urlscan.io logo urlscan.io
SecurityTrails logo

upw.io Open in urlscan Pro
2606:4700:3037::ac43:c68f  Public Scan

Go To Rescan Add Verdict Report
URL: https://upw.io/3wh/lf.7z
Submission Tags: falconsandbox
Submission: On August 25 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 24 IPs in 4 countries across 19 domains to perform 85 HTTP transactions. The main IP is 2606:4700:3037::ac43:c68f, located in United States and belongs to CLOUDFLARENET, US. The main domain is upw.io.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 12th 2022. Valid for: a year.
This is the only time upw.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
34 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
9 23.47.212.127 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a03:2880:f00... 32934 (FACEBOOK)
2 2001:4860:480... 15169 (GOOGLE)
1 142.250.186.66 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f10... 32934 (FACEBOOK)
1 23.47.209.169 16625 (AKAMAI-AS)
3 2a00:1450:400... 15169 (GOOGLE)
2 151.101.65.140 54113 (FASTLY)
2 151.101.128.84 54113 (FASTLY)
85 24
34    2606:4700:3037::ac43:c68f (United States)

ASN13335 (CLOUDFLARENET, US)
upw.io
2    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
9    23.47.212.127 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-212-127.deploy.static.akamaitechnologies.com
s7.addthis.com
v1.addthisedge.com
m.addthis.com
api-public.addthis.com
2    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700:440e::ac40:9c1a (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2606:4700:3030::ac43:855f (United States)

ASN13335 (CLOUDFLARENET, US)
analytics.trustedstats.com
2    2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    23.47.209.169 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-209-169.deploy.static.akamaitechnologies.com
z.moatads.com
3    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    151.101.65.140 (United States)

ASN54113 (FASTLY, US)
www.reddit.com
2    151.101.128.84 (United States)

ASN54113 (FASTLY, US)
widgets.pinterest.com
Apex Domain
Subdomains		 Transfer
34 upw.io
upw.io
317 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 123
tpc.googlesyndication.com — Cisco Umbrella Rank: 159
217 KB
8 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 1532
m.addthis.com — Cisco Umbrella Rank: 1472
api-public.addthis.com — Cisco Umbrella Rank: 4423
218 KB
5 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 52
stats.g.doubleclick.net — Cisco Umbrella Rank: 108
10 KB
3 google.com
adservice.google.com — Cisco Umbrella Rank: 88
www.google.com — Cisco Umbrella Rank: 9
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 45
region1.google-analytics.com — Cisco Umbrella Rank: 3094
20 KB
2 pinterest.com
widgets.pinterest.com — Cisco Umbrella Rank: 7145
417 B
2 reddit.com
www.reddit.com — Cisco Umbrella Rank: 3021
1 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 111
503 B
2 google.de
adservice.google.de — Cisco Umbrella Rank: 8811
www.google.de — Cisco Umbrella Rank: 6076
1 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 158
111 KB
2 trustedstats.com
analytics.trustedstats.com
23 KB
2 gstatic.com
fonts.gstatic.com
62 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
114 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 54
2 KB
1 addthisedge.com
v1.addthisedge.com — Cisco Umbrella Rank: 1726
749 B
1 moatads.com
z.moatads.com — Cisco Umbrella Rank: 423
1 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 882
640 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1113
5 KB
85 19
Domain Requested by
34 upw.io upw.io
static.cloudflareinsights.com
6 pagead2.googlesyndication.com upw.io
pagead2.googlesyndication.com
tpc.googlesyndication.com
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
4 s7.addthis.com upw.io
s7.addthis.com
3 api-public.addthis.com s7.addthis.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 widgets.pinterest.com s7.addthis.com
2 www.reddit.com s7.addthis.com
2 www.facebook.com upw.io
2 www.google.com upw.io
tpc.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net upw.io
connect.facebook.net
2 analytics.trustedstats.com upw.io
analytics.trustedstats.com
2 fonts.gstatic.com fonts.googleapis.com
2 www.googletagmanager.com upw.io
www.googletagmanager.com
2 fonts.googleapis.com upw.io
1 m.addthis.com s7.addthis.com
1 v1.addthisedge.com s7.addthis.com
1 z.moatads.com s7.addthis.com
1 www.google.de upw.io
1 stats.g.doubleclick.net www.google-analytics.com
1 region1.google-analytics.com www.googletagmanager.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 static.cloudflareinsights.com upw.io
85 26

This site contains links to these domains. Also see Links.

Domain
yetishare.com
mfscripts.com
www.wikihow.com
www.youtube.com
cookiesandyou.com
www.addthis.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-12 -
2023-06-12		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
odc-addthis-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-27 -
2023-02-28		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-06-04 -
2022-09-02		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-11-27 -
2022-11-29		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-03 -
2022-12-30		 6 months crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-28 -
2023-08-08		 a year crt.sh

This page contains 10 frames:

Primary Page: https://upw.io/3wh/lf.7z
Frame ID: D1204CC9EF5F2B2F16C8AF3775412FB4
Requests: 73 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220824/r20190131/zrt_lookup.html
Frame ID: BF429D19B0BC9B3098774EB6590B4A06
Requests: 1 HTTP requests in this frame

Frame: https://upw.io/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1661457600
Frame ID: 50DCB7071FE3E4809A2EA69E471A9B11
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1133021330236356&output=html&adk=1812271804&adf=3025194257&lmt=1661459672&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Fupw.io%2F3wh%2Flf.7z&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661459672473&bpp=3&bdt=360&idt=228&shv=r20220824&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6820186047891&frm=20&pv=2&ga_vid=664397187.1661459673&ga_sid=1661459673&ga_hid=627153111&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068920&oid=2&pvsid=4131349434552541&tmod=512320922&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=243
Frame ID: 08BDE17B8A790FE3BEAAE5A2C63F179F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1133021330236356&output=html&h=280&slotname=6072484026&adk=4075648247&adf=1289714761&pi=t.ma~as.6072484026&w=700&fwrn=4&fwrnh=100&lmt=1661459672&rafmt=1&psa=0&format=700x280&url=https%3A%2F%2Fupw.io%2F3wh%2Flf.7z&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661459672476&bpp=2&bdt=363&idt=245&shv=r20220824&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6820186047891&frm=20&pv=1&ga_vid=664397187.1661459673&ga_sid=1661459673&ga_hid=627153111&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=450&ady=282&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068920&oid=2&pvsid=4131349434552541&tmod=512320922&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ddz0fKba8v&p=https%3A//upw.io&dtd=249
Frame ID: 780F2FFDACB9669341EA743BEB46C193
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1133021330236356&output=html&h=420&slotname=2767378426&adk=1190603583&adf=4129017712&pi=t.ma~as.2767378426&w=700&cr_col=4&cr_row=2&fwrn=2&lmt=1661459672&rafmt=9&psa=0&format=700x420&url=https%3A%2F%2Fupw.io%2F3wh%2Flf.7z&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661459672478&bpp=1&bdt=365&idt=251&shv=r20220824&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C700x280&nras=1&correlator=6820186047891&frm=20&pv=1&ga_vid=664397187.1661459673&ga_sid=1661459673&ga_hid=627153111&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=450&ady=1555&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068920&oid=2&pvsid=4131349434552541&tmod=512320922&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hfbuQYkw88&p=https%3A//upw.io&dtd=253
Frame ID: 490EA5FC878FFEDCC44173063BADA6AE
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 3E67FF5F4695E3D782C9F2D10AC63F2C
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 03B2D63F538B0E4AD3B57BB14ADE8D87
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 15DDED4060EEB5B65FE0EF9EAFA92431
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3D195D06A21B393F66F271B4E7E79377
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

lf.7z - UPW.IOFacebookTwitterRedditPinterestWhatsAppMessengerLinkedInAddThisFacebookTwitterRedditPinterestWhatsAppMessengerLinkedInAddThis

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • addthis\.com/js/
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • dataTables.*\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • /flickity(?:\.pkgd)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+lightbox(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • piwik\.js|piwik\.php
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

85
Requests

99 %
HTTPS

78 %
IPv6

19
Domains

26
Subdomains

24
IPs

4
Countries

1107 kB
Transfer

3250 kB
Size

17
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

85 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request lf.7z
upw.io/3wh/ 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://upw.io/3wh/lf.7z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3dffc390c00490083b9b7e67a165ced7d507578a5cdbe265aaa698db09c9897

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate no-cache
cf-cache-status
BYPASS
cf-ray
74071be5cfdf5a07-MXP
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 25 Aug 2022 20:34:32 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PJtoK%2BVYj174n1dRg0y%2Fiu8Suoxdsb0JccakrWavfvVb7weSrcUog%2B5uo5vhcaC828bee81KeYWWDR6rOkoGg5oQI0ZBKYIFgGHAACGuyV1l1PPKUU9jGs3ZrwpvHFVv1GodXxE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
bootstrap.min.css
upw.io/themes/spirit/assets/frontend/css/ 		75 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://upw.io/themes/spirit/assets/frontend/css/bootstrap.min.css
Requested by
Host: upw.io
URL: https://upw.io/3wh/lf.7z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2642f94894419d1cebdc4a010b9380a7403063dd6d28ea8a80bd5ebd01186732

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/3wh/lf.7z
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 20:34:32 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 18 Oct 2020 07:16:16 GMT
server
cloudflare
etag
W/"5f8bebc0-12c7a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4C9srk76E297LXHoIKp%2F%2Fy9cOy52tEv7XVnHsKLpL8W6sjHgoBju4lDoAD5PF%2Bg2XpUkEXsC5UnCGZTN1oi0xSwbyt9P2bXxe6uM88Ixflajp2374fvg4BeOdf0VH2mfT3fGFLA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74071be6ea275a07-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
stack-interface.css
upw.io/themes/spirit/assets/frontend/css/ 		2 KB
780 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://upw.io/themes/spirit/assets/frontend/css/stack-interface.css
Requested by
Host: upw.io
URL: https://upw.io/3wh/lf.7z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc3e1c7f25f8898edf9bba53c1cf0730271371e373bdd4dad4535cecedf85ba3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/3wh/lf.7z
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 20:34:32 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=3160
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 18 Oct 2020 07:16:16 GMT
server
cloudflare
etag
W/"5f8bebc0-c58"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NlEdfmgfuiSnJ9hZ23CYBnUG1z%2B7gXPAphOCn7VDrqfPZ4eeC8ASexGQMQwnSCVEbJP5ZEQiszXbhOks9%2Fb%2Bwesn3Jr%2FaF7UxgycyUjxGj9otcqkQ2NQtFyiqFu1O2tJNHMj6CY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
74071be6ea405a07-MXP
cf-bgj
minify
socicon.css
upw.io/themes/spirit/assets/frontend/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://upw.io/themes/spirit/assets/frontend/css/socicon.css
Requested by
Host: upw.io
URL: https://upw.io/3wh/lf.7z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcb499166a81c2c68de921f186c95ed6c29859acf2a07422c15ddb1f4b9e7686

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/3wh/lf.7z
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 20:34:32 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=9838
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 18 Oct 2020 07:16:16 GMT
server
cloudflare
etag
W/"5f8bebc0-266e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l5FzcWvWhXSDK6qYA9zMY1zUzCvyPfseOLfhg7%2BmYU8GXiMFI8VoIGbxZaq8HgoZADdcioKii011krQzQdJe28dbYIrAQaoH930VMxmX7Rs1k2yK04zv6f3ZYwLJ5DVsdqHV%2BGU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
74071be6ea415a07-MXP
cf-bgj
minify
lightbox.min.css
upw.io/themes/spirit/assets/frontend/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://upw.io/themes/spirit/assets/frontend/css/lightbox.min.css
Requested by
Host: upw.io
URL: https://upw.io/3wh/lf.7z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9f33dca7f9a5a735a0a03502993e0a092df81d820beb1ed4071e4611a9630ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/3wh/lf.7z
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 20:34:32 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 18 Oct 2020 07:16:16 GMT
server
cloudflare
etag
W/"5f8bebc0-f31"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DSnkJnup%2FgZ9678TG1SkCcoNlPP0hmRyuvqrOdPfLVroX8BWwPwiU6EZg%2BUqs%2FUJhnV49CYOWgjPQN9mW6AnD%2B9vOlu80dd4sZ4Nb0t4WzX7Ue4nCuks6a%2B6xP859VGlUzJdtF0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74071be6ea435a07-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
flickity.css
upw.io/themes/spirit/assets/frontend/css/ 		2 KB
905 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://upw.io/themes/spirit/assets/frontend/css/flickity.css
Requested by
Host: upw.io
URL: https://upw.io/3wh/lf.7z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cca9c2524a2c257cc53c398be0731ec07a02159b8a8f02dc5995a820808ebef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/3wh/lf.7z
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 20:34:32 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=2521
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 18 Oct 2020 07:16:16 GMT
server
cloudflare
etag
W/"5f8bebc0-9d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P63N0%2Be9u7A0RopyfJBKOibk9dXiJIMqIR707vO6C5oitwgHhu6lS17CXqBeU6dVH6tMpuPioZO9sDwU%2B1Yy3sPfKp%2FNI2mv5o%2BlRFtkCJL1QeGG3JxUfI8ja6LukFk7qBsvhzc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
74071be6ea445a07-MXP
cf-bgj
minify
iconsmind.css
upw.io/themes/spirit/assets/frontend/css/ 		80 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://upw.io/themes/spirit/assets/frontend/css/iconsmind.css
Requested by
Host: upw.io
URL: https://upw.io/3wh/lf.7z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38391d0c01d7fee8c61a80c9b507ef05d0cb76876a42feebded8b06905015d13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/3wh/lf.7z
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 20:34:32 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=102727
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 18 Oct 2020 07:16:16 GMT
server
cloudflare
etag
W/"5f8bebc0-19147"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XB2hk4k58yejKC%2FkTPhM0%2Fjd55JfE4ZJyNnc%2BQyOxAFSsJR%2B4WQeuzBgg%2FQbQrzW%2FZcO%2BlU5nM9YFwX90YcUoTZSOPk6n2VeDqI5PSALkhnFHN8PK19nm2WkT9gaRnhUh95WSX0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
74071be6ea455a07-MXP
cf-bgj
minify
jquery.steps.css
upw.io/themes/spirit/assets/frontend/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://upw.io/themes/spirit/assets/frontend/css/jquery.steps.css
Requested by
Host: upw.io
URL: https://upw.io/3wh/lf.7z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a92a98c5f5245daff1abaff565ae26359f85d4cd1d383ff6e50cd599cf5b3e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/3wh/lf.7z
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 20:34:32 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=6019
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 18 Oct 2020 07:16:16 GMT
server
cloudflare
etag
W/"5f8bebc0-1783"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ksYrN6z6lbNkWz9B3tRvU%2FB5l07SzWVsVbM6o%2Bu5UJyg63OTTWn3cR0GK1zd%2FsN1fCFhjN12H4F%2BDOCeTvStbpbfzgbKKsREsXHnXsDG2BRmgk4HdPSN49VlFY3c7xReqfUoEHs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
74071be6ea475a07-MXP
cf-bgj
minify
cookiealert.css
upw.io/themes/spirit/assets/frontend/css/ 		12 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://upw.io/themes/spirit/assets/frontend/css/cookiealert.css
Requested by
Host: upw.io
URL: https://upw.io/3wh/lf.7z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b712033ea1c370616c3105391e98e4867cea0159be8444ddd20249ea9888c950

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/3wh/lf.7z
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 20:34:32 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=12369
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 18 Oct 2020 07:16:16 GMT
server
cloudflare
etag
W/"5f8bebc0-3051"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SZMmY48vRTbq7oNR%2BWvIsiXD8JnuAIYUN6v8HgVWMsqCP4t3jiJpyDOr5pJvxY3hcnnXZPZvCA2hcAttAukzWMv5febifvJVA0%2FYT3r0I0bLNtP3vS9v4OxeDvroQ9qmF%2FUwJSk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
74071be6ea485a07-MXP
cf-bgj
minify
theme.css
upw.io/themes/spirit/assets/frontend/css/ 		158 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://upw.io/themes/spirit/assets/frontend/css/theme.css
Requested by
Host: upw.io
URL: https://upw.io/3wh/lf.7z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6e5770d873b4f9e048c7b3ebd66b0884ce02799cbf4e8d5036386e55e707e57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/3wh/lf.7z
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 20:34:32 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=206456
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 18 Oct 2020 07:16:16 GMT
server
cloudflare
etag
W/"5f8bebc0-32678"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mRL01A%2F5CM7AHB5UoQw1LDg%2BL4D5zTSXFdycEdZGCnGMp5WbbPXwT8PSjWrOckk7qhuUoWovvngGmBg2G0wtaUFnji3itL5rkc%2FmcS1UCuWRw9XbzaLF%2B3jVuUiX%2FyOzNirqeaw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
74071be6ea495a07-MXP
cf-bgj
minify
tangerine.css
upw.io/themes/spirit/assets/frontend/css/theme/ 		158 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://upw.io/themes/spirit/assets/frontend/css/theme/tangerine.css
Requested by
Host: upw.io
URL: https://upw.io/3wh/lf.7z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e7fa543586285f42f9ec7902918d70535973c4ac80a4389b17dcf3413c92418

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/3wh/lf.7z
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 20:34:32 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=206493
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 18 Oct 2020 07:16:16 GMT
server
cloudflare
etag
W/"5f8bebc0-3269d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=toLbPrLm%2Fuzk29BqXzowo11uEqH74dCe52CVxNO9WypRhnF104YkXLA3ftYQe3JWi1mHTma3to3psOh3CrYL6Smcfzo48taWbxFbsaj6psIsaEEzM437VuAzzoaWgEB571YWpyc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
74071be6ea4b5a07-MXP
cf-bgj
minify
font-awesome.min.css
upw.io/themes/spirit/assets/frontend/css/ 		58 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://upw.io/themes/spirit/assets/frontend/css/font-awesome.min.css
Requested by
Host: upw.io
URL: https://upw.io/3wh/lf.7z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5d7f0d9e646698b20734ce6dcc2c0a8ecf6ebe27b4b7625bfcf42c4416fb7ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/3wh/lf.7z
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 20:34:32 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 18 Oct 2020 07:16:16 GMT
server
cloudflare
etag
W/"5f8bebc0-e6ef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dYZB1zNPmZ2Smrrrkh8nV4rWW1Avjsg7RKmzJLwxxBHBqCtt7ldkpuu%2FD%2FySRZnzPIfWxJbllQlmPNe5ch7FV36oLAeD%2BAZEaQeSFngDloVuDEH74CjNrSne95tvi5kVhTycrO0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74071be70a7a5a07-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
custom.css
upw.io/themes/spirit/assets/frontend/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://upw.io/themes/spirit/assets/frontend/css/custom.css
Requested by
Host: upw.io
URL: https://upw.io/3wh/lf.7z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ba990faaad8198719efac063a6ec699b548708b555a3ef7821fd6899a8556ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/3wh/lf.7z
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 20:34:32 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=8936
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 04 Feb 2021 17:28:50 GMT
server
cloudflare
etag
W/"601c2ed2-22e8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jUApQVD4NeNGKljWdkk9q1hhoGzTV3e%2FRVBY%2F2aYTgMWB9bA3H7m4TNi%2FAAaaBf23lskXyYnbt2zSziyx9kFgpdRLQYIsuYZYwXrJhPh7j4U8gjgLc1gCqnZViDnxDLRMw0uEKE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
74071be70a7b5a07-MXP
cf-bgj
minify
css
fonts.googleapis.com/ 		19 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i
Requested by
Host: upw.io
URL: https://upw.io/3wh/lf.7z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c5f690ea1f752b40ea9bb8a23ecbd0d04ff541bb9c64eb22820d2a43b0a5f9d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 19:46:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 25 Aug 2022 20:34:32 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 25 Aug 2022 20:34:32 GMT
icon
fonts.googleapis.com/ 		569 B
440 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: upw.io
URL: https://upw.io/3wh/lf.7z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
13b6581e5665a9e516751b0326354eaeb7853be7cbe4153adc6cad59b683e889
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 20:34:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 25 Aug 2022 20:34:32 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 25 Aug 2022 20:34:32 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		165 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: upw.io
URL: https://upw.io/3wh/lf.7z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fbf0e2c9f01a23208edd71a94d31dc97b7c4f37f18974d2d5060ba692df6f5c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 20:34:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58234
x-xss-protection
0
server
cafe
etag
7145071565132050104
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 25 Aug 2022 20:34:32 GMT
addthis_widget.js
s7.addthis.com/js/300/ 		353 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: upw.io
URL: https://upw.io/3wh/lf.7z
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.212.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-212-127.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
cache-control
public, max-age=600
date
Thu, 25 Aug 2022 20:34:33 GMT
x-host
s7.addthis.com
content-length
116325
logo_inverse.png
upw.io/cache/themes/spirit/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upw.io/cache/themes/spirit/logo_inverse.png
Requested by
Host: upw.io
URL: https://upw.io/3wh/lf.7z
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86e9627f38621481d60d51f4bed9e425b31d1741d0c49dfd15c78e3d92497d6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/3wh/lf.7z
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 20:34:32 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 09 Apr 2021 11:59:49 GMT
server
cloudflare
etag
"607041b5-e35"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ao4PQ15CziCWd2pN5v8Er8UqNqARC4zK47tdgnCERQabiJ0rDyNcsZd7GW6B600ZhhhliU9SZrN3yK6EIkh7TcnXSB3twUFLHaR8o4upDKdleB9KuW1Tw3tpaSGu2JdDtT%2F3U5Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74071be81aadbad6-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3637
logo.png
upw.io/cache/themes/spirit/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upw.io/cache/themes/spirit/logo.png
Requested by
Host: upw.io
URL: https://upw.io/3wh/lf.7z
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86e9627f38621481d60d51f4bed9e425b31d1741d0c49dfd15c78e3d92497d6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/3wh/lf.7z
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 20:34:32 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 09 Apr 2021 11:59:49 GMT
server
cloudflare
etag
"607041b5-e35"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VEP91rl8zFurtOSx%2FiZd%2FBbXkkuLEPYV%2FNgbjiR%2B5UlyfVBEBv6FA36aORD2FhBSdMh6iM2rwR%2B%2Bz%2F%2BZ7reljGQdt%2FapUemqqG8wCXqIf9KTH0%2FYBmuYz7%2FAYLFRPdmHHLLq1JQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74071be81aaebad6-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3637
7z.png
upw.io/themes/spirit/assets/images/file_icons/512px/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upw.io/themes/spirit/assets/images/file_icons/512px/7z.png
Requested by
Host: upw.io
URL: https://upw.io/3wh/lf.7z
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1db57e8d168f67e0152fb5e1fb907897e022dbd838da4cc6affc8361af28af2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/3wh/lf.7z
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 20:34:32 GMT
cf-cache-status
MISS
last-modified
Sun, 18 Oct 2020 07:16:22 GMT
server
cloudflare
etag
"5f8bebc6-a413"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2Fen1gyZRejdOoo6KQROvnot0sZqfN%2B8y0Z0S4QKTirvDuTVquMVNK0x3VExAydd%2BR4xbfAOBdRNIuFo%2FYDRCNZ%2FTGdtll9zx%2BqhzU8qAGOyudkHASosQFzVgJxJEvueHgTTW%2FY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74071be81ab0bad6-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
42003
jquery-3.1.1.min.js
upw.io/themes/spirit/assets/frontend/js/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://upw.io/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js
Requested by
Host: upw.io
URL: https://upw.io/3wh/lf.7z
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/3wh/lf.7z
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 20:34:32 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 18 Oct 2020 07:16:16 GMT
server
cloudflare
etag
W/"5f8bebc0-152b9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QBDjqr9NWYAi7cnGgfWPNcreWxQ8lYI%2Bq%2F5delGkue1JTHawLFUDpv5WIgAfYW%2BafpDHvTJk5I7G06x1D8gqLW%2FsaefIMBe0L6fqAl%2BbXJJVGy%2BT5JStpYazRak95EN6X9azQuQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74071be80a6cbad6-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.dataTables.min.js
upw.io/themes/spirit/assets/frontend/js/ 		68 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://upw.io/themes/spirit/assets/frontend/js/jquery.dataTables.min.js
Requested by
Host: upw.io
URL: https://upw.io/3wh/lf.7z
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ef749c3869991924150dc932c48cd57bf69ac25a378bb2e14f8e1733c17406f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/3wh/lf.7z
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 20:34:32 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 18 Oct 2020 07:16:16 GMT
server
cloudflare
etag
W/"5f8bebc0-1107a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BKAzEiv%2Fspb%2FMZ4XY9pLVslL22oEGeT4YIdGlFEYKIZxzwkt7NH4yLe0Wxn4TO7HB0mvRnyk4l447S4kXhrXCEazFzU702nlUFKW8uZKQpk65iBCgXW2WMKLl2xNakUnaczzPBY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74071be80a7ebad6-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
flickity.min.js
upw.io/themes/spirit/assets/frontend/js/ 		53 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://upw.io/themes/spirit/assets/frontend/js/flickity.min.js
Requested by
Host: upw.io
URL: https://upw.io/3wh/lf.7z
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0b706b9b1ca12b631496228a0eb0fe15ccb14f21ab554f6c4b4f20474e4d3a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/3wh/lf.7z
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 20:34:32 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 18 Oct 2020 07:16:16 GMT
server
cloudflare
etag
W/"5f8bebc0-d271"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CBs3rUCdrq82eLy3RKyCwEY1YAKi9fhKpNTrym0U8ePWjJDyraGXauCmG6qZOlTLBBMs6ksAFXzK5etduMfd7MyB4Lc0AwdntZvUEulIzcSybOkexekXrOdj2uadOngifuTQQ7Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74071be81a94bad6-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
typed.min.js
upw.io/themes/spirit/assets/frontend/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://upw.io/themes/spirit/assets/frontend/js/typed.min.js
Requested by
Host: upw.io
URL: https://upw.io/3wh/lf.7z
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
914df93a9770d8a0e132b6ce3e8f1cfba0e0fae8f3b9002a3f0eb47c3d0cc97b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/3wh/lf.7z
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 20:34:32 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 18 Oct 2020 07:16:16 GMT
server
cloudflare
etag
W/"5f8bebc0-f6d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2BPnb2sVmuYKkEbAhk4zjQSdbzxHo%2BwFky5SWutk%2ByQ%2Fe9i6NNmVWeo4fu7yxGtXfS3u%2BdgZo6uWK62BdP5aXDyKjUYI9EPRobo2Yvq8iq3zmRGzmfxjlwWHaSTtfQsyZzn1Ars%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74071be81a97bad6-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
datepicker.js
upw.io/themes/spirit/assets/frontend/js/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://upw.io/themes/spirit/assets/frontend/js/datepicker.js
Requested by
Host: upw.io
URL: https://upw.io/3wh/lf.7z
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6919dd92f8162e9d8b6642769217b9472c5bf423cdf82df50301a8af50ee53a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/3wh/lf.7z
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 20:34:32 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=20975
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 18 Oct 2020 07:16:16 GMT
server
cloudflare
etag
W/"5f8bebc0-51ef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4aLwugz8w65Hk0PIliiRrQNEUrFd7km9lEKUV2DNJ03z0c3zTAAGkbXGMkGjOsyMDnsOydEQX6Xjqf2uaO9YTosEvYfPPZRaE0GP1oouk2V8VCgpf%2BS1P0cdGAsoanzKMAPVzGA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
74071be81a99bad6-MXP
cf-bgj
minify
granim.min.js
upw.io/themes/spirit/assets/frontend/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://upw.io/themes/spirit/assets/frontend/js/granim.min.js
Requested by
Host: upw.io
URL: https://upw.io/3wh/lf.7z
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e70b27194b8793b68cccee28a6d8a1e39aae2ce5d28d5e71ac204d7a3ac164e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/3wh/lf.7z
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 20:34:32 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 18 Oct 2020 07:16:16 GMT
server
cloudflare
etag
W/"5f8bebc0-298b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sGg5YF09h0RtcYMvRxuXOz7o6d5cTubm7oN03bvkUpiN5dksDLqvI2xbtQ3%2FjxeOecM8z5wyBqWdgscudxkg8BcZkXw5MjgpR7bvFBFAuEPCBu6NTUje1RhgA%2BTRawKTd2BMBaw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74071be81a9bbad6-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.steps.min.js
upw.io/themes/spirit/assets/frontend/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://upw.io/themes/spirit/assets/frontend/js/jquery.steps.min.js
Requested by
Host: upw.io
URL: https://upw.io/3wh/lf.7z
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95a14a4473ff130eb29f3cc02e135978505655e3c931b6c3726dedd4f558f843

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/3wh/lf.7z
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 20:34:32 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 18 Oct 2020 07:16:16 GMT
server
cloudflare
etag
W/"5f8bebc0-3626"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ajytKKEdM54mD%2BrrWn8Mjn2am6L299JB5zyXIvuxQz8Aakae8YIYoV0px3d6V1doJWj%2F6DheRWDaihCq%2BYeqJZNQntwH4F%2F4i%2FMQkrKcDi40AdlCC7p8D%2F6epZYtvH9CACLCCF8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74071be81a9ebad6-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
countdown.min.js
upw.io/themes/spirit/assets/frontend/js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://upw.io/themes/spirit/assets/frontend/js/countdown.min.js
Requested by
Host: upw.io
URL: https://upw.io/3wh/lf.7z
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f195573d6fa06641814b476fea2b92579c983cac46d683f356238207692c9f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/3wh/lf.7z
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 20:34:32 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 18 Oct 2020 07:16:16 GMT
server
cloudflare
etag
W/"5f8bebc0-14f0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5up3gebHM3MDzW7ccQS1S5tOse2JfcQGzjUo1s9uzpl0aLF1mrxKvudlDu%2BTksNvcaim%2FuUiftut4Gmcg7s9vZ4mgBdXlI7ZnMuocOz8dymyjhaGfBwmuaQY2JDYZ7rRGUrKKFg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74071be81aa1bad6-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
smooth-scroll.min.js
upw.io/themes/spirit/assets/frontend/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://upw.io/themes/spirit/assets/frontend/js/smooth-scroll.min.js
Requested by
Host: upw.io
URL: https://upw.io/3wh/lf.7z
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aeda362b1d693480453b895cbcf8b92629f58240c42ba8c643f0d5d338baf805

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/3wh/lf.7z
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 20:34:32 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 18 Oct 2020 07:16:16 GMT
server
cloudflare
etag
W/"5f8bebc0-178c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=beWeGErLaJBTQg1z8WhT%2FS6JDerEM1L9pBzf6hJfgzpz6g7GkovOa6%2FOatT32mmcd6XgG64TpoRT8fAYPbvV%2F%2BqPLAh0A%2FOVtSq8tMFy6X0w0KtRPi5BcQKnKyU%2FBOkkL7lwVUQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74071be81aa4bad6-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
scripts.js
upw.io/themes/spirit/assets/frontend/js/ 		65 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://upw.io/themes/spirit/assets/frontend/js/scripts.js
Requested by
Host: upw.io
URL: https://upw.io/3wh/lf.7z
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02945e324e7c86a1ee921da7d8fa596a9c11878ccfe839ac70f8badcb674d522

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/3wh/lf.7z
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 20:34:32 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=114862
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 18 Oct 2020 07:16:16 GMT
server
cloudflare
etag
W/"5f8bebc0-1c0ae"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FxtO79BiyoZ3G5CRdUG8vemT0nRmnjwrTY05opJyBfcNtB1oHXbBxvR7zQt35HbNFTBRcYkH%2BlwW3MzszWqEhB2KiiIETFzybfM3F77pxJhjCiX3tRkP2naN7KTV5VOPm1RnMXE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
74071be81aa6bad6-MXP
cf-bgj
minify
adverts.js
upw.io/js/ 		151 B
690 B 		Script
General
Check archive.org
Download Go to
Full URL
https://upw.io/js/adverts.js
Requested by
Host: upw.io
URL: https://upw.io/3wh/lf.7z
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cbbde1fe725b4456ec4d6be8567710907ec8bcc337f4e875e1bd021d50be75e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/3wh/lf.7z
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 20:34:32 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1rOdF%2FWs6wLb69zlw7Pq2I8rXykA4TbVjAY8zGtpaDNEQTuYaWygdey2XGtKjuxIBOmNocW7aWPrNl9feIoMFw%2B7SBv8x0P3PnaHJjHWk3oOU4YBw3jp8g4bsyUUDbuFSLTDlQQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, no-cache
cf-ray
74071be81aaabad6-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
primary.jpg
upw.io/themes/spirit/assets/frontend/img/adblock/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upw.io/themes/spirit/assets/frontend/img/adblock/primary.jpg
Requested by
Host: upw.io
URL: https://upw.io/3wh/lf.7z
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c661391117b70efa486492ff5439d6239ed6bfcca5cf1319ba4ebe7c37cdc72f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/3wh/lf.7z
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 20:34:32 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 18 Oct 2020 07:16:16 GMT
server
cloudflare
etag
"5f8bebc0-3209"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VYw1C4W1DoV8h7yOL2AXXsj1a8NKiJEgi58m8rZtciua%2B1%2FSMyvtesd3wt4Y2HOJj2e%2Fgo4i3reQFVwZgJkw5fT3iR%2B9gLY1oEeub3zyeg2a%2BJcnBBn1oq%2FFacTskgJetE1lgaw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74071be81ab1bad6-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12809
js
www.googletagmanager.com/gtag/ 		110 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-125798141-1
Requested by
Host: upw.io
URL: https://upw.io/3wh/lf.7z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ccf346e2352e94ec43aff72ad0e36a5795ae627ffd0d8f26d5f7b01a1b65d624
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 20:34:32 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43138
x-xss-protection
0
expires
Thu, 25 Aug 2022 20:34:32 GMT
cookiealert.js
upw.io/themes/spirit/assets/frontend/js/ 		935 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://upw.io/themes/spirit/assets/frontend/js/cookiealert.js
Requested by
Host: upw.io
URL: https://upw.io/3wh/lf.7z
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bfe55163fe5f7b2b54961753a79ce8f5bd8d76886479e78be996177ef9a16a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/3wh/lf.7z
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 20:34:32 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=1836
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 18 Oct 2020 07:16:16 GMT
server
cloudflare
etag
W/"5f8bebc0-72c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=06jmuXJKGySXMEb3l85ap9so6P3lcnHMadkqNrnT6kYPzJvKGV5KtJfOCOphNHn3W5j8UM%2FM8VrprmlqYEfbC0hHXH6TUwVkq2XTnu37adDx984ENe9NF2GrmISLLlJfDJeUiiY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
74071be81aacbad6-MXP
cf-bgj
minify
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: upw.io
URL: https://upw.io/3wh/lf.7z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://upw.io/
Origin
https://upw.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 20:34:32 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
74071be87e4ecc62-ZRH
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://upw.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 18:50:34 GMT
x-content-type-options
nosniff
age
265438
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Aug 2023 18:50:34 GMT
stack-interface.woff2
upw.io/themes/spirit/assets/frontend/fonts/ 		4 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://upw.io/themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631
Requested by
Host: upw.io
URL: https://upw.io/themes/spirit/assets/frontend/css/stack-interface.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31205df908aed9881f6d2d3ae7d38975252bf99e38268978b4236dc3c314754b

Request headers

Referer
https://upw.io/themes/spirit/assets/frontend/css/stack-interface.css
Origin
https://upw.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 20:34:32 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 18 Oct 2020 07:16:16 GMT
server
cloudflare
etag
"5f8bebc0-10c4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=egnohPrEPesB0vZTRJ4cMzKn%2BGaf4A0r9lTQj5jX1h4Owg9zp8Ta%2FPwcx0jz%2FlF9xT4%2FvRU%2BMQ2EOGqjx1QI5ncFj2N%2BQ8AI2ThVgaIg3Qj%2BxcrMmp0Vs8GKsE5%2Fj3qrH1P6POw%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74071be82ac0bad6-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4292
memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
fonts.gstatic.com/s/opensans/v34/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ad0a22b0c58240a7a92b4c01aa31f39a5918dea6a8fdfa77e63042abc4fca31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://upw.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 19:14:31 GMT
x-content-type-options
nosniff
age
264001
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17820
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:13:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Aug 2023 19:14:31 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/ 		341 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1133021330236356&plah=upw.io
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966cf0665807185237bd7891e4fefffdee6c8559cb1cc8936fab8f9e2adc48ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 20:34:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124329
x-xss-protection
0
server
cafe
etag
14748275916468895254
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 25 Aug 2022 20:34:32 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220824/r20190131/ Frame BF42 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220824/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://upw.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
81834
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 24 Aug 2022 21:50:38 GMT
etag
8616628553774171045
expires
Wed, 07 Sep 2022 21:50:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
piwik.js
analytics.trustedstats.com/ 		63 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.trustedstats.com/piwik.js
Requested by
Host: upw.io
URL: https://upw.io/3wh/lf.7z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:855f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ae1f50302b0902aac44e88dc58c734bd3475ed4e93718dbc8888dc8fd6c0142
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 20:34:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
public-key-pins
pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
last-modified
Thu, 04 Aug 2022 07:38:38 GMT
server
cloudflare
etag
W/"5c0291a-fbde-5e565700e63a2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Z%2BfDjqXOc%2Fa0%2FChL0CQBvll%2B4BAlpBTbN7Iso95lqZsyLtgIyPDcd%2FBlVBrPApZnPa5Hs6SBYKSUKXV1KyNrLyEB8bihe0eDUEsAg2Xqxvy%2BzYjQfMCkB9OsO9QOZY%2BLiHyQ%2Bn4eOmzHiibmDw4LtGqy2BhDuqziw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=2678400
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
cf-ray
74071be9ff150e26-MXP
fbevents.js
connect.facebook.net/en_US/ 		100 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: upw.io
URL: https://upw.io/3wh/lf.7z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aba13e76e0dfc68cd2710d1745d55c6b210cb2bec6ecd14a541615b685af8564
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26535
x-xss-protection
0
pragma
public
x-fb-debug
uANIxNNJ3dHCtvE/rtGvVbyEkfV8LRQCEVc707RkvcK/Y1GJZh1frRdPHZ4bqISe0pE23UVk8DsPdarHdmsMKA==
x-fb-trip-id
720026100
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 25 Aug 2022 20:34:32 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1661459345150
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
truncated
/ 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe965e0f2d11ae258b9c98c819a32e06af3d19dd8cec9b830780f19ac01ade95

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
invisible.js
upw.io/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 50DC 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://upw.io/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1661457600
Requested by
Host: upw.io
URL: https://upw.io/3wh/lf.7z
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
653cdcbac7cc6211f80bb4984e2f5167869abc8c5ad1ec83f9e4a4557f8191cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 20:34:32 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JM0E8y9fDKNUrHsQgCAHHRu9RbhedzFvNV4fdgR6jNd5urAuymbPngVNqctXLMcr14hh5rD40VOSvYBLbKujTEUW1gI92f%2FtKNh0omW%2FPQKFHRsvrxLEjIFXr6UZv%2Fwb82xY4pQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
74071be99e25bad6-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		199 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-T4291L0VVF&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-125798141-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1e548a23bc0279512f33cbafa6d4f45f9b35bfc7f28eea18eaa78aaf20156f83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 20:34:32 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72863
x-xss-protection
0
expires
Thu, 25 Aug 2022 20:34:32 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-125798141-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
5552
date
Thu, 25 Aug 2022 19:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 25 Aug 2022 21:02:00 GMT
185600485576186
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/185600485576186?v=2.9.77&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e34a240ce9eeafd38be532898cd5a0aef286d35312181a984453973f017609ee
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
XRIVJpV6eR+7SK5MImIcvx0pvu23S+ClbBtgPHc8xv8EwiqzsBlmAq5ebpweysaYX2/Dfe4RhDbbRDhEHyBpjg==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 25 Aug 2022 20:34:32 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1661459672790
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		210 B
640 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=upw.io&callback=_gfp_s_&client=ca-pub-1133021330236356
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1133021330236356&plah=upw.io
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
16c2641810693403cd2ac246afa1a309d2a92ac60070723aef8340f223a8b25f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 20:34:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
195
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=upw.io
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1133021330236356&plah=upw.io
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Aug 2022 20:34:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=upw.io
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1133021330236356&plah=upw.io
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Aug 2022 20:34:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 08BD 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1133021330236356&output=html&adk=1812271804&adf=3025194257&lmt=1661459672&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Fupw.io%2F3wh%2Flf.7z&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661459672473&bpp=3&bdt=360&idt=228&shv=r20220824&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6820186047891&frm=20&pv=2&ga_vid=664397187.1661459673&ga_sid=1661459673&ga_hid=627153111&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068920&oid=2&pvsid=4131349434552541&tmod=512320922&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=243
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1133021330236356&plah=upw.io
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee553498604b3a9c25fe95a9835d495a73bc37436b52b61a92d46e97452a40c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://upw.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
4535
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 25 Aug 2022 20:34:32 GMT
expires
Thu, 25 Aug 2022 20:34:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pica.js
upw.io/cdn-cgi/challenge-platform/h/b/scripts/ Frame 50DC 		19 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://upw.io/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by
Host: upw.io
URL: https://upw.io/3wh/lf.7z
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
485753c1aa5536463530cc7bf6cd186fea4ebcd6a9c9a2c523fb6c484a5302f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 20:34:32 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PU%2Fp1mvfTCpBnULBdGlUgjMpxT2M8O3C39pe3BYtl1BCGheYygJ%2BCLrYjcPsuofi4J00I9yNJCyWh8Rvd6VtRB9bY7Bdpnt99XqXDYn2Rx549Q%2BORrWPnhcX5QvjVPAQMRwRh2c%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
74071bea984cbad6-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ads
googleads.g.doubleclick.net/pagead/ Frame 780F 		436 B
234 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1133021330236356&output=html&h=280&slotname=6072484026&adk=4075648247&adf=1289714761&pi=t.ma~as.6072484026&w=700&fwrn=4&fwrnh=100&lmt=1661459672&rafmt=1&psa=0&format=700x280&url=https%3A%2F%2Fupw.io%2F3wh%2Flf.7z&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661459672476&bpp=2&bdt=363&idt=245&shv=r20220824&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6820186047891&frm=20&pv=1&ga_vid=664397187.1661459673&ga_sid=1661459673&ga_hid=627153111&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=450&ady=282&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068920&oid=2&pvsid=4131349434552541&tmod=512320922&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ddz0fKba8v&p=https%3A//upw.io&dtd=249
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1133021330236356&plah=upw.io
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5923382a85ed3331005a6c1e3c28257ae5bf7c9c23b42e73ca68e45d831c2092
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://upw.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
211
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 25 Aug 2022 20:34:32 GMT
expires
Thu, 25 Aug 2022 20:34:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 490E 		436 B
233 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1133021330236356&output=html&h=420&slotname=2767378426&adk=1190603583&adf=4129017712&pi=t.ma~as.2767378426&w=700&cr_col=4&cr_row=2&fwrn=2&lmt=1661459672&rafmt=9&psa=0&format=700x420&url=https%3A%2F%2Fupw.io%2F3wh%2Flf.7z&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661459672478&bpp=1&bdt=365&idt=251&shv=r20220824&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C700x280&nras=1&correlator=6820186047891&frm=20&pv=1&ga_vid=664397187.1661459673&ga_sid=1661459673&ga_hid=627153111&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=450&ady=1555&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068920&oid=2&pvsid=4131349434552541&tmod=512320922&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hfbuQYkw88&p=https%3A//upw.io&dtd=253
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1133021330236356&plah=upw.io
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bffeb1836f9c01b97d45d07043585cf028e14e467858ce1d40729b25affacc91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://upw.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
210
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 25 Aug 2022 20:34:32 GMT
expires
Thu, 25 Aug 2022 20:34:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=627153111&t=pageview&_s=1&dl=https%3A%2F%2Fupw.io%2F3wh%2Flf.7z&ul=en-us&de=UTF-8&dt=lf.7z%20-%20UPW.IO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=864145574&gjid=119628372&cid=664397187.1661459673&tid=UA-125798141-1&_gid=326293509.1661459673&_r=1&gtm=2ou8o0&z=1225155912
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://upw.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 20:34:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://upw.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
341 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-T4291L0VVF&gtm=2oe8o0&_p=627153111&cid=664397187.1661459673&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1661459672&sct=1&seg=0&dl=https%3A%2F%2Fupw.io%2F3wh%2Flf.7z&dt=lf.7z%20-%20UPW.IO&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T4291L0VVF&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 20:34:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://upw.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
piwik.php
analytics.trustedstats.com/ 		0
817 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.trustedstats.com/piwik.php?action_name=lf.7z%20-%20UPW.IO&idsite=1101&rec=1&r=916900&h=20&m=34&s=32&url=https%3A%2F%2Fupw.io%2F3wh%2Flf.7z&_id=7977f5c93fe9ba77&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=NwcN5f&pf_net=88&pf_srv=158&pf_tfr=3&pf_dm1=444
Requested by
Host: analytics.trustedstats.com
URL: https://analytics.trustedstats.com/piwik.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:855f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://upw.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

date
Thu, 25 Aug 2022 20:34:33 GMT
content-encoding
none
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2FnhOqpCnnQj4mHPXK8%2BDk3e0Ua5WO23NFo57WMo54%2B6XZfF4JN6%2FIFlDms4ofFfJI%2F6Uxya7oMLtRio6lQiLZ7T4lPPfl8c4qnHou%2BHZXDdjnFgLF4Sd%2F9TPghOC%2Fa6kZrdgVRqaYptKj4CYiWVotY54UONTnycUw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://upw.io
access-control-allow-credentials
true
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
cf-ray
74071beb5a9e374d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
public-key-pins
pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
collect
stats.g.doubleclick.net/j/ 		4 B
436 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-125798141-1&cid=664397187.1661459673&jid=864145574&gjid=119628372&_gid=326293509.1661459673&_u=YAhAAUAAAAAAAC~&z=1514173149
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://upw.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 25 Aug 2022 20:34:32 GMT
content-type
text/plain
access-control-allow-origin
https://upw.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
74071be5cfdf5a07
upw.io/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 50DC 		2 B
712 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://upw.io/cdn-cgi/challenge-platform/h/b/cv/result/74071be5cfdf5a07
Requested by
Host: upw.io
URL: https://upw.io/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1661457600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 25 Aug 2022 20:34:33 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RjTIbykzwYFE72pQJTZm0gq9z3nkl4KmlRCdcyCQUCItABKOEJPqJdkZo%2BJIC5fiGbLH8A50IJHNAhOdvX%2FDpjbvhv8f%2BnDY1KwCKkzzRTKbeqGR7rg3RyFdJiLBhehBpcG8Ym4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
74071bec4c17bad6-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-125798141-1&cid=664397187.1661459673&jid=864145574&_u=YAhAAUAAAAAAAC~&z=152044457
Requested by
Host: upw.io
URL: https://upw.io/3wh/lf.7z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 20:34:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-125798141-1&cid=664397187.1661459673&jid=864145574&_u=YAhAAUAAAAAAAC~&z=152044457
Requested by
Host: upw.io
URL: https://upw.io/3wh/lf.7z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 20:34:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=185600485576186&ev=PageView&dl=https%3A%2F%2Fupw.io%2F3wh%2Flf.7z&rl=&if=false&ts=1661459673021&sw=1600&sh=1200&v=2.9.77&r=stable&ec=0&o=30&fbp=fb.1.1661459673020.1660406855&it=1661459672690&coo=false&rqm=GET
Requested by
Host: upw.io
URL: https://upw.io/3wh/lf.7z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 20:34:33 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Thu, 25 Aug 2022 20:34:33 GMT
moatframe.js
z.moatads.com/addthismoatframe568911941483/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.209.169 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-209-169.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

unused62
8096267
date
Thu, 25 Aug 2022 20:34:33 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
3DA20F33DFB043F4
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=29829
accept-ranges
bytes
content-length
948
x-amz-id-2
g7+QTkfgFpKXdjIV1ns3PedgNVHG4mi9TLupYfjziOmGieTRD5DTu0V21U3C4oqBbTG5njMGxL0=
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220824&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1133021330236356&plah=upw.io
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b142e3368e788c7698bbb62806ab08905143226856a3607169e62e4f29873bb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Aug 2022 20:34:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11108
x-xss-protection
0
_ate.track.config_resp
v1.addthisedge.com/live/boost/ra-5bb485f7f8e7089f/ 		2 KB
749 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.addthisedge.com/live/boost/ra-5bb485f7f8e7089f/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.212.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-212-127.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7e59247db457a7bffc77323689ae623874b5407bc7943b10c4c27548c26bdd82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 20:34:34 GMT
content-encoding
gzip
etag
-1194061569--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=53, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
572
300lo.json
m.addthis.com/live/red_lojson/ 		89 B
249 B 		Script
General
Check archive.org
Download Go to
Full URL
https://m.addthis.com/live/red_lojson/300lo.json?si=6307dcd9ed8a7571&bkl=0&bl=1&pdt=266&sid=6307dcd9ed8a7571&pub=ra-5bb485f7f8e7089f&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=upw.io&fp=3wh%2Flf.7z&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=lf%2C7z&colc=1661459673779&jsl=1&uvs=6307dcd9ee00b47f000&skipb=1&callback=addthis.cbs.jsonp__54071869483092390
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.212.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-212-127.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
49ee6f3756c8d52518b673da4249d7d062189e2ff0cdb6ff9b1bd030307e2d81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 20:34:34 GMT
cache-control
max-age=0, no-cache, no-store, no-transform
content-disposition
attachment; filename=1.txt
content-length
89
content-type
application/javascript;charset=utf-8
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 3E67 		0
0
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 03B2 		71 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.212.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-212-127.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://upw.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=86313600
content-encoding
gzip
content-length
26421
content-type
text/html
date
Thu, 25 Aug 2022 20:34:33 GMT
etag
W/"5f971164-11adc"
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
p3p
CP="NON ADM OUR DEV IND COM STA"
server
nginx/1.15.8
strict-transport-security
max-age=15724800; includeSubDomains
timing-allow-origin
*
vary
Accept-Encoding
x-host
s7.addthis.com
rum
upw.io/cdn-cgi/ 		0
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://upw.io/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://upw.io/3wh/lf.7z
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
content-type
application/json

Response headers

date
Thu, 25 Aug 2022 20:34:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://upw.io
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
74071bf14d91bad6-MXP
vary
Origin
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1133021330236356&plah=upw.io
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 20:34:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 25 Aug 2022 20:34:33 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 15DD 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://upw.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3123
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 25 Aug 2022 19:42:31 GMT
expires
Fri, 25 Aug 2023 19:42:31 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3D19 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
445c822dcd9bb0e0ea5df10d2b7c38957443479508435476675f62c7e735c50a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4by_f4PSZUR2svLvY6jAGA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://upw.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-4by_f4PSZUR2svLvY6jAGA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 25 Aug 2022 20:34:34 GMT
expires
Thu, 25 Aug 2022 20:34:34 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
woHX-vsUocJZKT3Xlr8m3oSeq6S0iuLiA_v8-B2MNhs.js
pagead2.googlesyndication.com/bg/ Frame 15DD 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/woHX-vsUocJZKT3Xlr8m3oSeq6S0iuLiA_v8-B2MNhs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c281d7fafb14a1c259293dd796bf26de849eaba4b48ae2e203fbfcf81d8c361b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 19:26:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
176893
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15802
x-xss-protection
0
last-modified
Mon, 22 Aug 2022 11:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 23 Aug 2023 19:26:21 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 3D19 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220824&jk=4131349434552541&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 15DD 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?IxrTwA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 20:34:34 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
layers.fa6cd1947ce26e890d3d.js
s7.addthis.com/static/ 		263 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.212.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-212-127.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-41cf5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
date
Thu, 25 Aug 2022 20:34:34 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
77617
195.461912c47007775093ae.js
s7.addthis.com/static/ 		384 B
538 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/195.461912c47007775093ae.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.212.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-212-127.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
7b4fbd6cf87898b005b09546b1c4e82654918b11e5f64ccb8fc32ea0a04e237a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-180"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
date
Thu, 25 Aug 2022 20:34:34 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
298
shares-post.json
api-public.addthis.com/url/serviceapi/ 		2 B
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fupw.io%2F3wh%2Flf.7z
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.212.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-212-127.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://upw.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-type
text/plain

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
surrogate-key
sFbt=https://upw.io/3wh/lf.7z
last-modified
Thu, 25 Aug 2022 20:00:00 GMT
server
nginx/1.15.8
date
Thu, 25 Aug 2022 20:34:34 GMT
content-type
application/json
access-control-allow-origin
https://upw.io
cache-control
no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials
true
content-length
2
info.json
www.reddit.com/api/ 		144 B
262 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.reddit.com/api/info.json?url=https%3A%2F%2Fupw.io%2F3wh%2Flf.7z&jsonp=_ate.cbs.rcb_ie750
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
c1375f52aa0a7096def8c895cdac63c887e016f457fba223f2c2a8ebcf22426e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-ratelimit-used
2
via
1.1 varnish
x-content-type-options
nosniff
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.2, "failure_fraction": 0.2}
strict-transport-security
max-age=31536000; includeSubdomains
content-length
144
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
x-moose
majestic
server
snooserv
x-frame-options
SAMEORIGIN
date
Thu, 25 Aug 2022 20:34:34 GMT
x-ratelimit-remaining
298
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
X-Moose
cache-control
private, s-maxage=0, max-age=0, must-revalidate, no-store
x-ratelimit-reset
326
accept-ranges
bytes
expires
-1
count.json
widgets.pinterest.com/v1/urls/ 		71 B
132 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fupw.io%2F3wh%2Flf.7z&callback=window._ate.cbs.rcb_4b930
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f0cf870ff982d0b5a626625e159ef6486ad5a3da83f07b7a28a6428d48c01118
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 20:34:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
0
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
must-revalidate, max-age=887
x-envoy-upstream-service-time
3
accept-ranges
none
x-pinterest-rid
6573993733022231
expires
Thu, 25 Aug 2022 20:49:34 GMT
shares.json
api-public.addthis.com/url/ 		33 B
283 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fupw.io%2F3wh%2Flf.7z&callback=_ate.cbs.rcb_3ioj0
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.212.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-212-127.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
10729f5ae038f710ac7a8c0c7d2e95e833f79a97f45098036bbb90c957eb23de
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
surrogate-key
upw.io/3wh/lf.7z
last-modified
Thu, 25 Aug 2022 20:34:34 GMT
server
nginx/1.15.8
date
Thu, 25 Aug 2022 20:34:34 GMT
vary
Accept-Encoding
content-type
application/json
cache-control
no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length
53
info.json
www.reddit.com/api/ 		144 B
991 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.reddit.com/api/info.json?url=http%3A%2F%2Fupw.io%2F3wh%2Flf.7z&jsonp=_ate.cbs.rcb_kxqo0
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
218d2f73c285b5d9de4caf49bfbe8111af0500d01713b492a8ac210d44699d27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-ratelimit-used
1
via
1.1 varnish
x-content-type-options
nosniff
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.2, "failure_fraction": 0.2}
strict-transport-security
max-age=31536000; includeSubdomains
content-length
144
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
x-moose
majestic
server
snooserv
x-frame-options
SAMEORIGIN
date
Thu, 25 Aug 2022 20:34:34 GMT
x-ratelimit-remaining
299
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
X-Moose
cache-control
private, s-maxage=0, max-age=0, must-revalidate, no-store
x-ratelimit-reset
326
accept-ranges
bytes
expires
-1
count.json
widgets.pinterest.com/v1/urls/ 		70 B
285 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fupw.io%2F3wh%2Flf.7z&callback=window._ate.cbs.rcb_7zqb0
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7e12be04e087a068a04a79ccddf867487429b5291a93d052ca0edf2a328934df
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 20:34:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
0
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
must-revalidate, max-age=887
x-envoy-upstream-service-time
3
accept-ranges
none
x-pinterest-rid
7409881137938772
expires
Thu, 25 Aug 2022 20:49:34 GMT
shares.json
api-public.addthis.com/url/ 		33 B
283 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fupw.io%2F3wh%2Flf.7z&callback=_ate.cbs.rcb_kp7i0
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.212.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-212-127.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
5dba4ba679e8b494ebedfe529ddc7dec0a939af9f503856914d798a75fa067e7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
surrogate-key
upw.io/3wh/lf.7z
last-modified
Thu, 25 Aug 2022 20:34:34 GMT
server
nginx/1.15.8
date
Thu, 25 Aug 2022 20:34:34 GMT
vary
Accept-Encoding
content-type
application/json
cache-control
no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length
53
truncated
/ 		443 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=185600485576186&ev=Microdata&dl=https%3A%2F%2Fupw.io%2F3wh%2Flf.7z&rl=&if=false&ts=1661459674523&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22lf.7z%20-%20UPW.IO%22%2C%22meta%3Adescription%22%3A%22Download%20file%20-%20lf.7z%22%2C%22meta%3Akeywords%22%3A%22lf%2C7z%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.77&r=stable&ec=1&o=30&fbp=fb.1.1661459673020.1660406855&it=1661459672690&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 20:34:34 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Thu, 25 Aug 2022 20:34:34 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220824&jk=4131349434552541&bg=!jo2ljcnNAAaXrHhMt6w7ACkAdvg8WkWzjOl5tZP1HKGJZlIGL5yihOz_8m4oASeztJ260NqHfVSGXAIAAABTUgAAAAFoAQcKAK61iU_jtXWyaBVxMnEZUKSXx40jToQajJjZXe-Jvt-qNLZdFF8RdxXxi3qXY1e7MsWRFyCSsp55BqEq95IlR2MVQNUmhYq262BeZCh_iUd4AWDRfexnZQ7UfQYENg6dZmf1Nd2caJFVGninZRuy87P5INqI56QaMWUbAMI4Pe9IgVEl5NaG4IH3Xl0IMv0xmiAE9q0E53WGlQ2Qw5cyUGV0EJdeUL3hfRuX98ey44aZAtxAL31UQdgR-WpNkpyfpQ3zngFhckhP6xFEjr64Ah2Ds0P5n20ckqsp77WPs9IfInfwqsYX8UXH6j_24w3TusR81HCW-HCesfXZvD3lS1ywAlRLXhVo4XVG4KnZcTpBJ1BJ70ww28DEfe_BK3N8yOZLymyIihvP0bGNkeuyLGukJx-D4bwi8T4Rb-20OE60u_eCtEVZT9Ds_XxWPry1i798AzD6K4Jouipovx5DALKoK2oI620QU-RNiLc2wFIN0LkQ1tbDrzdTUTqSGfzLkt6WywCRSin96Puh9zr4nNan5pf6JiCvBecPUAKMxp5ryGke5NFW44mKU8m7P9JMLT8Qyth_YKIQv16MjMrQb8KozCVXEIbpot0nIPrAlPZmhJUuwvm49QC4RTEaecgp8GsrrzKZsv9RFF2Mr8D2IpAFQFjJdC5zPX8dJKjdJZLOc4zftqUMIkKvRtdw18gtDcHhV2H_litUC12cWkcVYbUitrMDGcsMztnX_wj8B-UabeJlkc8hsTN2b5bkWXjP378F8F8O52wb8UgJFn1ChNWwNZjuRUP7IbhmvIEBhsVrFTWj1dqt_Uvu5DXl3LgVx1mm-EYEpLXxTuyoKCEJhwOlc0OG4OwJ4TaI-ux7xluQPIangowCmrGox24tuFzIIXnIbib7QeusOLKTPggwiyWwZSqN8_tnDM3xmQoPP77IgitoVFrTrp_kTVEfc9eLTD0dzYgS61pjwPKT94RiN8cljRRa3sj3ZznweCCbO7exaRpxqmkbjlby7vJ3V2R2HbVgR4Mhm1qbyAad_ZScYDT4APv2jkD2ONrnx3Y5XtNGibGg52LD-Nm_iKlOKk2ogdXRS5ulea7ulSRNd8tcc0X-wcSkbp00iKhzQ47zJfeKNqkYOVPASlf4ybP6J4NaELFAYzEqntYwQx5bBBnQpm7_O5B_4D6b4EJ9w2LXqjeL7zZ2FL8ouD2qAoHAjtc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upw.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s7.addthis.com
URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation boolean| LOGGED_IN object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter string| google_user_agent_client_hint function| $ function| jQuery function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Flickity function| Unipointer function| Unidragger function| TapListener function| imagesLoaded function| Picker function| Granim object| smoothScroll object| mr function| mrFormsCaptchaInit object| e function| gtag object| dataLayer object| _paq function| fbq function| _fbq object| __cfBeacon object| google_tag_manager string| GoogleAnalyticsObject function| ga function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| gaplugins object| gaData function| onYouTubeIframeAPIReady object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto boolean| __@@##MUH object| addthis_config object| addthis_share object| GoogleGcLKhOms object| _atw string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| __callbacks number| len object| google_image_requests

17 Cookies

Domain/Path Name / Value
upw.io/ Name: filehosting
Value: bq6ar7f9ppr7u7ehugufc13ht1
.upw.io/ Name: _gid
Value: GA1.2.326293509.1661459673
.upw.io/ Name: _gat_gtag_UA_125798141_1
Value: 1
.upw.io/ Name: _ga_T4291L0VVF
Value: GS1.1.1661459672.1.0.1661459672.0.0.0
.upw.io/ Name: _ga
Value: GA1.1.664397187.1661459673
upw.io/ Name: _pk_id.1101.e1dd
Value: 7977f5c93fe9ba77.1661459673.
upw.io/ Name: _pk_ses.1101.e1dd
Value: 1
.upw.io/ Name: __gads
Value: ID=c804765fb9a62a4a-228d605505ce0050:T=1661459672:RT=1661459672:S=ALNI_Ma4G9jTmmIM2C2tweq9y2o_kHOJkA
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.upw.io/ Name: _fbp
Value: fb.1.1661459673020.1660406855
.upw.io/ Name: __cf_bm
Value: DFVL9bJh_fIzlRTrq1VYknlAVtdoA8qOVFUT59xM6DU-1661459673-0-ASGkHvAg19zvgzc6nkB1JVCpqdgBfAkIXWfL34fFFihFSfSIVfMDHYj1uWFcZRHJV2sLB49aHJ91Lw7l5+8wlx+cbwxSupjSQvh9Io0ESpg3hjgj9RtRaJEFIRBMQ6ZLnQ==
.facebook.com/ Name: fr
Value: 0viheg0XhvxhMEJDO..BjB9zZ...1.0.BjB9zZ.
upw.io/ Name: __atuvc
Value: 1%7C34
upw.io/ Name: __atuvs
Value: 6307dcd9ee00b47f000
.addthis.com/ Name: uvc
Value: 1%7C34
.reddit.com/ Name: csv
Value: 2
.addthis.com/ Name: loc
Value: MDAwMDBFVURFU0wyMjkyMTg2MTAwMzAwMDBDSA==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
analytics.trustedstats.com
api-public.addthis.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
m.addthis.com
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
s7.addthis.com
static.cloudflareinsights.com
stats.g.doubleclick.net
tpc.googlesyndication.com
upw.io
v1.addthisedge.com
widgets.pinterest.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.reddit.com
z.moatads.com
s7.addthis.com
142.250.186.66
151.101.128.84
151.101.65.140
2001:4860:4802:34::178
2001:4860:4802:34::36
23.47.209.169
23.47.212.127
2606:4700:3030::ac43:855f
2606:4700:3037::ac43:c68f
2606:4700:440e::ac40:9c1a
2a00:1450:4001:801::200a
2a00:1450:4001:803::2003
2a00:1450:4001:806::2003
2a00:1450:4001:808::2002
2a00:1450:4001:810::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2008
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:4001:831::2004
2a00:1450:400c:c00::9d
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f107:83:face:b00c:0:25de
02945e324e7c86a1ee921da7d8fa596a9c11878ccfe839ac70f8badcb674d522
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0cca9c2524a2c257cc53c398be0731ec07a02159b8a8f02dc5995a820808ebef
10729f5ae038f710ac7a8c0c7d2e95e833f79a97f45098036bbb90c957eb23de
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13b6581e5665a9e516751b0326354eaeb7853be7cbe4153adc6cad59b683e889
16c2641810693403cd2ac246afa1a309d2a92ac60070723aef8340f223a8b25f
1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e
1db57e8d168f67e0152fb5e1fb907897e022dbd838da4cc6affc8361af28af2a
1e548a23bc0279512f33cbafa6d4f45f9b35bfc7f28eea18eaa78aaf20156f83
218d2f73c285b5d9de4caf49bfbe8111af0500d01713b492a8ac210d44699d27
2642f94894419d1cebdc4a010b9380a7403063dd6d28ea8a80bd5ebd01186732
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2ba990faaad8198719efac063a6ec699b548708b555a3ef7821fd6899a8556ce
31205df908aed9881f6d2d3ae7d38975252bf99e38268978b4236dc3c314754b
38391d0c01d7fee8c61a80c9b507ef05d0cb76876a42feebded8b06905015d13
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
445c822dcd9bb0e0ea5df10d2b7c38957443479508435476675f62c7e735c50a
485753c1aa5536463530cc7bf6cd186fea4ebcd6a9c9a2c523fb6c484a5302f5
49ee6f3756c8d52518b673da4249d7d062189e2ff0cdb6ff9b1bd030307e2d81
4bfe55163fe5f7b2b54961753a79ce8f5bd8d76886479e78be996177ef9a16a6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
5923382a85ed3331005a6c1e3c28257ae5bf7c9c23b42e73ca68e45d831c2092
5ae1f50302b0902aac44e88dc58c734bd3475ed4e93718dbc8888dc8fd6c0142
5cbbde1fe725b4456ec4d6be8567710907ec8bcc337f4e875e1bd021d50be75e
5dba4ba679e8b494ebedfe529ddc7dec0a939af9f503856914d798a75fa067e7
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
653cdcbac7cc6211f80bb4984e2f5167869abc8c5ad1ec83f9e4a4557f8191cc
7b4fbd6cf87898b005b09546b1c4e82654918b11e5f64ccb8fc32ea0a04e237a
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7e12be04e087a068a04a79ccddf867487429b5291a93d052ca0edf2a328934df
7e59247db457a7bffc77323689ae623874b5407bc7943b10c4c27548c26bdd82
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86e9627f38621481d60d51f4bed9e425b31d1741d0c49dfd15c78e3d92497d6d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8ef749c3869991924150dc932c48cd57bf69ac25a378bb2e14f8e1733c17406f
8f195573d6fa06641814b476fea2b92579c983cac46d683f356238207692c9f5
914df93a9770d8a0e132b6ce3e8f1cfba0e0fae8f3b9002a3f0eb47c3d0cc97b
95a14a4473ff130eb29f3cc02e135978505655e3c931b6c3726dedd4f558f843
966cf0665807185237bd7891e4fefffdee6c8559cb1cc8936fab8f9e2adc48ba
9ad0a22b0c58240a7a92b4c01aa31f39a5918dea6a8fdfa77e63042abc4fca31
9e7fa543586285f42f9ec7902918d70535973c4ac80a4389b17dcf3413c92418
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a92a98c5f5245daff1abaff565ae26359f85d4cd1d383ff6e50cd599cf5b3e49
aba13e76e0dfc68cd2710d1745d55c6b210cb2bec6ecd14a541615b685af8564
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
aeda362b1d693480453b895cbcf8b92629f58240c42ba8c643f0d5d338baf805
b142e3368e788c7698bbb62806ab08905143226856a3607169e62e4f29873bb4
b6919dd92f8162e9d8b6642769217b9472c5bf423cdf82df50301a8af50ee53a
b712033ea1c370616c3105391e98e4867cea0159be8444ddd20249ea9888c950
bcb499166a81c2c68de921f186c95ed6c29859acf2a07422c15ddb1f4b9e7686
bffeb1836f9c01b97d45d07043585cf028e14e467858ce1d40729b25affacc91
c0b706b9b1ca12b631496228a0eb0fe15ccb14f21ab554f6c4b4f20474e4d3a6
c1375f52aa0a7096def8c895cdac63c887e016f457fba223f2c2a8ebcf22426e
c281d7fafb14a1c259293dd796bf26de849eaba4b48ae2e203fbfcf81d8c361b
c5d7f0d9e646698b20734ce6dcc2c0a8ecf6ebe27b4b7625bfcf42c4416fb7ed
c5f690ea1f752b40ea9bb8a23ecbd0d04ff541bb9c64eb22820d2a43b0a5f9d1
c661391117b70efa486492ff5439d6239ed6bfcca5cf1319ba4ebe7c37cdc72f
ccf346e2352e94ec43aff72ad0e36a5795ae627ffd0d8f26d5f7b01a1b65d624
d3dffc390c00490083b9b7e67a165ced7d507578a5cdbe265aaa698db09c9897
d6e5770d873b4f9e048c7b3ebd66b0884ce02799cbf4e8d5036386e55e707e57
dc3e1c7f25f8898edf9bba53c1cf0730271371e373bdd4dad4535cecedf85ba3
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e34a240ce9eeafd38be532898cd5a0aef286d35312181a984453973f017609ee
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e70b27194b8793b68cccee28a6d8a1e39aae2ce5d28d5e71ac204d7a3ac164e3
ee553498604b3a9c25fe95a9835d495a73bc37436b52b61a92d46e97452a40c0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0cf870ff982d0b5a626625e159ef6486ad5a3da83f07b7a28a6428d48c01118
f9f33dca7f9a5a735a0a03502993e0a092df81d820beb1ed4071e4611a9630ed
fbf0e2c9f01a23208edd71a94d31dc97b7c4f37f18974d2d5060ba692df6f5c0
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fe965e0f2d11ae258b9c98c819a32e06af3d19dd8cec9b830780f19ac01ade95