurls.com/sandbox%20eval%20code		147 B	2023-04-11	2025-05-11
Pretty URL upfilesurls.com/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-11 19:55 Times Seen341999 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	upfilesurls.com/XC1j	ScriptElement	191 B	2023-03-08	2024-08-21
Pretty URL upfilesurls.com/XC1j IP 104.26.8.138 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 15:28 Last Seen2024-08-21 09:44 Times Seen1024 Hash da30bb47614694e4cc233b287d20eb05 33483604c226b92b61915d364fd6489029cafe57 c5db272b10d5a0729fecd702bbe86f8447f72e2a10049608007c8e2646c803f8 Loading...

	cdntechone.com/stattag.js	ScriptElement	19 kB	2023-09-07	2024-08-21
Pretty URL cdntechone.com/stattag.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-07 10:30 Last Seen2024-08-21 07:21 Times Seen1442 Hash 8ec0c661780569e42736cfc20e4c69d7 0d857c9b9813975179cf323a344c934bcae598c6 38831e62c2e99f2f64b0352f13ef7daaa7c97e31dac314bb52caa89a6a7f58f5 Loading...

	dv663fc06d35i.cloudfront.net/?dcfvd=1010617	ScriptElement	321 kB	2023-12-02	2023-12-02
Pretty URL dv663fc06d35i.cloudfront.net/?dcfvd=1010617 IP 143.204.42.118 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-02 23:23 Last Seen2023-12-02 23:23 Times Seen2 Hash c72184d2f71c075f79f828f329f953e8 36e92fe9d63d975a09b58c75138e402eac3ffa8a 21905012028782cfbb50cfbf01084e6878aa7f318537f5511f87bf252bccf990 Loading...

	upfilesurls.com/XC1j	ScriptElement	65 kB	2023-11-23	2024-08-20
Pretty URL upfilesurls.com/XC1j IP 104.26.8.138 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-23 18:45 Last Seen2024-08-20 18:08 Times Seen260 Hash af63038cd8f1acde963ec3a987e36a37 868824d19e2bbdd3d808d1bd6dcad64206e5e4f7 8b142bf9eb9af9defd9b0a8810a22d234f002b0df249b9830b05c41b5a902cb9 Loading...

	www.googletagmanager.com/gtag/js?id=UA-197252557-1	ScriptElement	191 kB	2023-12-02	2023-12-02
Pretty URL www.googletagmanager.com/gtag/js?id=UA-197252557-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-02 23:23 Last Seen2023-12-02 23:23 Times Seen1 Hash f6c2727fb0fc85026d6987b2daef0bb7 f98119215d9c3b8139a9c32ae5f80f7ef4f95f27 c24e9d747182a2cd7728813d27e8917255750e3595efd424f4b62d10b16c11a3 Loading...

	upfilesurls.com/XC1j	ScriptElement	926 B	2024-08-20	2024-08-20
Pretty URL upfilesurls.com/XC1j IP 104.26.8.138 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 17:00 Last Seen2024-08-20 17:00 Times Seen2 Hash 440c5bdce2222259c0d4af89a9851057 96b9726c987737507d6c9e62da77c3db64353dc3 8f5a3a036457c861b49bf3d0bd11bb25fb0f48c9db58026abd1e19fdc5e3803b Loading...

	upfilesurls.com/XC1j	ScriptElement	155 B	2023-03-08	2025-04-29
Pretty URL upfilesurls.com/XC1j IP 104.26.8.138 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 15:28 Last Seen2025-04-29 18:10 Times Seen1148 Hash a1e0d623f9e510e759498d67c8281999 65e9e9287fd8060ebb5b624463ff977040e3d154 c66a236b63a0191f0cc1cb5a3c1b675c0fb7bf7d5e56b8c5ed34d70b10059aa7 Loading...

	www.googletagmanager.com/gtag/js?id=G-75C4L64NEB&l=dataLayer&cx=c	ScriptElement	229 kB	2023-12-02	2023-12-03
Pretty URL www.googletagmanager.com/gtag/js?id=G-75C4L64NEB&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-02 19:21 Last Seen2023-12-03 08:20 Times Seen9 Hash c6b8dbe9d157e9ab276bdf2dac2d1586 059ab7d653bfac572ccfb050b5719f5860760252 f525d34daa6250d55845141d5baf12cb571ec76ebd1ba07214c5fe2ebcde6dfe Loading...

	unknown	Function	36 B	2023-04-11	2025-05-11
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:23 Last Seen2025-05-11 17:34 Times Seen2201 Hash c6417364696009e1ecada40d12c97a2f dd602b8bbd3a3656463ec3f6868c74f3a937859d 5a59e842a79e328e171f1da23754526329095be86fe355574fd7622f04ed3854 Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-05-11
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-11 19:55 Times Seen341197 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	live.demand.supply/p4/v17-21-0/dXBmaWxlc3VybHMuY29tL1hDMWo=	ScriptElement	984 B	2023-12-02	2024-08-20
Pretty URL live.demand.supply/p4/v17-21-0/dXBmaWxlc3VybHMuY29tL1hDMWo= IP 104.16.133.22 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-02 04:18 Last Seen2024-08-20 17:06 Times Seen23 Hash 882fa8895197161f162e2f0538566325 7ccb1a7de0837f47fc7f9161e32a8bcc2aad292d b94a576f3bc3335f66fb18a84cdb2f4504885c32a2b925ccca08875973b0f1cd Loading...

	upfilesurls.com/sandbox%20eval%20code		136 B	2023-04-11	2025-05-11
Pretty URL upfilesurls.com/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:23 Last Seen2025-05-11 19:28 Times Seen41681 Hash fb4eb094524daea58bf7f82331598541 f5ca39eb98fa1685f8647514a627d3d7f216f7ef 7cbf1e77bb9277bac7030ded2087246adf5c59564a5a1f28ce8c09be6ef48683 Loading...

	upfilesurls.com/cdn-cgi/challenge-platform/scripts/jsd/main.js	ScriptElement	7.3 kB	2023-12-02	2023-12-03
Pretty URL upfilesurls.com/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-02 23:22 Last Seen2023-12-03 00:14 Times Seen3 Hash e95e2d755c0b215ef89f515998200597 4b95450291897720a34cb3e3415176f777cba2d3 7199cbfab2acf8b4cbad23f1fd9f7ddcad51bc6e33aed2a1aa3ffc8e4530c0d0 Loading...

	live.demand.supply/impl.v17.23.1.js	ScriptElement	88 kB	2023-12-01	2023-12-06
Pretty URL live.demand.supply/impl.v17.23.1.js IP 104.16.133.22 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-01 21:36 Last Seen2023-12-06 16:46 Times Seen83 Hash a126ddea54aa780835368bf1e6519b03 9e882f4aea3df64224789b0f57a28c541e9b52cd 21f113cdf5618b645145c239293ad9fd2bac75d71c17377e89636ef4fe52b8ba Loading...

	upfilesurls.com/XC1j	ScriptElement	1.1 kB	2024-08-20	2024-08-20
Pretty URL upfilesurls.com/XC1j IP 104.26.8.138 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 17:00 Last Seen2024-08-20 17:00 Times Seen1 Hash 6ef483f3c9fc143989fd3687b77ffec2 61eca6a3be4851e540bc4e751e185cb44cb641be 36428a9c5c59e85cd6f9b02da4c61321a3eafbe02a62500d7e461e592c639e2e Loading...

	cschyogh.com/1clkn/34742	ScriptElement	6 B	2023-03-07	2025-05-11
Pretty URL cschyogh.com/1clkn/34742 IP 23.109.150.234 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-11 19:31 Times Seen12595 Hash 9082dc37e5e8046929da411544ad071a 41e0e3963ed94e59e8a2f115994c382712411537 b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550 Loading...

		Size	First Seen	Last Seen
	#1 Write - b4266e242eff23787e7b828376d99726	181 B	2023-03-12 13:39	2024-08-21 09:44
Pretty Observations First Seen2023-03-12 13:39 Last Seen2024-08-21 09:44 Times Seen1938 Hash b4266e242eff23787e7b828376d99726 2eabaa39d5f1dfa68dd681d3489db9798b74bd73 b5fdf3f7d7a1047cf080ba3ff3eb2d0a433c1c9e2a08960fe0ba078c21935d6c Loading...

HTTP Transactions (57)

URL IP Response Size

dv663fc06d35i.cloudfront.net/?dcfvd=1010617

143.204.42.118

200 OK

103 kB

URL GET HTTP/2
dv663fc06d35i.cloudfront.net/?dcfvd=1010617
IP
143.204.42.118:443
ASN
#16509 AMAZON-02

Requested by
https://upfilesurls.com/XC1j
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (15945)
Size
103 kB (102721 bytes)
Hash
c72184d2f71c075f79f828f329f953e8
36e92fe9d63d975a09b58c75138e402eac3ffa8a
21905012028782cfbb50cfbf01084e6878aa7f318537f5511f87bf252bccf990

HTTP Headers

GET /?dcfvd=1010617 HTTP/1.1
Host: dv663fc06d35i.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 102721
date: Sat, 02 Dec 2023 22:22:59 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Hit from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ezveuhKBZ-jPY45QM_nQyXAnWf0NE1FTQQCFV1WWYR-oufJFgdF4WQ==
age: 1
X-Firefox-Spdy: h2

cschyogh.com/1clkn/34742

23.109.150.234

200 OK

26 B

URL GET HTTP/1.1
cschyogh.com/1clkn/34742
IP
23.109.150.234:443
ASN
#7979 SERVERS-COM

Requested by
https://upfilesurls.com/XC1j
Certificate
IssuerLet's Encrypt
Subjectcschyogh.com
Fingerprint41:44:0C:14:E9:F0:56:DF:20:70:F6:D1:C1:CB:6E:3E:7B:D0:33:AE
ValidityWed, 04 Oct 2023 23:46:38 GMT - Tue, 02 Jan 2024 23:46:37 GMT

File type
ASCII text, with no line terminators
Size
26 B (26 bytes)
Hash
9082dc37e5e8046929da411544ad071a
41e0e3963ed94e59e8a2f115994c382712411537
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550

HTTP Headers

GET /1clkn/34742 HTTP/1.1
Host: cschyogh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 02 Dec 2023 22:23:00 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Set-Cookie: GL_UI4=eJw9zV1OhDAcBHC%2BWXVBJ%2BEAHqFVQXz0Za%2FgIyntH6wL7aZU0NtLTPRtMvlNJgiCqLpFuGYp4k9R414NvJGs5fKhfmRNUz8JRkPfvvTtc8MFa3Gll86LfiKf4LDMwvnOrwmOIxlyWnbSKipwt6u%2F5mzsZhKkvRNGFUjnXUwF8t7ZbSFXxUiMmAn5STsa7NcuxId1iDmr96zNnkOGyC5VXF4jf9NG7cvyiIizsswC3Fwm4Qfr5k6rLEQ6OqEI4SsOUngarftGrmg5e3sB7KS6f%2F97HG%2BcIVO0aklIrX8n9wNBjE5s; expires=Sun, 03-Dec-2023 22:23:00 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwViE0KgzAUBvMeJVAqhY96AE%2BQamsXbmuXRReewGopgZBIEvtz%2B%2BpiBmaEEJwmYD0hqQpV5ao8qeJSgl7gpgUPFrJx%2FtP%2FQB6cn8HeYtcG47LazTYuf8BmbZDG%2Fmr0N%2BucmaN2NoAXtnX%2FMM%2FjrbuDJkng6FaHMRWgtzz8AV7hHdE%3D; expires=Sun, 03-Dec-2023 22:23:00 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

upfilesurls.com/XC1j?token=eyJpdiI6IktXMGtJNlZZTWUwYkFCdXNKMFdWNEE9PSIsInZhbHVlIjoiQ2tNSExzYWV6VklCVVovd1JWdkdsdz09IiwibWFjIjoiMDM5ZTA4ZmQ0MzI1Y2VlZDEzMWI2YzFkY2JjMmI3YmQ0ZmM4Mjg2OTZmZTFmZTU0OGFiOTY5ZTdlZjk3ZTRjNiIsInRhZyI6IiJ9

104.26.8.138

69 kB

URL
upfilesurls.com/XC1j?token=eyJpdiI6IktXMGtJNlZZTWUwYkFCdXNKMFdWNEE9PSIsInZhbHVlIjoiQ2tNSExzYWV6VklCVVovd1JWdkdsdz09IiwibWFjIjoiMDM5ZTA4ZmQ0MzI1Y2VlZDEzMWI2YzFkY2JjMmI3YmQ0ZmM4Mjg2OTZmZTFmZTU0OGFiOTY5ZTdlZjk3ZTRjNiIsInRhZyI6IiJ9
IP
104.26.8.138:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
69 kB (69330 bytes)
Hash
aaa0ba3db462ca88c3fd006cb341cc90
65215aade47a6328d00f51b6660c68bbf30b53ad
87f07c2046545f2bf997126e7292e46ae378e25be3099d705620d70140e6de91

HTTP Headers

GET /XC1j?token=eyJpdiI6IktXMGtJNlZZTWUwYkFCdXNKMFdWNEE9PSIsInZhbHVlIjoiQ2tNSExzYWV6VklCVVovd1JWdkdsdz09IiwibWFjIjoiMDM5ZTA4ZmQ0MzI1Y2VlZDEzMWI2YzFkY2JjMmI3YmQ0ZmM4Mjg2OTZmZTFmZTU0OGFiOTY5ZTdlZjk3ZTRjNiIsInRhZyI6IiJ9 HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sat, 02 Dec 2023 22:22:59 GMT
content-type: text/html; charset=UTF-8
location: https://upfilesurls.com/XC1j
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6InJxQml3VHpRT09FM29JMnA2cjdTVUE9PSIsInZhbHVlIjoiQnpWQStWL2paL1FJZ2FXd0plb3VuSkViVVlGWm55V1dpSGxWU3Z2V05DcXNKMU1kbEZWdjd4WWVZWGI2ZmVpM0dkWDc4TDh6OUhFeTNWQmwxayt0djNVdWkxZnNlcTlUc1h3VkFPemptQnQ4U0FXdFF5ZDVVM1V3U2Fvc3NlT1AiLCJtYWMiOiJmNTliYTUwZjgyNGY5MzBlZDRmNjVmNjE1YjA1Yjk4ZmFjNTNhODEyNzhkYWQ2NWU5NzA2MmVmNmIyYTNhMGIyIiwidGFnIjoiIn0%3D; expires=Sat, 09-Dec-2023 22:22:59 GMT; Max-Age=604800; path=/; samesite=lax
upfiles_session=eyJpdiI6IjlvZkFid0d6K1VmUGwrVVd3WWplU2c9PSIsInZhbHVlIjoidGxOZ255dDlmNWwyTjV6T1BmdVh4NDN1OFdtT2xuQlNqNDdlV3U5anBWRFczMVFNZURacXN2am8wUGppVEtWeUFCNmZjWk5vQWpON1I0cEdqM3ZZMFc0Z2JZVkErbTFNMG5DakNrZXAzQVU0RWN6NCsxQ0ppa2kwY3NkUnFhaGQiLCJtYWMiOiI0NTk2ZDM5ZWNhMGUzZDQ1NWU4ZmE3ZmMyNmIzY2Y1MjgxMGIwZWM0N2ExOTNjNTMxZGFjN2M4NGM3ZjIyN2JiIiwidGFnIjoiIn0%3D; expires=Sat, 09-Dec-2023 22:22:59 GMT; Max-Age=604800; path=/; httponly; samesite=lax
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mI0H1FHwupDzaEy2x0cGTDZzx6EeNzQrDgNlJkrN0YwbJ6FhnI5xxibq6aAwtz4ad2le7az6SG5TDtAGDLRXrylhVQIiyN5qZRlRZgqmsfv5Ttn3du4%2B3oMXNvLPLLtyeA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f6f8c52daf56b5-OSL
X-Firefox-Spdy: h2

ldrenandthe.org/QjR0TUptCxc+dw18Lh8Qc1M9Hw0qURUMCAduMg8tAV82JhJwdVI5IyYJRX17cgJFemwyXRBwe2RHACw+N0dJfGwrWhIid2RCSXxkcQBafn5sBFI4d3MSAD0rJQlFazo2QBhwe3UERXh/dwNMe3pzDQ

104.21.20.207

204 No Content

0 B

URL GET HTTP/2
ldrenandthe.org/QjR0TUptCxc+dw18Lh8Qc1M9Hw0qURUMCAduMg8tAV82JhJwdVI5IyYJRX17cgJFemwyXRBwe2RHACw+N0dJfGwrWhIid2RCSXxkcQBafn5sBFI4d3MSAD0rJQlFazo2QBhwe3UERXh/dwNMe3pzDQ
IP
104.21.20.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/XC1j
Certificate
IssuerGoogle Trust Services LLC
Subjectldrenandthe.org
FingerprintB1:E1:DF:C0:4E:E7:2F:9B:70:DF:D1:CA:75:2B:47:98:1B:CC:5F:BB
ValidityWed, 29 Nov 2023 06:03:19 GMT - Tue, 27 Feb 2024 06:03:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /QjR0TUptCxc+dw18Lh8Qc1M9Hw0qURUMCAduMg8tAV82JhJwdVI5IyYJRX17cgJFemwyXRBwe2RHACw+N0dJfGwrWhIid2RCSXxkcQBafn5sBFI4d3MSAD0rJQlFazo2QBhwe3UERXh/dwNMe3pzDQ HTTP/1.1
Host: ldrenandthe.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Sat, 02 Dec 2023 22:23:01 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4w7O66eMh9Te6i%2Fkap%2F63a3BEMi6%2FU9AGgNgcD7q1g6JzCsiaRiTzlshx8ow3swwhbOPeJ8BdZMCBJ6kaF%2F%2F3%2BwBie4yOovBDzyTvmQ3aILZRY92u0ehPRqXa8ImvuCcwIg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f6f8cea9835691-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

upfilesurls.com/images/arrow-down.png?c98e5283a69cb508d054d30256af43c6

104.26.8.138

200 OK

208 B

URL GET HTTP/2
upfilesurls.com/images/arrow-down.png?c98e5283a69cb508d054d30256af43c6
IP
104.26.8.138:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/XC1j
Certificate
IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
FingerprintC4:06:EA:F3:4B:AA:F0:43:B3:17:05:E3:66:A4:76:2C:54:9D:91:CF
ValidityMon, 20 Nov 2023 19:51:53 GMT - Sun, 18 Feb 2024 19:51:52 GMT

File type
PNG image data, 6 x 12, 8-bit/color RGBA, non-interlaced\012- data
Size
208 B (208 bytes)
Hash
31f073499665afb237f3294219d2d7c6
c1ada0510e31f661dab66203c15a3d6c8f5468d0
59b7ad6d6f457b624e25d22959edc7c83af2ac52edba32fd6648c97af0d1780c

HTTP Headers

GET /images/arrow-down.png?c98e5283a69cb508d054d30256af43c6 HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/css/frontend.css?id=2396ffb76e738e465b53
Cookie: XSRF-TOKEN=eyJpdiI6InliN2lTblJaV21CUUxOcVVXckxiMXc9PSIsInZhbHVlIjoiUTREdlN4UEJnMm96emxpVExSVm1lSk05cGxpUnF1UmxkM24zZDFFc0tYaUhvSFFDSUZNVVdHOCtuV2JNdjR6Q3JMazAxMmpsbGtQOWlQVjgwL0x2ZlhrMWhIRDlJR1RzSDYyd3VEUW0wc3IzMmROckp2R0xSaVg5VlVHbEswVXgiLCJtYWMiOiI4MmNkYTk4MjJmNGRmNzdmNTQ3NzM3Mjc3NjY5NjQzYzY3ODYyYWM3OGJhZjkwMDRlNGJlMTkyNjZmZmI3Zjg5IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6Im13Q0dROXhPQ2JGTWJaUmNBZUEyU0E9PSIsInZhbHVlIjoiVktaVE5WZG90NlVlUTZsUFJOSVdFSnZFV09xTHEvZ2JjYUNsTWlHM09CL2pxeHdlYzhEcjZmU3U1OGE5WTgxSXV5ejRyc21RRStuaXd2UFJkWTc2Y1V2YmpPeWJqN3BENXAxTEtDeXNZL01XSS9PQmt5V1c2Y2kyMHl6M2k5aWMiLCJtYWMiOiJjYWVkMmFiNzE2MWYxMGVhZDFjOWNmYmJjYWEyZTRkMzdjYzhhMzZiYzU1Njg3ZTExYTYxOTZmMGNhOGQyMzRjIiwidGFnIjoiIn0%3D; ab=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 02 Dec 2023 22:23:01 GMT
content-type: image/png
content-length: 208
last-modified: Fri, 08 Apr 2022 10:55:45 GMT
etag: "625014b1-d0"
cache-control: max-age=2592000
cf-cache-status: HIT
age: 490951
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kgGR5DhBUDqEGog9r5QKNsCiHmmKu%2B2g%2BqD4ZsGCnsZeuNA%2BO7Hbux6i6bjpls%2Fo1wu7CslwqY5Bms2Q4%2BZnS2%2FI5NNsnN4uVnALF5iwTyBADo7UUpthmtjk0tek5fxlMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82f6f8cf6faf56b5-OSL
X-Firefox-Spdy: h2

upfilesurls.com/img/menu.svg

104.26.8.138

200 OK

47 kB

URL GET HTTP/2
upfilesurls.com/img/menu.svg
IP
104.26.8.138:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/XC1j
Certificate
IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
FingerprintC4:06:EA:F3:4B:AA:F0:43:B3:17:05:E3:66:A4:76:2C:54:9D:91:CF
ValidityMon, 20 Nov 2023 19:51:53 GMT - Sun, 18 Feb 2024 19:51:52 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text
Size
47 kB (47118 bytes)
Hash
e194fab3eea9f00d5a3814c4df00ac8c
4a9760c8ec110364d025527e26730e78ae0b3ac0
3d3e6705b468cecdd78fb9a1ee6688d60e1d2c1caa0db7baa88db460315dccea

HTTP Headers

GET /img/menu.svg HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/XC1j
Cookie: XSRF-TOKEN=eyJpdiI6InliN2lTblJaV21CUUxOcVVXckxiMXc9PSIsInZhbHVlIjoiUTREdlN4UEJnMm96emxpVExSVm1lSk05cGxpUnF1UmxkM24zZDFFc0tYaUhvSFFDSUZNVVdHOCtuV2JNdjR6Q3JMazAxMmpsbGtQOWlQVjgwL0x2ZlhrMWhIRDlJR1RzSDYyd3VEUW0wc3IzMmROckp2R0xSaVg5VlVHbEswVXgiLCJtYWMiOiI4MmNkYTk4MjJmNGRmNzdmNTQ3NzM3Mjc3NjY5NjQzYzY3ODYyYWM3OGJhZjkwMDRlNGJlMTkyNjZmZmI3Zjg5IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6Im13Q0dROXhPQ2JGTWJaUmNBZUEyU0E9PSIsInZhbHVlIjoiVktaVE5WZG90NlVlUTZsUFJOSVdFSnZFV09xTHEvZ2JjYUNsTWlHM09CL2pxeHdlYzhEcjZmU3U1OGE5WTgxSXV5ejRyc21RRStuaXd2UFJkWTc2Y1V2YmpPeWJqN3BENXAxTEtDeXNZL01XSS9PQmt5V1c2Y2kyMHl6M2k5aWMiLCJtYWMiOiJjYWVkMmFiNzE2MWYxMGVhZDFjOWNmYmJjYWEyZTRkMzdjYzhhMzZiYzU1Njg3ZTExYTYxOTZmMGNhOGQyMzRjIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 02 Dec 2023 22:23:00 GMT
content-type: image/svg+xml
last-modified: Tue, 24 Jan 2023 16:39:42 GMT
vary: Accept-Encoding
etag: W/"63d009ce-72e"
cache-control: max-age=2592000
cf-cache-status: HIT
age: 672821
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OjPHNBFOrPMC%2BIizBK%2BP6ToVaRFOpE1URn5%2FYNMrLzyAKyd2SoavKKLt4fy46KouQZplt%2FipCPyHr56tC9jEQWicMHjdYXHNp6Jm6%2BoZ3dxBYRFbx5PtedikPnQ9BvOHgg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f6f8cb7be956b5-OSL
content-encoding: br
X-Firefox-Spdy: h2

ldrenandthe.org/SXY2TFJmSVU/bwQxY3kfESd+GiU6PGQdPhsyZwoTCDBVAxAiRhA4Oy1LD3Vkf0YHaiIgEgt9dDoCVzgnOksHajsnEFlxdD9LB2JhfVgFeHx5UENxY28CRi01dEcQPCY9Ggt9ZXlHA3lnfk4AfGR+

104.21.20.207

204 No Content

0 B

URL GET HTTP/2
ldrenandthe.org/SXY2TFJmSVU/bwQxY3kfESd+GiU6PGQdPhsyZwoTCDBVAxAiRhA4Oy1LD3Vkf0YHaiIgEgt9dDoCVzgnOksHajsnEFlxdD9LB2JhfVgFeHx5UENxY28CRi01dEcQPCY9Ggt9ZXlHA3lnfk4AfGR+
IP
104.21.20.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/XC1j
Certificate
IssuerGoogle Trust Services LLC
Subjectldrenandthe.org
FingerprintB1:E1:DF:C0:4E:E7:2F:9B:70:DF:D1:CA:75:2B:47:98:1B:CC:5F:BB
ValidityWed, 29 Nov 2023 06:03:19 GMT - Tue, 27 Feb 2024 06:03:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /SXY2TFJmSVU/bwQxY3kfESd+GiU6PGQdPhsyZwoTCDBVAxAiRhA4Oy1LD3Vkf0YHaiIgEgt9dDoCVzgnOksHajsnEFlxdD9LB2JhfVgFeHx5UENxY28CRi01dEcQPCY9Ggt9ZXlHA3lnfk4AfGR+ HTTP/1.1
Host: ldrenandthe.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Sat, 02 Dec 2023 22:23:01 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=90oMwiPIGbJ9qEpcMxyWL2ReOVt1Vng30v8v%2BUmHM9AkfWpK%2F0aMt7%2BAZmWYD7%2FFn4jD%2B5jGEZvSw7QYrD1wHHi8pgkoAaQB%2BsKiRTCuZ4XlxLDZb%2FBPt4%2FHIN6m1owbR7g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f6f8cf09c55691-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

142.250.74.131

200 OK

47 kB

URL GET HTTP/2
fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://upfilesurls.com/XC1j
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 46704, version 1.0\012- data
Size
47 kB (46704 bytes)
Hash
30a274cd01b6eeb0b082c918b0697f1e
393311bde26b99a4ad935fa55bad1dce7994388b
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

HTTP Headers

GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 12:15:57 GMT
expires: Thu, 28 Nov 2024 12:15:57 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
age: 295624
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

142.250.74.131

200 OK

47 kB

URL GET HTTP/2
fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://upfilesurls.com/XC1j
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 46704, version 1.0\012- data
Size
47 kB (46704 bytes)
Hash
30a274cd01b6eeb0b082c918b0697f1e
393311bde26b99a4ad935fa55bad1dce7994388b
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

HTTP Headers

GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 12:15:57 GMT
expires: Thu, 28 Nov 2024 12:15:57 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
age: 295624
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

upfilesurls.com/js/frontend.js?id=88f283c744d8a6e43cfb

104.26.8.138

200 OK

283 kB

URL GET HTTP/2
upfilesurls.com/js/frontend.js?id=88f283c744d8a6e43cfb
IP
104.26.8.138:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/XC1j
Certificate
IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
FingerprintC4:06:EA:F3:4B:AA:F0:43:B3:17:05:E3:66:A4:76:2C:54:9D:91:CF
ValidityMon, 20 Nov 2023 19:51:53 GMT - Sun, 18 Feb 2024 19:51:52 GMT

File type
Unicode text, UTF-8 text, with very long lines (65526), with no line terminators
Size
283 kB (283431 bytes)
Hash
e38c15d82ba94f65edf148d0f1a98487
cd8ecadbc330cd3e12d55927483e87b0785dfcaa
e87e0991dcfaa2c7b015d284d8b5d872363eb52af458b63c8449351b4b24612f

Detections

Analyzer	Verdict	Alert
Public Nextron YARA rules	malware	Unique code from Jetriz, Swid & Jeniva of the Tetris framework

HTTP Headers

GET /js/frontend.js?id=88f283c744d8a6e43cfb HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/XC1j
Cookie: XSRF-TOKEN=eyJpdiI6InliN2lTblJaV21CUUxOcVVXckxiMXc9PSIsInZhbHVlIjoiUTREdlN4UEJnMm96emxpVExSVm1lSk05cGxpUnF1UmxkM24zZDFFc0tYaUhvSFFDSUZNVVdHOCtuV2JNdjR6Q3JMazAxMmpsbGtQOWlQVjgwL0x2ZlhrMWhIRDlJR1RzSDYyd3VEUW0wc3IzMmROckp2R0xSaVg5VlVHbEswVXgiLCJtYWMiOiI4MmNkYTk4MjJmNGRmNzdmNTQ3NzM3Mjc3NjY5NjQzYzY3ODYyYWM3OGJhZjkwMDRlNGJlMTkyNjZmZmI3Zjg5IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6Im13Q0dROXhPQ2JGTWJaUmNBZUEyU0E9PSIsInZhbHVlIjoiVktaVE5WZG90NlVlUTZsUFJOSVdFSnZFV09xTHEvZ2JjYUNsTWlHM09CL2pxeHdlYzhEcjZmU3U1OGE5WTgxSXV5ejRyc21RRStuaXd2UFJkWTc2Y1V2YmpPeWJqN3BENXAxTEtDeXNZL01XSS9PQmt5V1c2Y2kyMHl6M2k5aWMiLCJtYWMiOiJjYWVkMmFiNzE2MWYxMGVhZDFjOWNmYmJjYWEyZTRkMzdjYzhhMzZiYzU1Njg3ZTExYTYxOTZmMGNhOGQyMzRjIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 02 Dec 2023 22:23:00 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=980842
etag: W/"63baab19-ef76a"
last-modified: Sun, 08 Jan 2023 11:38:01 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 399827
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yXaMqXxosDAYP8V9iWtUPJ%2BzRInqJonnFMTaLa%2FJnw7YFExtpVb7CpJywXoQSJiaEeMTpKSodAx%2FF1GZcn7hWRhRi1On085ItEoNyoacbrG%2BIuvDwuIbeQ%2FbSypXuKvHJw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f6f8cb8bfa56b5-OSL
content-encoding: br
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

142.250.74.131

16 kB

URL
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:53:07 GMT
expires: Fri, 29 Nov 2024 04:53:07 GMT
cache-control: public, max-age=31536000
age: 235794
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

upfilesurls.com/js/ads.js

104.26.8.138

200 OK

16 kB

URL GET HTTP/2
upfilesurls.com/js/ads.js
IP
104.26.8.138:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/XC1j
Certificate
IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
FingerprintC4:06:EA:F3:4B:AA:F0:43:B3:17:05:E3:66:A4:76:2C:54:9D:91:CF
ValidityMon, 20 Nov 2023 19:51:53 GMT - Sun, 18 Feb 2024 19:51:52 GMT

File type
ASCII text, with very long lines (1544), with no line terminators
Size
16 kB (16511 bytes)
Hash
474dab2bae672cd84661a241806c67af
c4e9f460c20e1535000feef7a0c748d1287734c9
ba4689299e8a29627b02f9dd8bb5ecec1ca32122dab181724dee2313627d9d85

HTTP Headers

GET /js/ads.js HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/XC1j
Cookie: XSRF-TOKEN=eyJpdiI6InliN2lTblJaV21CUUxOcVVXckxiMXc9PSIsInZhbHVlIjoiUTREdlN4UEJnMm96emxpVExSVm1lSk05cGxpUnF1UmxkM24zZDFFc0tYaUhvSFFDSUZNVVdHOCtuV2JNdjR6Q3JMazAxMmpsbGtQOWlQVjgwL0x2ZlhrMWhIRDlJR1RzSDYyd3VEUW0wc3IzMmROckp2R0xSaVg5VlVHbEswVXgiLCJtYWMiOiI4MmNkYTk4MjJmNGRmNzdmNTQ3NzM3Mjc3NjY5NjQzYzY3ODYyYWM3OGJhZjkwMDRlNGJlMTkyNjZmZmI3Zjg5IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6Im13Q0dROXhPQ2JGTWJaUmNBZUEyU0E9PSIsInZhbHVlIjoiVktaVE5WZG90NlVlUTZsUFJOSVdFSnZFV09xTHEvZ2JjYUNsTWlHM09CL2pxeHdlYzhEcjZmU3U1OGE5WTgxSXV5ejRyc21RRStuaXd2UFJkWTc2Y1V2YmpPeWJqN3BENXAxTEtDeXNZL01XSS9PQmt5V1c2Y2kyMHl6M2k5aWMiLCJtYWMiOiJjYWVkMmFiNzE2MWYxMGVhZDFjOWNmYmJjYWEyZTRkMzdjYzhhMzZiYzU1Njg3ZTExYTYxOTZmMGNhOGQyMzRjIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 02 Dec 2023 22:23:00 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-bgj: minify
etag: W/"63baab19-608"
last-modified: Sun, 08 Jan 2023 11:38:01 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 918650
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kExx4y9Vi38NpU42KUR6uHU1Ke8INQRXnRzU5ncKI4pMOg6jv3kbPrVl%2FlF6EjANbU6EXRIRklEnXNyt3FaOK9Jl6iiYRq03ys559H0b7IvM4OeJj5x4LgHAFoe2Qu%2Bw5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f6f8cb8bf456b5-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdntechone.com/stattag.js

188.114.97.1

200 OK

8.5 kB

URL GET HTTP/2
cdntechone.com/stattag.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/XC1j
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint22:B1:48:87:A8:EF:B2:9B:65:EB:D6:C6:FD:8D:EF:A7:A7:DE:52:29
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (18335)
Size
8.5 kB (8538 bytes)
Hash
8ec0c661780569e42736cfc20e4c69d7
0d857c9b9813975179cf323a344c934bcae598c6
38831e62c2e99f2f64b0352f13ef7daaa7c97e31dac314bb52caa89a6a7f58f5

HTTP Headers

GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 02 Dec 2023 22:23:00 GMT
content-type: application/javascript
last-modified: Thu, 07 Sep 2023 08:19:46 GMT
etag: W/"64f987a2-4a29"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 3315
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HPSosgPKyQMJQOlNhJiJquZmPU62Yb%2BQgUfJojRf78cVf0GdqsinjOWXyWm2FGaEUH0SqdNz%2FV8C6d4TvU1rJ%2F%2BNl7igJOhErfnad27RqcQXZxgFAT%2BySEt0cUc41NANmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82f6f8ce6d7eb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap

142.250.74.106

200 OK

2.2 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://upfilesurls.com/XC1j
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (3039)
Size
2.2 kB (2155 bytes)
Hash
81d7593f68c623ef22a28baf70eaeb15
de393a51bd311c46903e81657a6bc48cc3d24e48
661a908c9011ac33293c1ae84a1e7125e753ab7f6ae2b5b6d99ccca52b7399d8

HTTP Headers

GET /css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 02 Dec 2023 22:23:00 GMT
date: Sat, 02 Dec 2023 22:23:00 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

upfilesurls.com/favicon.ico

104.26.8.138

200 OK

1.6 kB

URL GET HTTP/2
upfilesurls.com/favicon.ico
IP
104.26.8.138:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/XC1j
Certificate
IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
FingerprintC4:06:EA:F3:4B:AA:F0:43:B3:17:05:E3:66:A4:76:2C:54:9D:91:CF
ValidityMon, 20 Nov 2023 19:51:53 GMT - Sun, 18 Feb 2024 19:51:52 GMT

File type
MS Windows icon resource - 1 icon, 32x32 with PNG image data, 32 x 32, 8-bit colormap, non-interlaced, 32 bits/pixel\012- data
Size
1.6 kB (1572 bytes)
Hash
ba3a9d1041ae9a7a655f9632756b1e92
fbb065d1df15871da0b7df14ca22041a729dda88
180c85c0caca07f8411a77e2392751d979f74982f0ed7062a0093b322924f38f

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/XC1j
Cookie: XSRF-TOKEN=eyJpdiI6InliN2lTblJaV21CUUxOcVVXckxiMXc9PSIsInZhbHVlIjoiUTREdlN4UEJnMm96emxpVExSVm1lSk05cGxpUnF1UmxkM24zZDFFc0tYaUhvSFFDSUZNVVdHOCtuV2JNdjR6Q3JMazAxMmpsbGtQOWlQVjgwL0x2ZlhrMWhIRDlJR1RzSDYyd3VEUW0wc3IzMmROckp2R0xSaVg5VlVHbEswVXgiLCJtYWMiOiI4MmNkYTk4MjJmNGRmNzdmNTQ3NzM3Mjc3NjY5NjQzYzY3ODYyYWM3OGJhZjkwMDRlNGJlMTkyNjZmZmI3Zjg5IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6Im13Q0dROXhPQ2JGTWJaUmNBZUEyU0E9PSIsInZhbHVlIjoiVktaVE5WZG90NlVlUTZsUFJOSVdFSnZFV09xTHEvZ2JjYUNsTWlHM09CL2pxeHdlYzhEcjZmU3U1OGE5WTgxSXV5ejRyc21RRStuaXd2UFJkWTc2Y1V2YmpPeWJqN3BENXAxTEtDeXNZL01XSS9PQmt5V1c2Y2kyMHl6M2k5aWMiLCJtYWMiOiJjYWVkMmFiNzE2MWYxMGVhZDFjOWNmYmJjYWEyZTRkMzdjYzhhMzZiYzU1Njg3ZTExYTYxOTZmMGNhOGQyMzRjIiwidGFnIjoiIn0%3D; ab=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 02 Dec 2023 22:23:01 GMT
content-type: image/x-icon
last-modified: Fri, 08 Apr 2022 10:55:45 GMT
vary: Accept-Encoding
etag: W/"625014b1-5b8"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 6901
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s69etZhyKiZ0hQXSYSewc7LXBpC6gIsAOoF0PkI6tJJnRtoF7hrWSk1io5oDuSGHiZS%2BGdyHCErZwCGG6xldry639WW0JTXiAD5heTQQsRsS0DKqW8Xb55uFIfftQFw%2Fbg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f6f8d1aa1956b5-OSL
content-encoding: br
X-Firefox-Spdy: h2

lingrethertantin.com/utx?cb=SWALyY3UX3RS&top=upfilesurls.com&tid=1010617

108.157.214.128

0 B

URL
lingrethertantin.com/utx?cb=SWALyY3UX3RS&top=upfilesurls.com&tid=1010617
IP
108.157.214.128:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /utx?cb=SWALyY3UX3RS&top=upfilesurls.com&tid=1010617 HTTP/1.1
Host: lingrethertantin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Sat, 02 Dec 2023 22:23:01 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://upfilesurls.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sat, 02 Dec 2023 22:24:01 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 bfeae0ecbffe44ad98e5cd0ae83bdb4a.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: n2BeBs-eycwwH_9W2OWBOlh_heHhbiUsO7BLt5Sk9J4mMCEf41yjzw==
X-Firefox-Spdy: h2

lingrethertantin.com/utx?cb=p2YPn1wJI4oA&top=upfilesurls.com&tid=996601

108.157.214.128

204 No Content

0 B

URL GET HTTP/2
lingrethertantin.com/utx?cb=p2YPn1wJI4oA&top=upfilesurls.com&tid=996601
IP
108.157.214.128:443
ASN
#16509 AMAZON-02

Requested by
https://upfilesurls.com/XC1j
Certificate
IssuerAmazon
Subjectlingrethertantin.com
Fingerprint05:43:5F:62:44:4A:F8:16:0D:0E:1F:DC:05:AA:39:FF:6E:4C:56:B8
ValidityMon, 27 Nov 2023 00:00:00 GMT - Wed, 25 Dec 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /utx?cb=p2YPn1wJI4oA&top=upfilesurls.com&tid=996601 HTTP/1.1
Host: lingrethertantin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Sat, 02 Dec 2023 22:23:01 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://upfilesurls.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sat, 02 Dec 2023 22:24:01 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 bfeae0ecbffe44ad98e5cd0ae83bdb4a.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: a0hGiMq4Ak1R7eClUvq6lXqOcAG_QKBRQVv85A3SGfrKJmB266UkqA==
X-Firefox-Spdy: h2

pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

142.250.74.2

200 OK

0 B

URL HEAD HTTP/2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP
142.250.74.2:443
ASN
#15169 GOOGLE

Requested by
https://upfilesurls.com/XC1j
Certificate
IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint6C:2A:75:F2:3F:EF:4F:43:B1:8D:C3:B7:E9:2E:4A:EF:40:6A:FC:92
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 02 Dec 2023 22:23:01 GMT
expires: Sat, 02 Dec 2023 22:23:01 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 16771028351221300745
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 52610
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube

142.250.150.84

302 Found

0 B

URL GET HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
142.250.150.84:443
ASN
#15169 GOOGLE

Requested by
https://upfilesurls.com/XC1j
Certificate
IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint1E:A9:E1:96:78:1D:08:FC:96:C8:C2:34:4F:02:D3:3D:FA:9A:D2:6B
ValidityMon, 23 Oct 2023 11:25:04 GMT - Mon, 15 Jan 2024 11:25:03 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:VixlWwgh-3NoSK7mCqo82HAc-UT_3w:8EtcTOzGSarWJuqz; Expires=Mon, 01-Dec-2025 22:23:01 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 02 Dec 2023 22:23:01 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp07cDSDsTfhid2JZRUACrn_lwC7HFljWpcdcRHxJvN6wiZn6fhwPCMI930CGRZlO0fRnAyJaA
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-mKoYjfa7QSvBkAKHZ-kIvQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: unsafe-none
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail

142.250.150.84

302 Found

0 B

URL GET HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
142.250.150.84:443
ASN
#15169 GOOGLE

Requested by
https://upfilesurls.com/XC1j
Certificate
IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint1E:A9:E1:96:78:1D:08:FC:96:C8:C2:34:4F:02:D3:3D:FA:9A:D2:6B
ValidityMon, 23 Oct 2023 11:25:04 GMT - Mon, 15 Jan 2024 11:25:03 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:uMvj6SGctoqYNeX9CPF8LcfMUxINEQ:UoAsBsdYu5eHtwse; Expires=Mon, 01-Dec-2025 22:23:01 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 02 Dec 2023 22:23:01 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASKXGp07RazDhp0QY926Z0wLtiUSIKs-jPidBrqRvFgOlHP7Agbs4bk49TjC-iGNDT3zxQ8YpinESA
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-LgX3Cxcax2uyaTO0N9k5cQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

dv663fc06d35i.cloudfront.net/?dcfvd=1010617

143.204.42.118

200 OK

103 kB

URL GET HTTP/2
dv663fc06d35i.cloudfront.net/?dcfvd=1010617
IP
143.204.42.118:443
ASN
#16509 AMAZON-02

Requested by
https://upfilesurls.com/XC1j
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (15945)
Size
103 kB (102721 bytes)
Hash
6855fb3b69fa40e70b9ccfcede1b0f40
bed0ecad146399a6ce27a8a683666a5be1be3607
20b1d5b80a39a9814d631a698ded91c51a3a9e336db0dd901bcbaf118fe69491

HTTP Headers

GET /?dcfvd=1010617 HTTP/1.1
Host: dv663fc06d35i.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 102721
date: Sat, 02 Dec 2023 22:23:01 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://upfilesurls.com
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: -KL3VNM7Fbi9i0yn2UQMNH0kkOnQ1bh2x6adhhCMj4uDmbb1ig5CRg==
X-Firefox-Spdy: h2

live.demand.supply/e/e.js?e=ll&d=345&cs=c&dsReferer=dXBmaWxlc3VybHMuY29tL1hDMWo=

104.16.133.22

0 B

URL
live.demand.supply/e/e.js?e=ll&d=345&cs=c&dsReferer=dXBmaWxlc3VybHMuY29tL1hDMWo=
IP
104.16.133.22:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /e/e.js?e=ll&d=345&cs=c&dsReferer=dXBmaWxlc3VybHMuY29tL1hDMWo= HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 02 Dec 2023 22:23:01 GMT
content-type: application/javascript; charset=UTF-8
content-length: 1
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=2
etag: "4de2110991f3807e8b4a19c48c14f2d1-ssl"
strict-transport-security: max-age=31536000
x-nf-request-id: 01HEQ11YQH5NDF00RQZ2ZRCY60
cf-cache-status: HIT
age: 922053
accept-ranges: bytes
set-cookie: __cf_bm=HHskftPmvXjFshtgmZxb7F7QjXYI1BSQjXztcQgRLpU-1701555781-0-AWhysyBRTrCv+9I3c+NwqiYDr8JvKhWJ+bt9FOoZ0grUnIJCR4pTy2J57V2JhU2dcFlkyokOwJZE/S2ucV2d2o4=; path=/; expires=Sat, 02-Dec-23 22:53:01 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 82f6f8d27ad956cb-OSL
alt-svc: h3=":443"; ma=86400

dv663fc06d35i.cloudfront.net/LVXV2SXc2GhgvSCEcEnRObENAeUZzHwUmGSVIMgUeIhoQJSMQICRvAy8RS3lRORQYLkpzEBgqSmRTFy0VaEFQPQc6Hks/DS8fBy0CMAURbwI0SBsmDTwZGihSZzNDZ0dwR0ZhADwbEiYAJlBEeRkhUER5RmVbRmxEF1BEeQA8G0B9UmY3U3tHLUNCbEQXUE-R5BSNQRQhGZUBYeV5wR0YuEjYeGWxFE0dGeEdlREZ4UmdFECAFMBMZMVJnM0d5QntFUDxKZA

143.204.42.118

615 B

URL
dv663fc06d35i.cloudfront.net/LVXV2SXc2GhgvSCEcEnRObENAeUZzHwUmGSVIMgUeIhoQJSMQICRvAy8RS3lRORQYLkpzEBgqSmRTFy0VaEFQPQc6Hks/DS8fBy0CMAURbwI0SBsmDTwZGihSZzNDZ0dwR0ZhADwbEiYAJlBEeRkhUER5RmVbRmxEF1BEeQA8G0B9UmY3U3tHLUNCbEQXUE-R5BSNQRQhGZUBYeV5wR0YuEjYeGWxFE0dGeEdlREZ4UmdFECAFMBMZMVJnM0d5QntFUDxKZA
IP
143.204.42.118:0
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
ASCII text, with very long lines (851), with no line terminators
Size
615 B (615 bytes)
Hash
9cf5f73deae6e0fd70e87eec66b6f352
bf8f07abc451a454a835d297434a70f1fdc17646
f2bf9502d30e59c00264822c7ad3e7704c26681ed86b61c0b3f79be3e80e4edf

HTTP Headers

GET /LVXV2SXc2GhgvSCEcEnRObENAeUZzHwUmGSVIMgUeIhoQJSMQICRvAy8RS3lRORQYLkpzEBgqSmRTFy0VaEFQPQc6Hks/DS8fBy0CMAURbwI0SBsmDTwZGihSZzNDZ0dwR0ZhADwbEiYAJlBEeRkhUER5RmVbRmxEF1BEeQA8G0B9UmY3U3tHLUNCbEQXUE-R5BSNQRQhGZUBYeV5wR0YuEjYeGWxFE0dGeEdlREZ4UmdFECAFMBMZMVJnM0d5QntFUDxKZA HTTP/1.1
Host: dv663fc06d35i.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lingrethertantin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 615
date: Sat, 02 Dec 2023 22:23:01 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: fhMsQ-s77mzsz92hBTbw0G6ZRtOBbmhtmPse7G-wbW37r-9MXDYTKQ==
X-Firefox-Spdy: h2

dv663fc06d35i.cloudfront.net/AMG15eTJTAhcfDUQEHUQDAFxJTwMHSxMKXV4dRA9QBV9NKnoAOylfRkoJREkUXAwXHg8WCBcaDwFLGB1QDVlfDUJfBkQPSEoHCB1HVR0eX0dRUBQWSFkBFRgXAitMVwIVX0lRRVkDHRZFQ0hLSVxESEtJAwBDSVwBckhLSUVZA09NFwMvXEsCSFtNXAFySE-tJQEZISjgDAFhXSRsVX0keV1MGFlwAdl9JSAIAXElIFwJdHxBAVQsWARcCK0hJBx5dXwwPAQ

143.204.42.118

531 B

URL
dv663fc06d35i.cloudfront.net/AMG15eTJTAhcfDUQEHUQDAFxJTwMHSxMKXV4dRA9QBV9NKnoAOylfRkoJREkUXAwXHg8WCBcaDwFLGB1QDVlfDUJfBkQPSEoHCB1HVR0eX0dRUBQWSFkBFRgXAitMVwIVX0lRRVkDHRZFQ0hLSVxESEtJAwBDSVwBckhLSUVZA09NFwMvXEsCSFtNXAFySE-tJQEZISjgDAFhXSRsVX0keV1MGFlwAdl9JSAIAXElIFwJdHxBAVQsWARcCK0hJBx5dXwwPAQ
IP
143.204.42.118:0
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
ASCII text, with very long lines (734), with no line terminators
Size
531 B (531 bytes)
Hash
d9d8b40ea2b37b4df3579071f92ba5d7
9646eb80f79ebaac31ce27b1d355b1e36b57e592
03d47cc9a5cda887f99af4ac2f6473c414f2290fbb4bb61ff89ad86a2cce03c4

HTTP Headers

GET /AMG15eTJTAhcfDUQEHUQDAFxJTwMHSxMKXV4dRA9QBV9NKnoAOylfRkoJREkUXAwXHg8WCBcaDwFLGB1QDVlfDUJfBkQPSEoHCB1HVR0eX0dRUBQWSFkBFRgXAitMVwIVX0lRRVkDHRZFQ0hLSVxESEtJAwBDSVwBckhLSUVZA09NFwMvXEsCSFtNXAFySE-tJQEZISjgDAFhXSRsVX0keV1MGFlwAdl9JSAIAXElIFwJdHxBAVQsWARcCK0hJBx5dXwwPAQ HTTP/1.1
Host: dv663fc06d35i.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lingrethertantin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 531
date: Sat, 02 Dec 2023 22:23:01 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: NtpfubvJ0-Z3hsCbQx1ZkDhClA7gy50sJlvScP-DwHaM_hF1aICWDw==
X-Firefox-Spdy: h2

live.demand.supply/up.js

104.16.133.22

3.3 kB

URL
live.demand.supply/up.js
IP
104.16.133.22:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (3887)
Size
3.3 kB (3349 bytes)
Hash
1b4d8359a500bcf4f08321e9f9e17087
ec33eee9bd2eb30c6162511852509becbcd0ab65
bfde6cc13dc249de6507e02c9519040b083456660f90f61cc83660709cc1655e

HTTP Headers

GET /up.js HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 02 Dec 2023 22:23:01 GMT
content-type: application/javascript; charset=UTF-8
cf-ray: 82f6f8ce897b5690-OSL
cf-cache-status: HIT
age: 861
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
etag: W/"51603a94d6ed1afd2227b0ac012f84b2-ssl-df"
link: <https://live.demand.supply/impl.v17.23.1.js>; rel=preload; as=script,<https://live.demand.supply/p4/v17-21-0/dXBmaWxlc3VybHMuY29tLw==>; rel=preload; as=script
strict-transport-security: max-age=31536000
vary: Accept-Encoding
cache-status: "Netlify Edge"; fwd=stale
cf-bgj: minify
cf-polished: origSize=4807
timing-allow-origin: *
x-nf-request-id: 01HGKB9FVVYY9S9NG0DCXFQ0G1
set-cookie: demandSupplyTi=5dfbc484-59ce-4d01-bb0f-d35b8fb7493d; demandSupplyTc = null; demandSupplyTcI = null; SameSite=None; Secure; Max-Age=63072000
__cf_bm=Cqb9D4gPw1OUwfiL.mIwq.JIymhjh8CUjfy7szlJ_Cw-1701555781-0-AT/mE45JYbOTaLsgsK/XLv4mlK04JeCT/Ce1peM/gh4O+nBRdv8yoiOI7jEA46rDnx4jC3OQm3fyr1QLeAeY5t0=; path=/; expires=Sat, 02-Dec-23 22:53:01 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-75C4L64NEB&l=dataLayer&cx=c

142.250.74.168

200 OK

81 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-75C4L64NEB&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://upfilesurls.com/XC1j
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (5955)
Size
81 kB (81231 bytes)
Hash
c6b8dbe9d157e9ab276bdf2dac2d1586
059ab7d653bfac572ccfb050b5719f5860760252
f525d34daa6250d55845141d5baf12cb571ec76ebd1ba07214c5fe2ebcde6dfe

HTTP Headers

GET /gtag/js?id=G-75C4L64NEB&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 02 Dec 2023 22:23:01 GMT
expires: Sat, 02 Dec 2023 22:23:01 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 81231
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

pogothere.xyz/

188.114.96.1

200 OK

30 B

URL GET HTTP/2
pogothere.xyz/
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/XC1j
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
30 B (30 bytes)
Hash
441df8cd515b93ad43b0b4c5e2f05025
a0ccb96d5b5f5508b077e492a3740623832244cd
14ea3231f737041efb1c3c59a0ce23229287fb7fdc95262f47fbdc4ba2f2d17e

HTTP Headers

GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 02 Dec 2023 22:23:01 GMT
content-type: text/plain
set-cookie: csu=2025080900295460@1@1701555781; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://upfilesurls.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6fVgXV0%2FAmefDCCLvQcqgpG59bzUgUSj5u3pEWe8cFDA3GIQDoweoTqI4qHISrluLMs8O2%2FFF0625xo4lHjZKi1EDwjmpXRLnw6S4LfAn3fNKxj5wMx1DUnufKBY89SJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f6f8d20f7e56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

live.demand.supply/x/e.js?ce=fs&dsReferer=dXBmaWxlc3VybHMuY29tL1hDMWo=

104.16.133.22

200 OK

0 B

URL HEAD HTTP/3
live.demand.supply/x/e.js?ce=fs&dsReferer=dXBmaWxlc3VybHMuY29tL1hDMWo=
IP
104.16.133.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/XC1j
Certificate
IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /x/e.js?ce=fs&dsReferer=dXBmaWxlc3VybHMuY29tL1hDMWo= HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 02 Dec 2023 22:23:02 GMT
content-type: application/javascript; charset=UTF-8
content-length: 1
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=2
etag: "901b70ae40b5b064aef6259e869a717e-ssl"
strict-transport-security: max-age=31536000
x-nf-request-id: 01HEWCA4FYGBGVP04DSNK46G58
cf-cache-status: HIT
age: 928112
accept-ranges: bytes
set-cookie: __cf_bm=mYRmXx5pGTonJIAwG6j58NgUNqQ578lkWC.1cIb7QFc-1701555782-0-ASMWbCybWUW4/TLKbqyF3LkwK87nCsvmctKhv96i1ClFhByZdyF/5NBmIe1qI7uZ/OCPcFRTSg7F2cf72AWFd9k=; path=/; expires=Sat, 02-Dec-23 22:53:02 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 82f6f8d5fe0c56cb-OSL
alt-svc: h3=":443"; ma=86400

live.demand.supply/e/e.js?r=upfilesurls.com_auto_interstitial_desktop&sn=1&ific=true&e=iar2&dsReferer=dXBmaWxlc3VybHMuY29tL1hDMWo=

104.16.133.22

200 OK

0 B

URL HEAD HTTP/3
live.demand.supply/e/e.js?r=upfilesurls.com_auto_interstitial_desktop&sn=1&ific=true&e=iar2&dsReferer=dXBmaWxlc3VybHMuY29tL1hDMWo=
IP
104.16.133.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/XC1j
Certificate
IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /e/e.js?r=upfilesurls.com_auto_interstitial_desktop&sn=1&ific=true&e=iar2&dsReferer=dXBmaWxlc3VybHMuY29tL1hDMWo= HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 02 Dec 2023 22:23:02 GMT
content-type: application/javascript; charset=UTF-8
content-length: 1
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=2
etag: "4de2110991f3807e8b4a19c48c14f2d1-ssl"
strict-transport-security: max-age=31536000
x-nf-request-id: 01HEQ11YQH5NDF00RQZ2ZRCY60
cf-cache-status: HIT
age: 922054
accept-ranges: bytes
set-cookie: __cf_bm=Hx4g_7WRKau79ufDQuBemdD1tesTwLvdf0L.QhA1bVo-1701555782-0-AS1g2SeXm8tunRw6YOpouMytnkoMlvzMYabN+NLgSl+rpH2IRYsKkJ92oz7mP8SYE6TvSZkqJC9YE/Rqmdwr1ek=; path=/; expires=Sat, 02-Dec-23 22:53:02 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 82f6f8d64e4a56cb-OSL
alt-svc: h3=":443"; ma=86400

www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js

142.250.74.35

200 OK

191 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://upfilesurls.com/XC1j
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (563)
Size
191 kB (190682 bytes)
Hash
23b9dd721490a4062ba8d01454ef6ba9
efdbb7331585411f7d397dacbf51fd3e95f3031d
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7

HTTP Headers

GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 190682
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 02 Dec 2023 11:33:07 GMT
expires: Sun, 01 Dec 2024 11:33:07 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 38995
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp07cDSDsTfhid2JZRUACrn_lwC7HFljWpcdcRHxJvN6wiZn6fhwPCMI930CGRZlO0fRnAyJaA

142.250.150.84

302 Found

404 B

URL GET HTTP/3
accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp07cDSDsTfhid2JZRUACrn_lwC7HFljWpcdcRHxJvN6wiZn6fhwPCMI930CGRZlO0fRnAyJaA
IP
142.250.150.84:443
ASN
#15169 GOOGLE

Requested by
https://upfilesurls.com/XC1j
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (397)
Size
404 B (404 bytes)
Hash
348300de7c228a073d031f41f23349d4
edcff781130be307758664d7150d5dd62199697c
e51440f1b2d8052c6fa123b95df0bad6e556fc5bf03080dc44bfcbb0c61c4d1a

HTTP Headers

GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp07cDSDsTfhid2JZRUACrn_lwC7HFljWpcdcRHxJvN6wiZn6fhwPCMI930CGRZlO0fRnAyJaA HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:KC4wdhUA8hJzTUvhEIDXfZzHZ_jW_g:i6aUdZ_KyiuOHoMV;Path=/;Expires=Mon, 01-Dec-2025 22:23:02 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 02 Dec 2023 22:23:02 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp296VJG0t25Ntgd4IDV5nbYyeEQuQwuo1ms73OXUnBrMi9VOErhaWzrvMIHLDEgmP7S8ybu&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-754044950%3A1701555782253596&theme=glif
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-1ujtgY689SMtTfwMbYebyg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 404
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASKXGp07RazDhp0QY926Z0wLtiUSIKs-jPidBrqRvFgOlHP7Agbs4bk49TjC-iGNDT3zxQ8YpinESA

142.250.150.84

302 Found

402 B

URL GET HTTP/3
accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASKXGp07RazDhp0QY926Z0wLtiUSIKs-jPidBrqRvFgOlHP7Agbs4bk49TjC-iGNDT3zxQ8YpinESA
IP
142.250.150.84:443
ASN
#15169 GOOGLE

Requested by
https://upfilesurls.com/XC1j
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (393)
Size
402 B (402 bytes)
Hash
276b88116116216c912b48d8dde3a315
f3aefc935f6b630f8a6d014b5e4ae3449d71a139
c2aff638f4ebfb2a8267b5bceaad4a7f0b38ec957a8dee740795b53377fdc9da

HTTP Headers

GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASKXGp07RazDhp0QY926Z0wLtiUSIKs-jPidBrqRvFgOlHP7Agbs4bk49TjC-iGNDT3zxQ8YpinESA HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:sdPfeinXeXlPPKEV_mjH4ak6NvapLw:_n9VsK5Hn2_qeGC5;Path=/;Expires=Mon, 01-Dec-2025 22:23:02 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 02 Dec 2023 22:23:02 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp11DZSjf4vSdFZskwo21X92U37x-zM47qQrTVD7q2Q089KURLV-4_DpL4ykqzbzxy295I0Y&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-871879159%3A1701555782257069&theme=glif
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-ke7L8-JAfDQDuc91BOefWw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 402
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

api.demand.supply/v17-21-0/a/upfilesurls.com_fluid_lb+sq_firstpageafterbutton_1?&dsReferer=dXBmaWxlc3VybHMuY29tL1hDMWo=

104.16.133.22

200 OK

256 B

URL GET HTTP/3
api.demand.supply/v17-21-0/a/upfilesurls.com_fluid_lb+sq_firstpageafterbutton_1?&dsReferer=dXBmaWxlc3VybHMuY29tL1hDMWo=
IP
104.16.133.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/XC1j
Certificate
IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT

File type
JSON data\012- , ASCII text, with very long lines (384), with no line terminators
Size
256 B (256 bytes)
Hash
31827f1e72d83c3182e617956682db8c
98e4b06589d3fa044f17acf8b755d368bad11a0b
2dd4825d0a57afae52680372dd9e96ae22c6495c776f8bd253d46424703a0df5

HTTP Headers

GET /v17-21-0/a/upfilesurls.com_fluid_lb+sq_firstpageafterbutton_1?&dsReferer=dXBmaWxlc3VybHMuY29tL1hDMWo= HTTP/1.1
Host: api.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 02 Dec 2023 22:23:02 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
etag: W/"180-mOSwZYnT+gRPF6z4t1XTaLrRGgs"
cf-cache-status: HIT
age: 3976
set-cookie: __cf_bm=lazaJtpDbkgtzFpH.KmHu.lnP68jxUcKMdnMYICFQxI-1701555782-0-AVcsEKE3OFh+RdhZ8JrqeYneuvadNBU2Bix+/LY0wjBG6fLgMfSS4nMVQUa7+rtPV0io7xaYO/dzG264AzIFWnc=; path=/; expires=Sat, 02-Dec-23 22:53:02 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 82f6f8d60e1756cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp296VJG0t25Ntgd4IDV5nbYyeEQuQwuo1ms73OXUnBrMi9VOErhaWzrvMIHLDEgmP7S8ybu&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-754044950%3A1701555782253596&theme=glif

142.250.150.84

403 Forbidden

808 B

URL GET HTTP/3
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp296VJG0t25Ntgd4IDV5nbYyeEQuQwuo1ms73OXUnBrMi9VOErhaWzrvMIHLDEgmP7S8ybu&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-754044950%3A1701555782253596&theme=glif
IP
142.250.150.84:443
ASN
#15169 GOOGLE

Requested by
https://upfilesurls.com/XC1j
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1644), with no line terminators
Size
808 B (808 bytes)
Hash
5b87a21164f0af3524d98163f6df366e
d9c0f39d63bf109e7173ae76556cf3bad6e67a89
d44dff88a0e5e545f9563798086157090b50f49d8c0f432621f6aac11b48b3a5

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp296VJG0t25Ntgd4IDV5nbYyeEQuQwuo1ms73OXUnBrMi9VOErhaWzrvMIHLDEgmP7S8ybu&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-754044950%3A1701555782253596&theme=glif HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 02 Dec 2023 22:23:02 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-security-policy: script-src 'nonce-r2YJmpzGKaBBo3s0_b4EfQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp11DZSjf4vSdFZskwo21X92U37x-zM47qQrTVD7q2Q089KURLV-4_DpL4ykqzbzxy295I0Y&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-871879159%3A1701555782257069&theme=glif

142.250.150.84

403 Forbidden

805 B

URL GET HTTP/3
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp11DZSjf4vSdFZskwo21X92U37x-zM47qQrTVD7q2Q089KURLV-4_DpL4ykqzbzxy295I0Y&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-871879159%3A1701555782257069&theme=glif
IP
142.250.150.84:443
ASN
#15169 GOOGLE

Requested by
https://upfilesurls.com/XC1j
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1644), with no line terminators
Size
805 B (805 bytes)
Hash
2e829b36e9011454056dd8f639fa576f
cfe41410f329af2403403ecf50dd1713f2bc0010
86d18f1c708048f44ea4ab58578345d6446c932c093be1f34d9f32d4d93bf3b5

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp11DZSjf4vSdFZskwo21X92U37x-zM47qQrTVD7q2Q089KURLV-4_DpL4ykqzbzxy295I0Y&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-871879159%3A1701555782257069&theme=glif HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 02 Dec 2023 22:23:02 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-CpeKpUYV8dXTq78f154tAw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

142.250.74.2

200 OK

0 B

URL HEAD HTTP/2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP
142.250.74.2:443
ASN
#15169 GOOGLE

Requested by
https://upfilesurls.com/XC1j
Certificate
IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint6C:2A:75:F2:3F:EF:4F:43:B1:8D:C3:B7:E9:2E:4A:EF:40:6A:FC:92
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 02 Dec 2023 22:23:03 GMT
expires: Sat, 02 Dec 2023 22:23:03 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 12096850179318139504
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 52609
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

live.demand.supply/e/e.js?r=upfilesurls.com_fluid_sq_firstpageaftertitle_1&e=empdr&dsReferer=dXBmaWxlc3VybHMuY29tL1hDMWo=

104.16.133.22

200 OK

0 B

URL HEAD HTTP/3
live.demand.supply/e/e.js?r=upfilesurls.com_fluid_sq_firstpageaftertitle_1&e=empdr&dsReferer=dXBmaWxlc3VybHMuY29tL1hDMWo=
IP
104.16.133.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/XC1j
Certificate
IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /e/e.js?r=upfilesurls.com_fluid_sq_firstpageaftertitle_1&e=empdr&dsReferer=dXBmaWxlc3VybHMuY29tL1hDMWo= HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 02 Dec 2023 22:23:03 GMT
content-type: application/javascript; charset=UTF-8
content-length: 1
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=2
etag: "4de2110991f3807e8b4a19c48c14f2d1-ssl"
strict-transport-security: max-age=31536000
x-nf-request-id: 01HEQ11YQH5NDF00RQZ2ZRCY60
cf-cache-status: HIT
age: 922055
accept-ranges: bytes
set-cookie: __cf_bm=pYY24ng9FHG7_idSILPgwE.p8v6VyHvPXN_c84_TOQw-1701555783-0-AcG02vYBNukePiFJ51IouNZMu6Ivd98hfr8O+Ug8RQnKO/dQvuzgaakV47AKDLxgKpOOWm7v9vcWQPO72zF1eZY=; path=/; expires=Sat, 02-Dec-23 22:53:03 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 82f6f8db4b6856cb-OSL
alt-svc: h3=":443"; ma=86400

live.demand.supply/impl.v17.23.1.js

104.16.133.22

200 OK

88 kB

URL GET HTTP/3
live.demand.supply/impl.v17.23.1.js
IP
104.16.133.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/XC1j
Certificate
IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT

File type
ASCII text, with very long lines (23263)
Size
88 kB (88018 bytes)
Hash
a126ddea54aa780835368bf1e6519b03
9e882f4aea3df64224789b0f57a28c541e9b52cd
21f113cdf5618b645145c239293ad9fd2bac75d71c17377e89636ef4fe52b8ba

HTTP Headers

GET /impl.v17.23.1.js HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Cookie: demandSupplyTi=5dfbc484-59ce-4d01-bb0f-d35b8fb7493d; __cf_bm=Cqb9D4gPw1OUwfiL.mIwq.JIymhjh8CUjfy7szlJ_Cw-1701555781-0-AT/mE45JYbOTaLsgsK/XLv4mlK04JeCT/Ce1peM/gh4O+nBRdv8yoiOI7jEA46rDnx4jC3OQm3fyr1QLeAeY5t0=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 02 Dec 2023 22:23:01 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
cache-status: "Netlify Edge"; fwd=miss
cf-bgj: minify
cf-polished: origSize=88200
etag: W/"8aec9afb152593f3439ffcbf395458c2-ssl-df"
strict-transport-security: max-age=31536000
timing-allow-origin: *
vary: Accept-Encoding
x-nf-request-id: 01HGKAX7FS486RAMYC2BFDPGHN
cf-cache-status: HIT
age: 99741
server: cloudflare
cf-ray: 82f6f8d23d18712f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

live.demand.supply/ds.2.html

104.16.133.22

200 OK

413 B

URL GET HTTP/3
live.demand.supply/ds.2.html
IP
104.16.133.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/XC1j
Certificate
IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (430), with no line terminators
Size
413 B (413 bytes)
Hash
68dce237203af5e16657b39e1f2e7b46
8084ece9e2500c1a0731aaf8f33290744b174b9c
8534d0076676e85517a298ded722e84bb64abf655fbc565588f76a7e26ad4680

HTTP Headers

GET /ds.2.html HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 02 Dec 2023 22:23:01 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-nf-request-id: 01HFP9N9C4P8K47VBZVVEWGYZG
cf-cache-status: HIT
age: 922053
set-cookie: __cf_bm=Wlhu8bS91xw1EhZGNQYyLMpRMlYUeeTDR8sKG2o1ob0-1701555781-0-AWbZnrUI4njpXDDLyyysEWWQ8T0Vh9v4lKKpApoe4c8sHdaSimxAfp9Zs0saZPyt8ex86o3YyWSec9ogmXCO1sU=; path=/; expires=Sat, 02-Dec-23 22:53:01 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 82f6f8d25d25712f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

upfilesurls.com/img/faqs-image.svg

104.26.8.138

200 OK

38 kB

URL GET HTTP/2
upfilesurls.com/img/faqs-image.svg
IP
104.26.8.138:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/XC1j
Certificate
IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
FingerprintC4:06:EA:F3:4B:AA:F0:43:B3:17:05:E3:66:A4:76:2C:54:9D:91:CF
ValidityMon, 20 Nov 2023 19:51:53 GMT - Sun, 18 Feb 2024 19:51:52 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (4190)
Size
38 kB (38395 bytes)
Hash
a60b7216905928c625ae9592044476cd
e70c5be728c7bd1198100337487aafe126834ca3
9a717285429d468fadc4d25179fc6feb49e6335f3af1675fb6be1cb50e7e8322

HTTP Headers

GET /img/faqs-image.svg HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/XC1j
Cookie: XSRF-TOKEN=eyJpdiI6InliN2lTblJaV21CUUxOcVVXckxiMXc9PSIsInZhbHVlIjoiUTREdlN4UEJnMm96emxpVExSVm1lSk05cGxpUnF1UmxkM24zZDFFc0tYaUhvSFFDSUZNVVdHOCtuV2JNdjR6Q3JMazAxMmpsbGtQOWlQVjgwL0x2ZlhrMWhIRDlJR1RzSDYyd3VEUW0wc3IzMmROckp2R0xSaVg5VlVHbEswVXgiLCJtYWMiOiI4MmNkYTk4MjJmNGRmNzdmNTQ3NzM3Mjc3NjY5NjQzYzY3ODYyYWM3OGJhZjkwMDRlNGJlMTkyNjZmZmI3Zjg5IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6Im13Q0dROXhPQ2JGTWJaUmNBZUEyU0E9PSIsInZhbHVlIjoiVktaVE5WZG90NlVlUTZsUFJOSVdFSnZFV09xTHEvZ2JjYUNsTWlHM09CL2pxeHdlYzhEcjZmU3U1OGE5WTgxSXV5ejRyc21RRStuaXd2UFJkWTc2Y1V2YmpPeWJqN3BENXAxTEtDeXNZL01XSS9PQmt5V1c2Y2kyMHl6M2k5aWMiLCJtYWMiOiJjYWVkMmFiNzE2MWYxMGVhZDFjOWNmYmJjYWEyZTRkMzdjYzhhMzZiYzU1Njg3ZTExYTYxOTZmMGNhOGQyMzRjIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 02 Dec 2023 22:23:00 GMT
content-type: image/svg+xml
last-modified: Fri, 13 Jan 2023 13:29:35 GMT
vary: Accept-Encoding
etag: W/"63c15cbf-95fb"
cache-control: max-age=2592000
cf-cache-status: HIT
age: 816025
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2FOcCSk%2Bpow%2Fr1JiwMj%2FvL343aIdNQG3xD2a89kEjn7DLImAjr%2FIL%2BbkX0aut%2BoPJkNJhH439zQJLc7JVOV2taioDlaxaXJgtuciL2fHgz9u4Lg2WNPB450wQyuKboli5g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f6f8cb7bed56b5-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-197252557-1

142.250.74.168

200 OK

191 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-197252557-1
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://upfilesurls.com/XC1j
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (4179)
Size
191 kB (190753 bytes)
Hash
f6c2727fb0fc85026d6987b2daef0bb7
f98119215d9c3b8139a9c32ae5f80f7ef4f95f27
c24e9d747182a2cd7728813d27e8917255750e3595efd424f4b62d10b16c11a3

HTTP Headers

GET /gtag/js?id=UA-197252557-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 02 Dec 2023 22:23:00 GMT
expires: Sat, 02 Dec 2023 22:23:00 GMT
cache-control: private, max-age=900
last-modified: Sat, 02 Dec 2023 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 69021
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

live.demand.supply/e/e.js?r=upfilesurls.com_fluid_lb%2Bsq_firstpageafterbutton_1&e=empdr&dsReferer=dXBmaWxlc3VybHMuY29tL1hDMWo=

104.16.133.22

200 OK

0 B

URL HEAD HTTP/3
live.demand.supply/e/e.js?r=upfilesurls.com_fluid_lb%2Bsq_firstpageafterbutton_1&e=empdr&dsReferer=dXBmaWxlc3VybHMuY29tL1hDMWo=
IP
104.16.133.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/XC1j
Certificate
IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /e/e.js?r=upfilesurls.com_fluid_lb%2Bsq_firstpageafterbutton_1&e=empdr&dsReferer=dXBmaWxlc3VybHMuY29tL1hDMWo= HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 02 Dec 2023 22:23:02 GMT
content-type: application/javascript; charset=UTF-8
content-length: 1
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=2
etag: "4de2110991f3807e8b4a19c48c14f2d1-ssl"
strict-transport-security: max-age=31536000
x-nf-request-id: 01HEQ11YQH5NDF00RQZ2ZRCY60
cf-cache-status: HIT
age: 922054
accept-ranges: bytes
set-cookie: __cf_bm=pdL6k5iSGXV8BopFmgW744VptJfS36rbwXTVgWzfk64-1701555782-0-AZ5LOgRWM0ZYLnudweQoOFMedd84jiL6fBQ3xBD4Ox3JFGHlaJpLccnXaPwB6seBh/ED/d41mthhe8eFHS7RYaA=; path=/; expires=Sat, 02-Dec-23 22:53:02 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 82f6f8db4b6b56cb-OSL
alt-svc: h3=":443"; ma=86400

www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

142.250.74.131

200 OK

921 B

URL GET HTTP/2
www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://upfilesurls.com/XC1j
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc.google.com
Fingerprint60:EB:F2:B5:46:D7:39:12:3D:8C:D5:9A:EC:14:D4:9C:47:0F:DE:DE
ValidityMon, 23 Oct 2023 11:19:58 GMT - Mon, 15 Jan 2024 11:19:57 GMT

File type
ASCII text, with very long lines (921), with no line terminators
Size
921 B (921 bytes)
Hash
5b6f08f1e0f0284cf893616838da61f3
b267f92b338a62dc38640f2ef7c6c33ab129e962
04accf2271af1d069333bfbe89d2002c5e92cfd66b7fd41a31e71616cdd47b28

HTTP Headers

GET /recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit HTTP/1.1
Host: www.recaptcha.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Sat, 02 Dec 2023 22:23:01 GMT
date: Sat, 02 Dec 2023 22:23:01 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

upfilesurls.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js

104.26.8.138

200 OK

7.3 kB

URL GET HTTP/2
upfilesurls.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
IP
104.26.8.138:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/XC1j
Certificate
IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
FingerprintC4:06:EA:F3:4B:AA:F0:43:B3:17:05:E3:66:A4:76:2C:54:9D:91:CF
ValidityMon, 20 Nov 2023 19:51:53 GMT - Sun, 18 Feb 2024 19:51:52 GMT

File type
ASCII text, with very long lines (7326), with no line terminators
Size
7.3 kB (7326 bytes)
Hash
e95e2d755c0b215ef89f515998200597
4b95450291897720a34cb3e3415176f777cba2d3
7199cbfab2acf8b4cbad23f1fd9f7ddcad51bc6e33aed2a1aa3ffc8e4530c0d0

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InliN2lTblJaV21CUUxOcVVXckxiMXc9PSIsInZhbHVlIjoiUTREdlN4UEJnMm96emxpVExSVm1lSk05cGxpUnF1UmxkM24zZDFFc0tYaUhvSFFDSUZNVVdHOCtuV2JNdjR6Q3JMazAxMmpsbGtQOWlQVjgwL0x2ZlhrMWhIRDlJR1RzSDYyd3VEUW0wc3IzMmROckp2R0xSaVg5VlVHbEswVXgiLCJtYWMiOiI4MmNkYTk4MjJmNGRmNzdmNTQ3NzM3Mjc3NjY5NjQzYzY3ODYyYWM3OGJhZjkwMDRlNGJlMTkyNjZmZmI3Zjg5IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6Im13Q0dROXhPQ2JGTWJaUmNBZUEyU0E9PSIsInZhbHVlIjoiVktaVE5WZG90NlVlUTZsUFJOSVdFSnZFV09xTHEvZ2JjYUNsTWlHM09CL2pxeHdlYzhEcjZmU3U1OGE5WTgxSXV5ejRyc21RRStuaXd2UFJkWTc2Y1V2YmpPeWJqN3BENXAxTEtDeXNZL01XSS9PQmt5V1c2Y2kyMHl6M2k5aWMiLCJtYWMiOiJjYWVkMmFiNzE2MWYxMGVhZDFjOWNmYmJjYWEyZTRkMzdjYzhhMzZiYzU1Njg3ZTExYTYxOTZmMGNhOGQyMzRjIiwidGFnIjoiIn0%3D; ab=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 02 Dec 2023 22:23:01 GMT
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
cache-control: max-age=14400, public
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gyBxniS4IBSffPfYFXJLSm9rGMGBJZ65ojhDWGTcxXpEV5bcnPIrOVvOxiwviKGVOeH0Bhddh3Jo%2B7w5Ifcix3E3wRynukYoGhrJlXJJ5WSBzv3Omk3Q8DW%2BPh4P7TmKBw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f6f8d2fb9856b5-OSL
content-encoding: br
X-Firefox-Spdy: h2

upfilesurls.com/cdn-cgi/challenge-platform/h/b/jsd/r/82f6f8c6cf2156b5

104.26.8.138

200 OK

0 B

URL POST HTTP/2
upfilesurls.com/cdn-cgi/challenge-platform/h/b/jsd/r/82f6f8c6cf2156b5
IP
104.26.8.138:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/XC1j
Certificate
IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
FingerprintC4:06:EA:F3:4B:AA:F0:43:B3:17:05:E3:66:A4:76:2C:54:9D:91:CF
ValidityMon, 20 Nov 2023 19:51:53 GMT - Sun, 18 Feb 2024 19:51:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/jsd/r/82f6f8c6cf2156b5 HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12187
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/XC1j
Cookie: XSRF-TOKEN=eyJpdiI6InliN2lTblJaV21CUUxOcVVXckxiMXc9PSIsInZhbHVlIjoiUTREdlN4UEJnMm96emxpVExSVm1lSk05cGxpUnF1UmxkM24zZDFFc0tYaUhvSFFDSUZNVVdHOCtuV2JNdjR6Q3JMazAxMmpsbGtQOWlQVjgwL0x2ZlhrMWhIRDlJR1RzSDYyd3VEUW0wc3IzMmROckp2R0xSaVg5VlVHbEswVXgiLCJtYWMiOiI4MmNkYTk4MjJmNGRmNzdmNTQ3NzM3Mjc3NjY5NjQzYzY3ODYyYWM3OGJhZjkwMDRlNGJlMTkyNjZmZmI3Zjg5IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6Im13Q0dROXhPQ2JGTWJaUmNBZUEyU0E9PSIsInZhbHVlIjoiVktaVE5WZG90NlVlUTZsUFJOSVdFSnZFV09xTHEvZ2JjYUNsTWlHM09CL2pxeHdlYzhEcjZmU3U1OGE5WTgxSXV5ejRyc21RRStuaXd2UFJkWTc2Y1V2YmpPeWJqN3BENXAxTEtDeXNZL01XSS9PQmt5V1c2Y2kyMHl6M2k5aWMiLCJtYWMiOiJjYWVkMmFiNzE2MWYxMGVhZDFjOWNmYmJjYWEyZTRkMzdjYzhhMzZiYzU1Njg3ZTExYTYxOTZmMGNhOGQyMzRjIiwidGFnIjoiIn0%3D; ab=2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 02 Dec 2023 22:23:02 GMT
content-type: text/plain; charset=UTF-8
set-cookie: cf_clearance=E0wGqbjuKvs2kowB.CMP24LxgQX4v4wGTMmY8gySvTU-1701555782-0-1-730ca2d2.57dbd4fb.240dfd32-0.2.1701555782; path=/; expires=Sun, 01-Dec-24 22:23:02 GMT; domain=.upfilesurls.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CWvJ6OVEbzuNJVTTlse1OAVNHKL1vdkmn3H1mahIEa9nAShQYmgS0LLWsRKKnqv%2BXanjzQcZj%2BFIUlYqkU8nBMLqWmFypunRH7UQ6ysZk387wkz%2BUjfuWKI%2FajDpx6HAEA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f6f8d5fee956b5-OSL
content-encoding: br
X-Firefox-Spdy: h2

lingrethertantin.com/T0xDMm8uLiBfUC5xIRQaPSB+F10JaXF0Czl6dQEJLHx1Vlx6JW1RAyA5J1QdICI3HAEqOGYAKQMaG2RdHBQgACgnKzVhLAovBlw9AC4GfC4qGRlIJzgZLnU8GQUOVToqBStdPgUfDmMmDB41cxZ3HhABAx0DEWM2AyczSCoNKzJhAh0YBUtfGS0GdD4fHSAEJyQ/ZgApCx97VC02fAB/LhoeIUUmfx8BQQILGDRoKCYkEGgVAQgZAgs4HnNoBw4INFAqJhUCeAMNCSZgBCcZBmBaHSEVUD0iNAZ0Xg0JJmMudwtzcFYaIRoBOnw4C346AQ8hdz4XGQYfPXoOEHw+HR0rdTUaDhpXOXo7EQI2OgkpawoIGzt0Kn8oBFcqKyARdzV7GS5WKQoPAnQiDQEZfzkFIg4CC3odLUYpGgg7eTUOailBACE8fnYjJjssVAMbCRZg

108.157.214.128

200 OK

3.0 kB

URL GET HTTP/2
lingrethertantin.com/T0xDMm8uLiBfUC5xIRQaPSB+F10JaXF0Czl6dQEJLHx1Vlx6JW1RAyA5J1QdICI3HAEqOGYAKQMaG2RdHBQgACgnKzVhLAovBlw9AC4GfC4qGRlIJzgZLnU8GQUOVToqBStdPgUfDmMmDB41cxZ3HhABAx0DEWM2AyczSCoNKzJhAh0YBUtfGS0GdD4fHSAEJyQ/ZgApCx97VC02fAB/LhoeIUUmfx8BQQILGDRoKCYkEGgVAQgZAgs4HnNoBw4INFAqJhUCeAMNCSZgBCcZBmBaHSEVUD0iNAZ0Xg0JJmMudwtzcFYaIRoBOnw4C346AQ8hdz4XGQYfPXoOEHw+HR0rdTUaDhpXOXo7EQI2OgkpawoIGzt0Kn8oBFcqKyARdzV7GS5WKQoPAnQiDQEZfzkFIg4CC3odLUYpGgg7eTUOailBACE8fnYjJjssVAMbCRZg
IP
108.157.214.128:443
ASN
#16509 AMAZON-02

Requested by
https://upfilesurls.com/XC1j
Certificate
IssuerAmazon
Subjectlingrethertantin.com
Fingerprint05:43:5F:62:44:4A:F8:16:0D:0E:1F:DC:05:AA:39:FF:6E:4C:56:B8
ValidityMon, 27 Nov 2023 00:00:00 GMT - Wed, 25 Dec 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3065), with no line terminators
Size
3.0 kB (3039 bytes)
Hash
a736bde87e1a2ea0433e32ded199bb91
302b3cc3959bb2a0654ae363f23f02969397b8d7
8a070ffdca4413a87a1d211f351ae3c9993e4e47a20034724bf365b17bfb8f29

HTTP Headers

GET /T0xDMm8uLiBfUC5xIRQaPSB+F10JaXF0Czl6dQEJLHx1Vlx6JW1RAyA5J1QdICI3HAEqOGYAKQMaG2RdHBQgACgnKzVhLAovBlw9AC4GfC4qGRlIJzgZLnU8GQUOVToqBStdPgUfDmMmDB41cxZ3HhABAx0DEWM2AyczSCoNKzJhAh0YBUtfGS0GdD4fHSAEJyQ/ZgApCx97VC02fAB/LhoeIUUmfx8BQQILGDRoKCYkEGgVAQgZAgs4HnNoBw4INFAqJhUCeAMNCSZgBCcZBmBaHSEVUD0iNAZ0Xg0JJmMudwtzcFYaIRoBOnw4C346AQ8hdz4XGQYfPXoOEHw+HR0rdTUaDhpXOXo7EQI2OgkpawoIGzt0Kn8oBFcqKyARdzV7GS5WKQoPAnQiDQEZfzkFIg4CC3odLUYpGgg7eTUOailBACE8fnYjJjssVAMbCRZg HTTP/1.1
Host: lingrethertantin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html
content-length: 1192
date: Sat, 02 Dec 2023 22:23:01 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 bfeae0ecbffe44ad98e5cd0ae83bdb4a.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: -XtHdgmjnw3iGvqigvEcAXG73UK_BkQzb47bUalr8uV2WqwkX2Vhfg==
X-Firefox-Spdy: h2

live.demand.supply/p4/v17-21-0/dXBmaWxlc3VybHMuY29tL1hDMWo=

104.16.133.22

200 OK

984 B

URL GET HTTP/3
live.demand.supply/p4/v17-21-0/dXBmaWxlc3VybHMuY29tL1hDMWo=
IP
104.16.133.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/XC1j
Certificate
IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1122), with no line terminators
Size
984 B (984 bytes)
Hash
184b621cc1ab7ffdef4a29d2a129378c
10bb6ef49394f949aeddfe26015580ebfc0f2e5b
85f5c950c6aa0e947bdde430dec7fd2626a82f6db8097a193b8f2e97b0462669

HTTP Headers

GET /p4/v17-21-0/dXBmaWxlc3VybHMuY29tL1hDMWo= HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Cookie: demandSupplyTi=5dfbc484-59ce-4d01-bb0f-d35b8fb7493d; __cf_bm=Cqb9D4gPw1OUwfiL.mIwq.JIymhjh8CUjfy7szlJ_Cw-1701555781-0-AT/mE45JYbOTaLsgsK/XLv4mlK04JeCT/Ce1peM/gh4O+nBRdv8yoiOI7jEA46rDnx4jC3OQm3fyr1QLeAeY5t0=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 02 Dec 2023 22:23:01 GMT
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
vary: Accept-Encoding
server: cloudflare
cf-ray: 82f6f8d25d24712f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

api.demand.supply/v17-21-0/a/upfilesurls.com_fluid_sq_firstpageaftertitle_1?&dsReferer=dXBmaWxlc3VybHMuY29tL1hDMWo=

104.16.133.22

200 OK

384 B

URL GET HTTP/3
api.demand.supply/v17-21-0/a/upfilesurls.com_fluid_sq_firstpageaftertitle_1?&dsReferer=dXBmaWxlc3VybHMuY29tL1hDMWo=
IP
104.16.133.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/XC1j
Certificate
IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (454), with no line terminators
Size
384 B (384 bytes)
Hash
a4894659a363b7494b15587042971219
8015a0df17b5b3624c2bb5ed0cb1a4fc5f11d143
2dfe053894b6f2426ab4a6472238c0c3b2efb50b546a6a6bd541494c8ef86c58

HTTP Headers

GET /v17-21-0/a/upfilesurls.com_fluid_sq_firstpageaftertitle_1?&dsReferer=dXBmaWxlc3VybHMuY29tL1hDMWo= HTTP/1.1
Host: api.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 02 Dec 2023 22:23:02 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
etag: W/"180-SDVUHLZoHsy5G7tRIWVKd1d2DGY"
cf-cache-status: HIT
age: 3976
set-cookie: __cf_bm=rSDvQuFgyaSjBoLYbAqlZEvCc84f77O80Z3.m.chDdw-1701555782-0-Abkel23sOKvFPtMpNYxA+VKevKTeSz1W0hu3jhGY8ZfM1MDv7DTH7FAOjo8YZfaycXVVu9680rmoEjt8ChdxdVE=; path=/; expires=Sat, 02-Dec-23 22:53:02 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 82f6f8d60e1556cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

pogothere.xyz/asd100.bin

188.114.96.1

200 OK

102 kB

URL GET HTTP/2
pogothere.xyz/asd100.bin
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/XC1j
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT

File type
data
Size
102 kB (102400 bytes)
Hash
4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

HTTP Headers

GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://upfilesurls.com/
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 02 Dec 2023 22:23:01 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://upfilesurls.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 2637
last-modified: Sat, 02 Dec 2023 21:39:04 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rDmOdxNO5hQvg2dl8ccpd2mGvTOB8pos0hkRmyTfXmxEYX7pg5PRex5%2BdFBpJHsMlRIihXYxyFr6CA61wiCYDhN5wXiF8F%2F6EA9U3YLnEdwOE61YtrD6naTLZAv1dMFY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82f6f8d22f9056b1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

live.demand.supply/e/e.js?r=upfilesurls.com_fluid_lb%2Bsq_firstpagebeforetitle_1&e=empdr&dsReferer=dXBmaWxlc3VybHMuY29tL1hDMWo=

104.16.133.22

200 OK

0 B

URL HEAD HTTP/3
live.demand.supply/e/e.js?r=upfilesurls.com_fluid_lb%2Bsq_firstpagebeforetitle_1&e=empdr&dsReferer=dXBmaWxlc3VybHMuY29tL1hDMWo=
IP
104.16.133.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/XC1j
Certificate
IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /e/e.js?r=upfilesurls.com_fluid_lb%2Bsq_firstpagebeforetitle_1&e=empdr&dsReferer=dXBmaWxlc3VybHMuY29tL1hDMWo= HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 02 Dec 2023 22:23:02 GMT
content-type: application/javascript; charset=UTF-8
content-length: 1
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=2
etag: "4de2110991f3807e8b4a19c48c14f2d1-ssl"
strict-transport-security: max-age=31536000
x-nf-request-id: 01HEQ11YQH5NDF00RQZ2ZRCY60
cf-cache-status: HIT
age: 922054
accept-ranges: bytes
set-cookie: __cf_bm=l0b.UCzJilZ0vZwAppMJLp70f_5JCeKk9Sft3mpnn64-1701555782-0-AXmStMu4KutpgfJFTIm0QoOe+vRUGy22Ph25x7ekCTz4TJk1w0+j+8ffev1lR17eNADnBqlxvNH1psMdMUUD3Qg=; path=/; expires=Sat, 02-Dec-23 22:53:02 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 82f6f8d7ffeb56cb-OSL
alt-svc: h3=":443"; ma=86400

upfilesurls.com/css/frontend.css?id=2396ffb76e738e465b53

104.26.8.138

200 OK

261 kB

URL GET HTTP/2
upfilesurls.com/css/frontend.css?id=2396ffb76e738e465b53
IP
104.26.8.138:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/XC1j
Certificate
IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
FingerprintC4:06:EA:F3:4B:AA:F0:43:B3:17:05:E3:66:A4:76:2C:54:9D:91:CF
ValidityMon, 20 Nov 2023 19:51:53 GMT - Sun, 18 Feb 2024 19:51:52 GMT

File type

Size
261 kB (261253 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /css/frontend.css?id=2396ffb76e738e465b53 HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/XC1j
Cookie: XSRF-TOKEN=eyJpdiI6InliN2lTblJaV21CUUxOcVVXckxiMXc9PSIsInZhbHVlIjoiUTREdlN4UEJnMm96emxpVExSVm1lSk05cGxpUnF1UmxkM24zZDFFc0tYaUhvSFFDSUZNVVdHOCtuV2JNdjR6Q3JMazAxMmpsbGtQOWlQVjgwL0x2ZlhrMWhIRDlJR1RzSDYyd3VEUW0wc3IzMmROckp2R0xSaVg5VlVHbEswVXgiLCJtYWMiOiI4MmNkYTk4MjJmNGRmNzdmNTQ3NzM3Mjc3NjY5NjQzYzY3ODYyYWM3OGJhZjkwMDRlNGJlMTkyNjZmZmI3Zjg5IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6Im13Q0dROXhPQ2JGTWJaUmNBZUEyU0E9PSIsInZhbHVlIjoiVktaVE5WZG90NlVlUTZsUFJOSVdFSnZFV09xTHEvZ2JjYUNsTWlHM09CL2pxeHdlYzhEcjZmU3U1OGE5WTgxSXV5ejRyc21RRStuaXd2UFJkWTc2Y1V2YmpPeWJqN3BENXAxTEtDeXNZL01XSS9PQmt5V1c2Y2kyMHl6M2k5aWMiLCJtYWMiOiJjYWVkMmFiNzE2MWYxMGVhZDFjOWNmYmJjYWEyZTRkMzdjYzhhMzZiYzU1Njg3ZTExYTYxOTZmMGNhOGQyMzRjIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 02 Dec 2023 22:23:00 GMT
content-type: text/css
cache-control: max-age=31536000
cf-bgj: minify
etag: W/"63a354a4-3f918"
last-modified: Wed, 21 Dec 2022 18:47:00 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 816025
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2BwJaRved8MsLdhXMLQZkPnNToXCtvzgtM7ju67XuAVZ7dQkLMGWM4v5rroefPLna3I%2B7yQFxmjnXqUBdNtI90HPJRUZy0iKjJPdNj0T6pF4JGZ2ViSI7XkhukLe2NU8Pg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f6f8cb7be756b5-OSL
content-encoding: br
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.131

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://upfilesurls.com/XC1j
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:52:12 GMT
expires: Thu, 28 Nov 2024 21:52:12 GMT
cache-control: public, max-age=31536000
age: 261049
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

upfilesurls.com/img/plane.svg

104.26.8.138

200 OK

684 B

URL GET HTTP/2
upfilesurls.com/img/plane.svg
IP
104.26.8.138:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/XC1j
Certificate
IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
FingerprintC4:06:EA:F3:4B:AA:F0:43:B3:17:05:E3:66:A4:76:2C:54:9D:91:CF
ValidityMon, 20 Nov 2023 19:51:53 GMT - Sun, 18 Feb 2024 19:51:52 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (701), with no line terminators
Size
684 B (684 bytes)
Hash
8e7c41bde9bc90def2171d239eb22f04
853c0fbf7ca55b313af83201d95d6f6f3d3225ba
9bc4e093793a06ba14d0505710aad5254212125573342fa92c228f873d05bfea

HTTP Headers

GET /img/plane.svg HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/XC1j
Cookie: XSRF-TOKEN=eyJpdiI6InliN2lTblJaV21CUUxOcVVXckxiMXc9PSIsInZhbHVlIjoiUTREdlN4UEJnMm96emxpVExSVm1lSk05cGxpUnF1UmxkM24zZDFFc0tYaUhvSFFDSUZNVVdHOCtuV2JNdjR6Q3JMazAxMmpsbGtQOWlQVjgwL0x2ZlhrMWhIRDlJR1RzSDYyd3VEUW0wc3IzMmROckp2R0xSaVg5VlVHbEswVXgiLCJtYWMiOiI4MmNkYTk4MjJmNGRmNzdmNTQ3NzM3Mjc3NjY5NjQzYzY3ODYyYWM3OGJhZjkwMDRlNGJlMTkyNjZmZmI3Zjg5IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6Im13Q0dROXhPQ2JGTWJaUmNBZUEyU0E9PSIsInZhbHVlIjoiVktaVE5WZG90NlVlUTZsUFJOSVdFSnZFV09xTHEvZ2JjYUNsTWlHM09CL2pxeHdlYzhEcjZmU3U1OGE5WTgxSXV5ejRyc21RRStuaXd2UFJkWTc2Y1V2YmpPeWJqN3BENXAxTEtDeXNZL01XSS9PQmt5V1c2Y2kyMHl6M2k5aWMiLCJtYWMiOiJjYWVkMmFiNzE2MWYxMGVhZDFjOWNmYmJjYWEyZTRkMzdjYzhhMzZiYzU1Njg3ZTExYTYxOTZmMGNhOGQyMzRjIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 02 Dec 2023 22:23:00 GMT
content-type: image/svg+xml
last-modified: Fri, 13 Jan 2023 13:29:35 GMT
vary: Accept-Encoding
etag: W/"63c15cbf-2ac"
cache-control: max-age=2592000
cf-cache-status: HIT
age: 246715
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=en6pbihDe7O8ztrcL9XyWD8qAfiNK1WJRFZm2D6xFEUMvldSv8GWH5Jj4jH92Su58T9prZAJsTRrWdSOkZWak0mPVyGSmYXs2loqdaOOD%2BqdoprSp%2FhykS11jnFNMY538A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f6f8cb7bef56b5-OSL
content-encoding: br
X-Firefox-Spdy: h2

lingrethertantin.com/YVhRU3YAOjI+SQBlM3UDEzRsdkQnfWMVEhduZ2AQAmhnN0VUMX8wGg4tNTUEDjYlfRgELHRhMCAVFmJDBAwbBzcJOzcXIzAdGQYnJRkXKzw1LxwbJRkVGgsgVTwDEk8wGgdqOCo2PhI5GDQ3AR0OEgMWHTQAECQuKT9pBDUjOzAXAScUFhFHMBwHPxAlDRs1NAoJAQAzDhASEUcpDgNjEzloNQEjIwkGADAKGhcBETkZOCc7Ny8YBS5RNAMBIAocGQEsJwlhOzoyDikWJSQsGxIBIxwCBQEjOzo7OjINBwk3UWEfFQEsLgkWBSILFyc4ORkXKiUkdSUZJyQCGAAcBhwQFR45CwMgIDloOjYgUBUWFRoWGTU/TysLEBo3OR09GjAWEjUbDiMZBwIFNhkDMDUqaDkZNBltNQsBFggQAlALKz49BlwuM2ZEVQsZYyAx

108.157.214.128

200 OK

3.0 kB

URL GET HTTP/2
lingrethertantin.com/YVhRU3YAOjI+SQBlM3UDEzRsdkQnfWMVEhduZ2AQAmhnN0VUMX8wGg4tNTUEDjYlfRgELHRhMCAVFmJDBAwbBzcJOzcXIzAdGQYnJRkXKzw1LxwbJRkVGgsgVTwDEk8wGgdqOCo2PhI5GDQ3AR0OEgMWHTQAECQuKT9pBDUjOzAXAScUFhFHMBwHPxAlDRs1NAoJAQAzDhASEUcpDgNjEzloNQEjIwkGADAKGhcBETkZOCc7Ny8YBS5RNAMBIAocGQEsJwlhOzoyDikWJSQsGxIBIxwCBQEjOzo7OjINBwk3UWEfFQEsLgkWBSILFyc4ORkXKiUkdSUZJyQCGAAcBhwQFR45CwMgIDloOjYgUBUWFRoWGTU/TysLEBo3OR09GjAWEjUbDiMZBwIFNhkDMDUqaDkZNBltNQsBFggQAlALKz49BlwuM2ZEVQsZYyAx
IP
108.157.214.128:443
ASN
#16509 AMAZON-02

Requested by
https://upfilesurls.com/XC1j
Certificate
IssuerAmazon
Subjectlingrethertantin.com
Fingerprint05:43:5F:62:44:4A:F8:16:0D:0E:1F:DC:05:AA:39:FF:6E:4C:56:B8
ValidityMon, 27 Nov 2023 00:00:00 GMT - Wed, 25 Dec 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3064), with no line terminators
Size
3.0 kB (3038 bytes)
Hash
2ec4256637fc1221e53eb9701b43e63e
128caabcd5bf53720bb9e8b71daf58b88d1c60cc
be84e9e1373ee213be0c656c4ea2e880e82977b65ce1af2cd4a86170205f8275

HTTP Headers

GET /YVhRU3YAOjI+SQBlM3UDEzRsdkQnfWMVEhduZ2AQAmhnN0VUMX8wGg4tNTUEDjYlfRgELHRhMCAVFmJDBAwbBzcJOzcXIzAdGQYnJRkXKzw1LxwbJRkVGgsgVTwDEk8wGgdqOCo2PhI5GDQ3AR0OEgMWHTQAECQuKT9pBDUjOzAXAScUFhFHMBwHPxAlDRs1NAoJAQAzDhASEUcpDgNjEzloNQEjIwkGADAKGhcBETkZOCc7Ny8YBS5RNAMBIAocGQEsJwlhOzoyDikWJSQsGxIBIxwCBQEjOzo7OjINBwk3UWEfFQEsLgkWBSILFyc4ORkXKiUkdSUZJyQCGAAcBhwQFR45CwMgIDloOjYgUBUWFRoWGTU/TysLEBo3OR09GjAWEjUbDiMZBwIFNhkDMDUqaDkZNBltNQsBFggQAlALKz49BlwuM2ZEVQsZYyAx HTTP/1.1
Host: lingrethertantin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html
content-length: 1188
date: Sat, 02 Dec 2023 22:23:01 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 bfeae0ecbffe44ad98e5cd0ae83bdb4a.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: 1dNKck9uAqDNrLZ8ylNNQiJgEOrEATDL7r3Niy0MLW0wRHxnzY7Sjg==
X-Firefox-Spdy: h2

api.demand.supply/v17-21-0/a/upfilesurls.com_fluid_lb+sq_firstpagebeforetitle_1?&dsReferer=dXBmaWxlc3VybHMuY29tL1hDMWo=

104.16.133.22

200 OK

384 B

URL GET HTTP/3
api.demand.supply/v17-21-0/a/upfilesurls.com_fluid_lb+sq_firstpagebeforetitle_1?&dsReferer=dXBmaWxlc3VybHMuY29tL1hDMWo=
IP
104.16.133.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://upfilesurls.com/XC1j
Certificate
IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint49:8A:4B:67:AE:8B:FD:9E:3E:B3:93:78:24:C6:5A:6A:8C:3C:A5:F4
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (454), with no line terminators
Size
384 B (384 bytes)
Hash
e648c3ec5d02fbb21b272f7a2510d631
00f258f5882494d226941418b15cf35ab0ff2c09
3ad136f3c290a5f90967a40b31d1dd54420c37eddad240497ab6046e56bd4f1c

HTTP Headers

GET /v17-21-0/a/upfilesurls.com_fluid_lb+sq_firstpagebeforetitle_1?&dsReferer=dXBmaWxlc3VybHMuY29tL1hDMWo= HTTP/1.1
Host: api.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 02 Dec 2023 22:23:02 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
etag: W/"180-/HxcY3Bjgub8ioYkePq8iAfehto"
cf-cache-status: HIT
age: 3530
set-cookie: __cf_bm=tHNOajIJ38KUhS.wEZhW92Rpas6sePCzcDvD_bbhO6w-1701555782-0-AS+an8CzNPBZ/0PAzq6XNX1lhSsCHuQWPxjb9DvW0hKgOjohhk82iWB/vraeXQJy/gOWrw3/ibSDFVc1O0xlJv8=; path=/; expires=Sat, 02-Dec-23 22:53:02 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 82f6f8d5fe1156cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

datatechone.com/log/add?cid=099bff94-57af-4b2b-a42c-300c65c51697

37.48.68.71

200 OK

2 B

URL POST HTTP/1.1
datatechone.com/log/add?cid=099bff94-57af-4b2b-a42c-300c65c51697
IP
37.48.68.71:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://upfilesurls.com/XC1j
Certificate
IssuerSectigo Limited
Subjectdatatechone.com
Fingerprint8E:B7:22:E4:97:95:3C:60:FC:7C:41:39:A6:B7:B7:E2:48:B2:D0:18
ValiditySun, 18 Dec 2022 00:00:00 GMT - Sun, 24 Dec 2023 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /log/add?cid=099bff94-57af-4b2b-a42c-300c65c51697 HTTP/1.1
Host: datatechone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1376
Origin: https://upfilesurls.com
DNT: 1
Connection: keep-alive
Referer: https://upfilesurls.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sat, 02 Dec 2023 22:23:01 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://upfilesurls.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

upfilesurls.com/XC1j

104.26.8.138

200 OK

88 kB

URL User Request GET HTTP/2
upfilesurls.com/XC1j
IP
104.26.8.138:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectupfilesurls.com
FingerprintC4:06:EA:F3:4B:AA:F0:43:B3:17:05:E3:66:A4:76:2C:54:9D:91:CF
ValidityMon, 20 Nov 2023 19:51:53 GMT - Sun, 18 Feb 2024 19:51:52 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (58751)
Size
88 kB (87919 bytes)
Hash
31616fabfd8287706ccc477d3dc9935a
58e41fdc405dd5c4115790dd36382c99161086de
7ad683f5ef3c1e18715aa19da19a9d9e732d24408fbc1704d39ae3b515ed2dba

HTTP Headers

GET /XC1j HTTP/1.1
Host: upfilesurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InJxQml3VHpRT09FM29JMnA2cjdTVUE9PSIsInZhbHVlIjoiQnpWQStWL2paL1FJZ2FXd0plb3VuSkViVVlGWm55V1dpSGxWU3Z2V05DcXNKMU1kbEZWdjd4WWVZWGI2ZmVpM0dkWDc4TDh6OUhFeTNWQmwxayt0djNVdWkxZnNlcTlUc1h3VkFPemptQnQ4U0FXdFF5ZDVVM1V3U2Fvc3NlT1AiLCJtYWMiOiJmNTliYTUwZjgyNGY5MzBlZDRmNjVmNjE1YjA1Yjk4ZmFjNTNhODEyNzhkYWQ2NWU5NzA2MmVmNmIyYTNhMGIyIiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6IjlvZkFid0d6K1VmUGwrVVd3WWplU2c9PSIsInZhbHVlIjoidGxOZ255dDlmNWwyTjV6T1BmdVh4NDN1OFdtT2xuQlNqNDdlV3U5anBWRFczMVFNZURacXN2am8wUGppVEtWeUFCNmZjWk5vQWpON1I0cEdqM3ZZMFc0Z2JZVkErbTFNMG5DakNrZXAzQVU0RWN6NCsxQ0ppa2kwY3NkUnFhaGQiLCJtYWMiOiI0NTk2ZDM5ZWNhMGUzZDQ1NWU4ZmE3ZmMyNmIzY2Y1MjgxMGIwZWM0N2ExOTNjNTMxZGFjN2M4NGM3ZjIyN2JiIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 02 Dec 2023 22:22:59 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6InliN2lTblJaV21CUUxOcVVXckxiMXc9PSIsInZhbHVlIjoiUTREdlN4UEJnMm96emxpVExSVm1lSk05cGxpUnF1UmxkM24zZDFFc0tYaUhvSFFDSUZNVVdHOCtuV2JNdjR6Q3JMazAxMmpsbGtQOWlQVjgwL0x2ZlhrMWhIRDlJR1RzSDYyd3VEUW0wc3IzMmROckp2R0xSaVg5VlVHbEswVXgiLCJtYWMiOiI4MmNkYTk4MjJmNGRmNzdmNTQ3NzM3Mjc3NjY5NjQzYzY3ODYyYWM3OGJhZjkwMDRlNGJlMTkyNjZmZmI3Zjg5IiwidGFnIjoiIn0%3D; expires=Sat, 09-Dec-2023 22:22:59 GMT; Max-Age=604800; path=/; samesite=lax
upfiles_session=eyJpdiI6Im13Q0dROXhPQ2JGTWJaUmNBZUEyU0E9PSIsInZhbHVlIjoiVktaVE5WZG90NlVlUTZsUFJOSVdFSnZFV09xTHEvZ2JjYUNsTWlHM09CL2pxeHdlYzhEcjZmU3U1OGE5WTgxSXV5ejRyc21RRStuaXd2UFJkWTc2Y1V2YmpPeWJqN3BENXAxTEtDeXNZL01XSS9PQmt5V1c2Y2kyMHl6M2k5aWMiLCJtYWMiOiJjYWVkMmFiNzE2MWYxMGVhZDFjOWNmYmJjYWEyZTRkMzdjYzhhMzZiYzU1Njg3ZTExYTYxOTZmMGNhOGQyMzRjIiwidGFnIjoiIn0%3D; expires=Sat, 09-Dec-2023 22:22:59 GMT; Max-Age=604800; path=/; httponly; samesite=lax
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tsDz6LJNs7%2FA%2BNdIzNTGPYya8uRWa03JAAm2WHFDPfeL8BSjeqWkGjVKc94YVoAFjasBklL4leZ0V3v16DikmqmubtPXB6qmQQM%2Fd%2FXwBs%2FhFPOZyWxjB7aHc8VqRZEDuA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f6f8c6cf2156b5-OSL
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (30)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations