urlscan.io logo urlscan.io
SecurityTrails logo

userupload.net Open in urlscan Pro
51.89.234.230  Public Scan

Go To Rescan Add Verdict Report
URL: https://userupload.net/y5s9sexb7e7z
Submission: On September 12 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 4 countries across 11 domains to perform 53 HTTP transactions. The main IP is 51.89.234.230, located in France and belongs to OVH, FR. The main domain is userupload.net.
TLS certificate: Issued by cPanel, Inc. Certification Authority on August 29th 2020. Valid for: 3 months.
This is the only time userupload.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

17    51.89.234.230 (France)

ASN16276 (OVH, FR)
PTR: ns31202426.ip-51-89-234.eu
userupload.net
1    2a00:1450:4001:814::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2600:9000:214f:a600:1c:8a07:5e80:93a1 (United States)

ASN16509 (AMAZON-02, US)
platform-api.sharethis.com
3    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.de
adservice.google.com
2    2a00:1450:4001:814::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:815::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    163.172.107.39 (France)

ASN12876 (Online SAS, FR)
PTR: send-mail.tgwidget.com
tgwidget.com
1    2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2600:9000:214f:3e00:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)
buttons-config.sharethis.com
11    2a00:1450:4001:825::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
2    2a00:1450:4001:81a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2600:9000:214f:d600:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
c.sharethis.mgr.consensu.org
1    3.226.37.37 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-37-37.compute-1.amazonaws.com
count-server.sharethis.com
6    2600:9000:2057:fa00:1d:85c3:6640:93a1 (United States)

ASN16509 (AMAZON-02, US)
platform-cdn.sharethis.com
1    3.127.132.197 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-132-197.eu-central-1.compute.amazonaws.com
l.sharethis.com
2    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Domain Requested by
17 userupload.net userupload.net
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
6 platform-cdn.sharethis.com userupload.net
4 pagead2.googlesyndication.com userupload.net
pagead2.googlesyndication.com
3 www.google.com userupload.net
www.gstatic.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 fonts.gstatic.com userupload.net
2 ssl.google-analytics.com 1 redirects userupload.net
1 l.sharethis.com platform-api.sharethis.com
1 count-server.sharethis.com platform-api.sharethis.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 c.sharethis.mgr.consensu.org platform-api.sharethis.com
1 buttons-config.sharethis.com platform-api.sharethis.com
1 tgwidget.com userupload.net
1 www.gstatic.com www.google.com
1 stats.g.doubleclick.net userupload.net
1 platform-api.sharethis.com userupload.net
53 19

This site contains no links.

Subject Issuer Validity Valid
userupload.net
cPanel, Inc. Certification Authority		 2020-08-29 -
2020-11-27		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh
sharethis.com
Amazon		 2020-08-17 -
2021-09-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh
*.tgwidget.com
Sectigo RSA Domain Validation Secure Server CA		 2019-12-15 -
2020-12-14		 a year crt.sh
*.google.com
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh
sharethis.mgr.consensu.org
Amazon		 2020-05-05 -
2021-06-05		 a year crt.sh
*.google.de
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh

This page contains 13 frames:

Primary Page: https://userupload.net/y5s9sexb7e7z
Frame ID: 16EC05C64C7F1BF9617634E771CE072D
Requests: 41 HTTP requests in this frame

Frame: https://tgwidget.com/widget/count/?id=5f5499d783ba8846018b4567
Frame ID: 372E4DF5B23B495BB07CA6CEADEC3925
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200909/r20190131/zrt_lookup.html
Frame ID: 9DAB513235F8D0B26C4370901FD8C11A
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfG5EUUAAAAAE7XFZvJfM0HHeaV1tQQqzZ7BTiX&co=aHR0cHM6Ly91c2VydXBsb2FkLm5ldDo0NDM.&hl=en&v=iSHzt4kCrNgSxGUYDFqaZAL9&size=normal&cb=ruor7otn0vg
Frame ID: 4C43CD5AEE0C57FA39E4CAC9FCAF683C
Requests: 1 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal-v2.html
Frame ID: FEE961AC3320B44AB5C4A2B11343EDD7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5228806306542248&output=html&h=280&slotname=9237283852&adk=1997398430&adf=4108538649&w=350&fwrn=4&fwrnh=100&lmt=1599891281&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=350x280&url=https%3A%2F%2Fuserupload.net%2Fy5s9sexb7e7z&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1599891281756&bpp=25&bdt=498&idt=114&shv=r20200909&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4262589847663&frm=20&pv=2&ga_vid=1180873681.1599891281&ga_sid=1599891281&ga_hid=805132598&ga_fc=1&iag=0&icsg=8656958450&dssz=29&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067034&oid=3&pvsid=1512294527960316&pem=170&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=emxDALwBIl&p=https%3A//userupload.net&dtd=131
Frame ID: DC62AD73F162C7FB642AD905B69B8E65
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5228806306542248&output=html&h=280&slotname=5298038844&adk=3658158944&adf=3044448856&w=350&fwrn=4&fwrnh=100&lmt=1599891281&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=350x280&url=https%3A%2F%2Fuserupload.net%2Fy5s9sexb7e7z&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1599891281781&bpp=3&bdt=523&idt=125&shv=r20200909&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280&correlator=4262589847663&frm=20&pv=1&ga_vid=1180873681.1599891281&ga_sid=1599891281&ga_hid=805132598&ga_fc=1&iag=0&icsg=43016696818&dssz=31&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=611&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067034&oid=3&pvsid=1512294527960316&pem=170&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QtM5ACKeFC&p=https%3A//userupload.net&dtd=140
Frame ID: 201C7154888AB818073AC76EA6E0A978
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5228806306542248&output=html&h=280&slotname=4007740924&adk=2448036532&adf=2560393268&w=480&fwrn=4&fwrnh=100&lmt=1599891281&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=480x280&url=https%3A%2F%2Fuserupload.net%2Fy5s9sexb7e7z&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1599891281784&bpp=1&bdt=526&idt=142&shv=r20200909&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280%2C350x280&correlator=4262589847663&frm=20&pv=1&ga_vid=1180873681.1599891281&ga_sid=1599891281&ga_hid=805132598&ga_fc=1&iag=0&icsg=43016696818&dssz=31&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=695&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067034&oid=3&pvsid=1512294527960316&pem=170&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=7mAN8Cqnp7&p=https%3A//userupload.net&dtd=190
Frame ID: 0F0CC784396877648BADBD18CCAD22FC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5228806306542248&output=html&h=280&slotname=1042759759&adk=2198837252&adf=2833722400&w=350&fwrn=4&fwrnh=100&lmt=1599891282&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=350x280&url=https%3A%2F%2Fuserupload.net%2Fy5s9sexb7e7z&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1599891281785&bpp=1&bdt=528&idt=222&shv=r20200909&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280%2C350x280%2C480x280&correlator=4262589847663&frm=20&pv=1&ga_vid=1180873681.1599891281&ga_sid=1599891281&ga_hid=805132598&ga_fc=1&iag=0&icsg=43016696818&dssz=31&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1005&ady=512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067034&oid=3&pvsid=1512294527960316&pem=170&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=9eGai78y4w&p=https%3A//userupload.net&dtd=280
Frame ID: C52328D8BFA9390BE6C31B906CCC8E38
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5228806306542248&output=html&h=280&slotname=5644349740&adk=3102016549&adf=3760600436&w=730&fwrn=4&fwrnh=100&lmt=1599891282&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=730x280&url=https%3A%2F%2Fuserupload.net%2Fy5s9sexb7e7z&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1599891281786&bpp=1&bdt=528&idt=329&shv=r20200909&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280%2C350x280%2C480x280%2C350x280&correlator=4262589847663&frm=20&pv=1&ga_vid=1180873681.1599891281&ga_sid=1599891281&ga_hid=805132598&ga_fc=1&iag=0&icsg=43016696818&dssz=31&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=625&ady=933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067034&oid=3&pvsid=1512294527960316&pem=170&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&fsb=1&xpc=i95Zt3BGOD&p=https%3A//userupload.net&dtd=332
Frame ID: 6414D1082C7AEA4C5CD70AF6E272CCC2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5228806306542248&output=html&adk=1812271804&adf=3025194257&lmt=1599891282&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fuserupload.net%2Fy5s9sexb7e7z&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1599891281787&bpp=1&bdt=530&idt=338&shv=r20200909&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280%2C350x280%2C480x280%2C350x280%2C730x280&nras=1&correlator=4262589847663&frm=20&pv=1&ga_vid=1180873681.1599891281&ga_sid=1599891281&ga_hid=805132598&ga_fc=1&iag=0&icsg=43016696818&dssz=31&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067034&oid=3&pvsid=1512294527960316&pem=170&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&dtd=378
Frame ID: FC0D3197B2EF5E9E7B767772D9E722EA
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=iSHzt4kCrNgSxGUYDFqaZAL9&k=6LfG5EUUAAAAAE7XFZvJfM0HHeaV1tQQqzZ7BTiX&cb=2updm83zlnc1
Frame ID: 2D7013FCAC16A3409691592378C311C2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 07286D7AA075326933233D1D90B48D65
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

53
Requests

100 %
HTTPS

78 %
IPv6

11
Domains

19
Subdomains

18
IPs

4
Countries

816 kB
Transfer

1851 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=366741614&utmhn=userupload.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Download%20Flix4u%20User%20Upload%20apk&utmhid=805132598&utmr=-&utmp=%2Fy5s9sexb7e7z&utmht=1599891281522&utmac=UA-80176776-3&utmcc=__utma%3D30043835.1180873681.1599891281.1599891281.1599891281.1%3B%2B__utmz%3D30043835.1599891281.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=217646297&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-80176776-3&cid=1180873681.1599891281&jid=217646297&_v=5.7.2&z=366741614

53 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set y5s9sexb7e7z
userupload.net/ 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://userupload.net/y5s9sexb7e7z
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.89.234.230 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31202426.ip-51-89-234.eu
Software
Apache /
Resource Hash
0df94541f853cfed3f723daf9632cefbe7b113edb2fcd087b5bf692f01e21a91
Security Headers
Name Value
Strict-Transport-Security max-age=0;includeSubDomains;

Request headers

Host
userupload.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 12 Sep 2020 06:14:40 GMT
Server
Apache
Strict-Transport-Security
max-age=0;includeSubDomains;
Expires
Fri, 11 Sep 2020 06:14:41 GMT
Set-Cookie
lang=english; domain=userupload.net; path=/ ref_url=; domain=userupload.net; path=/ aff=14526; domain=userupload.net; path=/
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
Content-Length
3860
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html ; charset=UTF-8
jquery-1.9.1.min.js
userupload.net/ds2/js/ 		90 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://userupload.net/ds2/js/jquery-1.9.1.min.js
Requested by
Host: userupload.net
URL: https://userupload.net/y5s9sexb7e7z
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.89.234.230 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31202426.ip-51-89-234.eu
Software
Apache /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Referer
https://userupload.net/y5s9sexb7e7z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 12 Sep 2020 06:14:41 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Sep 2017 22:09:54 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
max-age=216000, private
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
32775
Expires
Sat, 12 Sep 2020 06:14:42 GMT
jquery.paging.js
userupload.net/ds2/js/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://userupload.net/ds2/js/jquery.paging.js
Requested by
Host: userupload.net
URL: https://userupload.net/y5s9sexb7e7z
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.89.234.230 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31202426.ip-51-89-234.eu
Software
Apache /
Resource Hash
c8ecfe747c979fbd87624913200a9237343679923b495885bced089b80fc84f6

Request headers

Referer
https://userupload.net/y5s9sexb7e7z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 12 Sep 2020 06:14:41 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Sep 2017 22:09:56 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
max-age=216000, private
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
4362
Expires
Sat, 12 Sep 2020 06:14:42 GMT
jquery.cookie.js
userupload.net/ds2/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://userupload.net/ds2/js/jquery.cookie.js
Requested by
Host: userupload.net
URL: https://userupload.net/y5s9sexb7e7z
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.89.234.230 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31202426.ip-51-89-234.eu
Software
Apache /
Resource Hash
c4fb91befcf134b81ecfa1c586e1f9d6426c8f4fc1f6c130ac1fddb49ab5df96

Request headers

Referer
https://userupload.net/y5s9sexb7e7z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 12 Sep 2020 06:14:41 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Sep 2017 22:09:56 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
max-age=216000, private
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1365
Expires
Sat, 12 Sep 2020 06:14:42 GMT
paging.js
userupload.net/ds2/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://userupload.net/ds2/js/paging.js
Requested by
Host: userupload.net
URL: https://userupload.net/y5s9sexb7e7z
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.89.234.230 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31202426.ip-51-89-234.eu
Software
Apache /
Resource Hash
e1d4f21db649ec5795e70cb72e59fdec97af300c64b5d8abbc67f00688eb0ecd

Request headers

Referer
https://userupload.net/y5s9sexb7e7z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 12 Sep 2020 06:14:41 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Sep 2017 22:09:57 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
max-age=216000, private
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
662
Expires
Sat, 12 Sep 2020 06:14:42 GMT
style.min.css
userupload.net/ds2/css/ 		179 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://userupload.net/ds2/css/style.min.css?v=0.2
Requested by
Host: userupload.net
URL: https://userupload.net/y5s9sexb7e7z
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.89.234.230 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31202426.ip-51-89-234.eu
Software
Apache /
Resource Hash
f79c8c5d16a9dd37461d1c9c82df0fd384d3cf2bc733e2948f636cd4ce6f3fda

Request headers

Referer
https://userupload.net/y5s9sexb7e7z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 12 Sep 2020 06:14:41 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Jun 2020 22:32:41 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
35070
Expires
Sat, 19 Sep 2020 06:14:41 GMT
logo.png
userupload.net/ds2/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://userupload.net/ds2/img/logo.png
Requested by
Host: userupload.net
URL: https://userupload.net/y5s9sexb7e7z
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.89.234.230 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31202426.ip-51-89-234.eu
Software
Apache /
Resource Hash
d7c396c8a69d4fd8d8f5eeae071bff6600721663553e9e4c5b2a90b6fc0a0421

Request headers

Referer
https://userupload.net/y5s9sexb7e7z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 12 Sep 2020 06:14:41 GMT
Last-Modified
Sun, 22 Dec 2019 17:54:49 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
7150
Expires
Mon, 12 Oct 2020 06:14:41 GMT
countdown.js
userupload.net/ds2/js/ 		640 B
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://userupload.net/ds2/js/countdown.js
Requested by
Host: userupload.net
URL: https://userupload.net/y5s9sexb7e7z
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.89.234.230 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31202426.ip-51-89-234.eu
Software
Apache /
Resource Hash
6b1116dbdcc8665059c0163cb6cd034a949402f5bc6294390e8ffee39952f6ae

Request headers

Referer
https://userupload.net/y5s9sexb7e7z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 12 Sep 2020 06:14:41 GMT
Content-Encoding
gzip
Last-Modified
Wed, 27 Sep 2017 05:59:30 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
max-age=216000, private
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
353
Expires
Sat, 12 Sep 2020 06:14:42 GMT
api.js
www.google.com/recaptcha/ 		736 B
551 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: userupload.net
URL: https://userupload.net/y5s9sexb7e7z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b38e3464dee0d0f1007c2c1195c69202c8212455c982d1fddf214b8aeedcb417
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://userupload.net/y5s9sexb7e7z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Sep 2020 06:14:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
463
x-xss-protection
1; mode=block
expires
Sat, 12 Sep 2020 06:14:41 GMT
bootstrap.min.js
userupload.net/ds2/js/ 		57 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://userupload.net/ds2/js/bootstrap.min.js
Requested by
Host: userupload.net
URL: https://userupload.net/y5s9sexb7e7z
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.89.234.230 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31202426.ip-51-89-234.eu
Software
Apache /
Resource Hash
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Request headers

Referer
https://userupload.net/y5s9sexb7e7z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 12 Sep 2020 06:14:41 GMT
Content-Encoding
gzip
Last-Modified
Sat, 24 Aug 2019 22:42:17 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
max-age=216000, private
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
15437
Expires
Sat, 12 Sep 2020 06:14:42 GMT
clipboard.min.js
userupload.net/ds2/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://userupload.net/ds2/js/clipboard.min.js
Requested by
Host: userupload.net
URL: https://userupload.net/y5s9sexb7e7z
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.89.234.230 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31202426.ip-51-89-234.eu
Software
Apache /
Resource Hash
0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062

Request headers

Referer
https://userupload.net/y5s9sexb7e7z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 12 Sep 2020 06:14:41 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Sep 2017 22:09:53 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
max-age=216000, private
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
3397
Expires
Sat, 12 Sep 2020 06:14:42 GMT
main.js
userupload.net/ds2/js/ 		423 B
642 B 		Script
General
Check archive.org
Download Go to
Full URL
https://userupload.net/ds2/js/main.js
Requested by
Host: userupload.net
URL: https://userupload.net/y5s9sexb7e7z
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.89.234.230 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31202426.ip-51-89-234.eu
Software
Apache /
Resource Hash
c1bd88cc54165fd50700598361e7484401e4cc1525866fa5a73e8a463df5c226

Request headers

Referer
https://userupload.net/y5s9sexb7e7z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 12 Sep 2020 06:14:41 GMT
Content-Encoding
gzip
Last-Modified
Thu, 31 Oct 2019 22:11:55 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
max-age=216000, private
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
250
Expires
Sat, 12 Sep 2020 06:14:42 GMT
sharethis.js
platform-api.sharethis.com/js/ 		97 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform-api.sharethis.com/js/sharethis.js
Requested by
Host: userupload.net
URL: https://userupload.net/y5s9sexb7e7z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:a600:1c:8a07:5e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
c5d647f84ca95728d4bc197197626da00f274d59c1e6d5659550d851d7fb552b

Request headers

Referer
https://userupload.net/y5s9sexb7e7z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Sep 2020 06:05:44 GMT
content-encoding
gzip
age
537
etag
W/"185ff-svNz7wQSJOO5XgCtP/lxem5mQ40"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
status
200
edge-control
cache-maxage=60m,downstream-ttl=60m
cache-control
max-age=600, public
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
E7-RyGO3e-IXHI0Hm0Vqyno3bQgIrZ1qdDQDZAYk2IhIuJqZeXFg1g==
via
1.1 6080b2713e502211e152f21f5c59c5a7.cloudfront.net (CloudFront)
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		130 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: userupload.net
URL: https://userupload.net/y5s9sexb7e7z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28870619e0b50cef037f0ef0daba635dd98ea53bbdaa94244b724c42e23d94c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://userupload.net/y5s9sexb7e7z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Sep 2020 06:14:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
45965
x-xss-protection
0
server
cafe
etag
15926848246370085333
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 12 Sep 2020 06:14:41 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: userupload.net
URL: https://userupload.net/y5s9sexb7e7z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://userupload.net/y5s9sexb7e7z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 19 Aug 2020 20:46:40 GMT
server
Golfe2
age
6646
date
Sat, 12 Sep 2020 04:23:55 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Sat, 12 Sep 2020 06:23:55 GMT
bootstrap.min.css
userupload.net/ds2/css/ 		152 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://userupload.net/ds2/css/bootstrap.min.css
Requested by
Host: userupload.net
URL: https://userupload.net/ds2/css/style.min.css?v=0.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.89.234.230 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31202426.ip-51-89-234.eu
Software
Apache /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Request headers

Referer
https://userupload.net/ds2/css/style.min.css?v=0.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 12 Sep 2020 06:14:41 GMT
Content-Encoding
gzip
Last-Modified
Sat, 24 Aug 2019 22:42:18 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
23238
Expires
Sat, 19 Sep 2020 06:14:41 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=366741614&utmhn=userupload.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Downlo...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-80176776-3&cid=1180873681.1599891281&jid=217646297&_v=5.7.2&z=366741614
35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-80176776-3&cid=1180873681.1599891281&jid=217646297&_v=5.7.2&z=366741614
Requested by
Host: userupload.net
URL: https://userupload.net/y5s9sexb7e7z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://userupload.net/y5s9sexb7e7z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 12 Sep 2020 06:14:41 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 12 Sep 2020 06:14:41 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-80176776-3&cid=1180873681.1599891281&jid=217646297&_v=5.7.2&z=366741614
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
369
expires
Fri, 01 Jan 1990 00:00:00 GMT
brandon_reg-webfont.woff2
userupload.net/ds2/fonts/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://userupload.net/ds2/fonts/brandon_reg-webfont.woff2
Requested by
Host: userupload.net
URL: https://userupload.net/ds2/css/style.min.css?v=0.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.89.234.230 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31202426.ip-51-89-234.eu
Software
Apache /
Resource Hash
0595cd78fc2e895151da27f2de6361ea315f24a4d7371ef8db0d786e5e71bb9f

Request headers

Origin
https://userupload.net
Referer
https://userupload.net/ds2/css/style.min.css?v=0.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 12 Sep 2020 06:14:41 GMT
Content-Encoding
gzip
Last-Modified
Sat, 07 Sep 2019 21:56:34 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
font/woff2
Cache-Control
max-age=1
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
27407
Expires
Sat, 12 Sep 2020 06:14:42 GMT
fa-duotone-900.woff2
userupload.net/ds2/fa/webfonts/ 		162 KB
161 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://userupload.net/ds2/fa/webfonts/fa-duotone-900.woff2
Requested by
Host: userupload.net
URL: https://userupload.net/ds2/css/style.min.css?v=0.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.89.234.230 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31202426.ip-51-89-234.eu
Software
Apache /
Resource Hash
3477023d8b7129eb517abf377492a608f2469ae91405fa62974e6771751e04ae

Request headers

Origin
https://userupload.net
Referer
https://userupload.net/ds2/css/style.min.css?v=0.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 12 Sep 2020 06:14:41 GMT
Content-Encoding
gzip
Last-Modified
Sat, 24 Aug 2019 23:45:51 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
font/woff2
Cache-Control
max-age=1
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Expires
Sat, 12 Sep 2020 06:14:42 GMT
brandon_bld-webfont.woff2
userupload.net/ds2/fonts/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://userupload.net/ds2/fonts/brandon_bld-webfont.woff2
Requested by
Host: userupload.net
URL: https://userupload.net/ds2/css/style.min.css?v=0.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.89.234.230 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31202426.ip-51-89-234.eu
Software
Apache /
Resource Hash
c56fd6b910ca93a3fb1875e35074b8ce8501c319ebaa0e8b7252f7e4a7023fe6

Request headers

Origin
https://userupload.net
Referer
https://userupload.net/ds2/css/style.min.css?v=0.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 12 Sep 2020 06:14:41 GMT
Content-Encoding
gzip
Last-Modified
Sat, 07 Sep 2019 21:56:34 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
font/woff2
Cache-Control
max-age=1
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
27492
Expires
Sat, 12 Sep 2020 06:14:42 GMT
va9E4kDNxMZdWfMOD5Vvl4jO.ttf
fonts.gstatic.com/s/firasans/v10/ 		54 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/firasans/v10/va9E4kDNxMZdWfMOD5Vvl4jO.ttf
Requested by
Host: userupload.net
URL: https://userupload.net/ds2/css/style.min.css?v=0.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08d4e6308d4549372380e8a8d6b3de7613d304b43c2e6f50053af0338e5e0f67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://userupload.net
Referer
https://userupload.net/ds2/css/style.min.css?v=0.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 07 Sep 2020 11:14:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
413985
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26757
x-xss-protection
0
last-modified
Mon, 22 Jul 2019 19:21:28 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Sep 2021 11:14:56 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/iSHzt4kCrNgSxGUYDFqaZAL9/ 		336 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/iSHzt4kCrNgSxGUYDFqaZAL9/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
854f7a7915f240546d3950dd2b067466da13c013d04a3f8c790880c58ec61151
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://userupload.net/y5s9sexb7e7z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 15:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 07 Sep 2020 04:06:55 GMT
server
sffe
age
311360
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
134800
x-xss-protection
0
expires
Wed, 08 Sep 2021 15:45:21 GMT
/
tgwidget.com/widget/count/ Frame 372E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tgwidget.com/widget/count/?id=5f5499d783ba8846018b4567
Requested by
Host: userupload.net
URL: https://userupload.net/y5s9sexb7e7z
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.172.107.39 , France, ASN12876 (Online SAS, FR),
Reverse DNS
send-mail.tgwidget.com
Software
nginx / PHP/5.6.37-0+deb8u1
Resource Hash

Request headers

Host
tgwidget.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://userupload.net/y5s9sexb7e7z
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://userupload.net/y5s9sexb7e7z

Response headers

Server
nginx
Date
Sat, 12 Sep 2020 06:14:32 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=5
X-Powered-By
PHP/5.6.37-0+deb8u1
Content-Encoding
gzip
va9B4kDNxMZdWfMOD5VnLK3eRhf_.ttf
fonts.gstatic.com/s/firasans/v10/ 		58 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/firasans/v10/va9B4kDNxMZdWfMOD5VnLK3eRhf_.ttf
Requested by
Host: userupload.net
URL: https://userupload.net/ds2/css/style.min.css?v=0.2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b1ed14c8d4e5852e773d44304a3a33507ff993a4b6b70ea1d9fb8c6f68e7318
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://userupload.net
Referer
https://userupload.net/ds2/css/style.min.css?v=0.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 07 Sep 2020 09:18:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
421001
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28042
x-xss-protection
0
last-modified
Mon, 22 Jul 2019 19:22:45 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Sep 2021 09:18:00 GMT
brandon_med-webfont.woff2
userupload.net/ds2/fonts/ 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://userupload.net/ds2/fonts/brandon_med-webfont.woff2
Requested by
Host: userupload.net
URL: https://userupload.net/ds2/css/style.min.css?v=0.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.89.234.230 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31202426.ip-51-89-234.eu
Software
Apache /
Resource Hash
8bedd3a9d3d20f71aa28c17e75c18ddc9a323b823275ae9bec6a1b673ea646f5

Request headers

Origin
https://userupload.net
Referer
https://userupload.net/ds2/css/style.min.css?v=0.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 12 Sep 2020 06:14:41 GMT
Content-Encoding
gzip
Last-Modified
Sat, 07 Sep 2019 21:56:34 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
font/woff2
Cache-Control
max-age=1
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
28003
Expires
Sat, 12 Sep 2020 06:14:42 GMT
5c3f7ca0c9830d001319a65d.js
buttons-config.sharethis.com/js/ 		975 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buttons-config.sharethis.com/js/5c3f7ca0c9830d001319a65d.js
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:3e00:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
64ef1788e2c86fe9b9f65689843ec0d459ee8c1477b4fe26b88a3b3cc1e98c56

Request headers

Referer
https://userupload.net/y5s9sexb7e7z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sat, 12 Sep 2020 06:14:16 GMT
via
1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
last-modified
Sat, 11 Apr 2020 08:06:55 GMT
server
AmazonS3
age
25
etag
"603d865a6a864b43f642e595a6f198f6"
x-cache
Hit from cloudfront
content-type
text/javascript
status
200
cache-control
public, max-age=60
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
975
x-amz-cf-id
G5yM9AIVctChIzBLyvQIjtR3EGS1LD179A87jyCW-fRm1Ob3jTf3vg==
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20200909/r20190131/ 		228 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20200909/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
19beb10327997e7c00d9c8cb6a9ae4f72963968d2c763c6fe579071c9ee2b86a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://userupload.net/y5s9sexb7e7z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Sep 2020 06:14:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
87777
x-xss-protection
0
server
cafe
etag
541389345409318010
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 12 Sep 2020 06:14:41 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200909/r20190131/ Frame 9DAB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20200909/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20200909/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://userupload.net/y5s9sexb7e7z
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://userupload.net/y5s9sexb7e7z

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Fri, 11 Sep 2020 23:44:18 GMT
expires
Fri, 25 Sep 2020 23:44:18 GMT
content-type
text/html; charset=UTF-8
etag
9704104221650600920
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4744
x-xss-protection
0
age
23423
cache-control
public, max-age=1209600
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
anchor
www.google.com/recaptcha/api2/ Frame 4C43 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfG5EUUAAAAAE7XFZvJfM0HHeaV1tQQqzZ7BTiX&co=aHR0cHM6Ly91c2VydXBsb2FkLm5ldDo0NDM.&hl=en&v=iSHzt4kCrNgSxGUYDFqaZAL9&size=normal&cb=ruor7otn0vg
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/iSHzt4kCrNgSxGUYDFqaZAL9/recaptcha__en.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-RpcbpJypNySrvuYnWL+0Kw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LfG5EUUAAAAAE7XFZvJfM0HHeaV1tQQqzZ7BTiX&co=aHR0cHM6Ly91c2VydXBsb2FkLm5ldDo0NDM.&hl=en&v=iSHzt4kCrNgSxGUYDFqaZAL9&size=normal&cb=ruor7otn0vg
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://userupload.net/y5s9sexb7e7z
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://userupload.net/y5s9sexb7e7z

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sat, 12 Sep 2020 06:14:41 GMT
content-security-policy
script-src 'report-sample' 'nonce-RpcbpJypNySrvuYnWL+0Kw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
10732
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
portal-v2.html
c.sharethis.mgr.consensu.org/ Frame FEE9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://c.sharethis.mgr.consensu.org/portal-v2.html
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:d600:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
c.sharethis.mgr.consensu.org
:scheme
https
:path
/portal-v2.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://userupload.net/y5s9sexb7e7z
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://userupload.net/y5s9sexb7e7z

Response headers

status
200
content-type
text/html; charset=utf-8
accept-ranges
bytes
content-encoding
gzip
last-modified
Wed, 26 Aug 2020 05:25:30 GMT
date
Sat, 12 Sep 2020 06:02:58 GMT
cache-control
max-age=3600, public
etag
W/"83a-174293a7110"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 7549433a09d06354ea864d169b689e51.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
9UGO94ZN_mAQWZ5gFq47jBmiGgr1u-98NOKhuNaXyv5sU92RhPtHQw==
age
703
integrator.js
adservice.google.de/adsid/ 		109 B
890 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=userupload.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200909/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://userupload.net/y5s9sexb7e7z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 12 Sep 2020 06:14:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
890 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=userupload.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200909/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://userupload.net/y5s9sexb7e7z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 12 Sep 2020 06:14:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame DC62 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5228806306542248&output=html&h=280&slotname=9237283852&adk=1997398430&adf=4108538649&w=350&fwrn=4&fwrnh=100&lmt=1599891281&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=350x280&url=https%3A%2F%2Fuserupload.net%2Fy5s9sexb7e7z&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1599891281756&bpp=25&bdt=498&idt=114&shv=r20200909&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4262589847663&frm=20&pv=2&ga_vid=1180873681.1599891281&ga_sid=1599891281&ga_hid=805132598&ga_fc=1&iag=0&icsg=8656958450&dssz=29&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067034&oid=3&pvsid=1512294527960316&pem=170&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=emxDALwBIl&p=https%3A//userupload.net&dtd=131
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200909/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5228806306542248&output=html&h=280&slotname=9237283852&adk=1997398430&adf=4108538649&w=350&fwrn=4&fwrnh=100&lmt=1599891281&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=350x280&url=https%3A%2F%2Fuserupload.net%2Fy5s9sexb7e7z&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1599891281756&bpp=25&bdt=498&idt=114&shv=r20200909&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4262589847663&frm=20&pv=2&ga_vid=1180873681.1599891281&ga_sid=1599891281&ga_hid=805132598&ga_fc=1&iag=0&icsg=8656958450&dssz=29&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067034&oid=3&pvsid=1512294527960316&pem=170&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=emxDALwBIl&p=https%3A//userupload.net&dtd=131
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://userupload.net/y5s9sexb7e7z
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://userupload.net/y5s9sexb7e7z

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 12 Sep 2020 06:14:42 GMT
server
cafe
content-length
21377
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 12-Sep-2020 06:29:41 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Sat, 12 Sep 2020 06:14:42 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200909/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
568c4d6160efabb5b61ed1d2add90083e6bef67fc9964a27310c8a135b1e077d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://userupload.net/y5s9sexb7e7z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Sep 2020 06:14:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1599824047903655"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27476
x-xss-protection
0
expires
Sat, 12 Sep 2020 06:14:41 GMT
get_counts
count-server.sharethis.com/v2.0/ 		136 B
382 B 		Script
General
Check archive.org
Download Go to
Full URL
https://count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb2&url=https%3A%2F%2Fuserupload.net%2Fy5s9sexb7e7z
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.226.37.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-37-37.compute-1.amazonaws.com
Software
/ Express
Resource Hash
7a93db43875d9c30ad91e97f045c8d339072fff00b5215c994bd0faecf1bf774

Request headers

Referer
https://userupload.net/y5s9sexb7e7z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 12 Sep 2020 06:14:42 GMT
Cache-Control
public, max-age=900
ETag
060bfd1e0b5cae9a8f1a7bac6975006b
Connection
keep-alive
X-Powered-By
Express
Content-Length
136
Content-Type
text/javascript; charset=utf-8
facebook.svg
platform-cdn.sharethis.com/img/ 		301 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/facebook.svg
Requested by
Host: userupload.net
URL: https://userupload.net/y5s9sexb7e7z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:fa00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307

Request headers

Referer
https://userupload.net/y5s9sexb7e7z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Tue, 18 Aug 2020 21:13:28 GMT
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
age
2106074
etag
"c6e9be45643e197ce1db1d7e24a99adc"
x-cache
Hit from cloudfront
content-type
image/svg+xml
status
200
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
301
x-amz-cf-id
NNPb40pPY0FvXdgxRstuYURbdhXmS9v6UJnGmRaGrEUpM5atE0-IPw==
whatsapp.svg
platform-cdn.sharethis.com/img/ 		832 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/whatsapp.svg
Requested by
Host: userupload.net
URL: https://userupload.net/y5s9sexb7e7z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:fa00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c

Request headers

Referer
https://userupload.net/y5s9sexb7e7z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Tue, 18 Aug 2020 21:13:28 GMT
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
age
2106074
etag
"afe7fc60ed757db39a88d2950fce69c9"
x-cache
Hit from cloudfront
content-type
image/svg+xml
status
200
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
832
x-amz-cf-id
RZ3_sG9KIlIUwQ8E4lKCTiuI6eSqbmsa5Sxke0GuMlV9b4ixpTPZEw==
messenger.svg
platform-cdn.sharethis.com/img/ 		372 B
750 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/messenger.svg
Requested by
Host: userupload.net
URL: https://userupload.net/y5s9sexb7e7z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:fa00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2986551fd9e82929eabb8cba7c44f74a28d8496c744893432f067b320dff55da

Request headers

Referer
https://userupload.net/y5s9sexb7e7z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 20 Aug 2020 02:42:09 GMT
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
age
1999952
etag
"a5aa43fa302867d3e888ac2f69b7b288"
x-cache
Hit from cloudfront
content-type
image/svg+xml
status
200
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
372
x-amz-cf-id
Gp98368y5Pr4OGsRSXsUwXaNe99_-uQfxgOH7zKf6D4Fh06ai-O_lQ==
twitter.svg
platform-cdn.sharethis.com/img/ 		731 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/twitter.svg
Requested by
Host: userupload.net
URL: https://userupload.net/y5s9sexb7e7z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:fa00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f

Request headers

Referer
https://userupload.net/y5s9sexb7e7z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Tue, 18 Aug 2020 21:13:28 GMT
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
age
2106074
etag
"0af2fb38987598376c99e21af17ade45"
x-cache
Hit from cloudfront
content-type
image/svg+xml
status
200
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
731
x-amz-cf-id
5JtT85Z3m4tW9NoG29_VPpxJZQMCEbO4WOn_tgi-gGL4dXk5VNhlPA==
telegram.svg
platform-cdn.sharethis.com/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/telegram.svg
Requested by
Host: userupload.net
URL: https://userupload.net/y5s9sexb7e7z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:fa00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8bdf772d9fc521b1bac964b3e1287466cc5e6497f058ef97112f9a17b2591dfb

Request headers

Referer
https://userupload.net/y5s9sexb7e7z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 18 Aug 2020 20:39:21 GMT
content-encoding
gzip
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
age
2108121
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
status
200
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
WzDkuqdI0BFVMNrD_BNg_gcKUdgKyL4C3xst9NYTPruwT2AUKm9wKg==
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
sharethis.svg
platform-cdn.sharethis.com/img/ 		514 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/sharethis.svg
Requested by
Host: userupload.net
URL: https://userupload.net/y5s9sexb7e7z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:fa00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99

Request headers

Referer
https://userupload.net/y5s9sexb7e7z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 20 Aug 2020 02:42:52 GMT
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
age
1999909
etag
"deecdaa377907db5cc1722fc831670a1"
x-cache
Hit from cloudfront
content-type
image/svg+xml
status
200
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
514
x-amz-cf-id
gge82P2aXKBWTGkGFFXZYlv_-yMJ0bjY4ZRD71XAsHDLYl1JWtrFfg==
ads
googleads.g.doubleclick.net/pagead/ Frame 201C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5228806306542248&output=html&h=280&slotname=5298038844&adk=3658158944&adf=3044448856&w=350&fwrn=4&fwrnh=100&lmt=1599891281&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=350x280&url=https%3A%2F%2Fuserupload.net%2Fy5s9sexb7e7z&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1599891281781&bpp=3&bdt=523&idt=125&shv=r20200909&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280&correlator=4262589847663&frm=20&pv=1&ga_vid=1180873681.1599891281&ga_sid=1599891281&ga_hid=805132598&ga_fc=1&iag=0&icsg=43016696818&dssz=31&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=611&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067034&oid=3&pvsid=1512294527960316&pem=170&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QtM5ACKeFC&p=https%3A//userupload.net&dtd=140
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200909/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5228806306542248&output=html&h=280&slotname=5298038844&adk=3658158944&adf=3044448856&w=350&fwrn=4&fwrnh=100&lmt=1599891281&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=350x280&url=https%3A%2F%2Fuserupload.net%2Fy5s9sexb7e7z&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1599891281781&bpp=3&bdt=523&idt=125&shv=r20200909&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280&correlator=4262589847663&frm=20&pv=1&ga_vid=1180873681.1599891281&ga_sid=1599891281&ga_hid=805132598&ga_fc=1&iag=0&icsg=43016696818&dssz=31&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=611&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067034&oid=3&pvsid=1512294527960316&pem=170&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QtM5ACKeFC&p=https%3A//userupload.net&dtd=140
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://userupload.net/y5s9sexb7e7z
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://userupload.net/y5s9sexb7e7z

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 12 Sep 2020 06:14:42 GMT
server
cafe
content-length
20161
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 12-Sep-2020 06:29:41 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Sat, 12 Sep 2020 06:14:42 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 0F0C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5228806306542248&output=html&h=280&slotname=4007740924&adk=2448036532&adf=2560393268&w=480&fwrn=4&fwrnh=100&lmt=1599891281&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=480x280&url=https%3A%2F%2Fuserupload.net%2Fy5s9sexb7e7z&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1599891281784&bpp=1&bdt=526&idt=142&shv=r20200909&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280%2C350x280&correlator=4262589847663&frm=20&pv=1&ga_vid=1180873681.1599891281&ga_sid=1599891281&ga_hid=805132598&ga_fc=1&iag=0&icsg=43016696818&dssz=31&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=695&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067034&oid=3&pvsid=1512294527960316&pem=170&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=7mAN8Cqnp7&p=https%3A//userupload.net&dtd=190
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200909/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5228806306542248&output=html&h=280&slotname=4007740924&adk=2448036532&adf=2560393268&w=480&fwrn=4&fwrnh=100&lmt=1599891281&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=480x280&url=https%3A%2F%2Fuserupload.net%2Fy5s9sexb7e7z&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1599891281784&bpp=1&bdt=526&idt=142&shv=r20200909&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280%2C350x280&correlator=4262589847663&frm=20&pv=1&ga_vid=1180873681.1599891281&ga_sid=1599891281&ga_hid=805132598&ga_fc=1&iag=0&icsg=43016696818&dssz=31&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=695&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067034&oid=3&pvsid=1512294527960316&pem=170&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=7mAN8Cqnp7&p=https%3A//userupload.net&dtd=190
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://userupload.net/y5s9sexb7e7z
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://userupload.net/y5s9sexb7e7z

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 12 Sep 2020 06:14:42 GMT
server
cafe
content-length
205
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 12-Sep-2020 06:29:41 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Sat, 12 Sep 2020 06:14:42 GMT
cache-control
private
pview
l.sharethis.com/ 		0
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/pview?event=pview&hostname=userupload.net&location=%2Fy5s9sexb7e7z&product=inline-share-buttons&url=https%3A%2F%2Fuserupload.net%2Fy5s9sexb7e7z&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Download%20Flix4u%20User%20Upload%20apk&cms=unknown&publisher=5c3f7ca0c9830d001319a65d&sop=true&bsamesite=true&consentDomain=.consensu.org&gdpr_domain=.consensu.org&gdpr_domain_v1=.consensu.org&version=st_sop.js&lang=en&description=Download%20File%20Flix4u%20User%20Upload%20apk
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.132.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-132-197.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://userupload.net/y5s9sexb7e7z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 12 Sep 2020 06:14:42 GMT
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
https://userupload.net
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
ads
googleads.g.doubleclick.net/pagead/ Frame C523 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5228806306542248&output=html&h=280&slotname=1042759759&adk=2198837252&adf=2833722400&w=350&fwrn=4&fwrnh=100&lmt=1599891282&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=350x280&url=https%3A%2F%2Fuserupload.net%2Fy5s9sexb7e7z&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1599891281785&bpp=1&bdt=528&idt=222&shv=r20200909&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280%2C350x280%2C480x280&correlator=4262589847663&frm=20&pv=1&ga_vid=1180873681.1599891281&ga_sid=1599891281&ga_hid=805132598&ga_fc=1&iag=0&icsg=43016696818&dssz=31&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1005&ady=512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067034&oid=3&pvsid=1512294527960316&pem=170&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=9eGai78y4w&p=https%3A//userupload.net&dtd=280
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200909/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5228806306542248&output=html&h=280&slotname=1042759759&adk=2198837252&adf=2833722400&w=350&fwrn=4&fwrnh=100&lmt=1599891282&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=350x280&url=https%3A%2F%2Fuserupload.net%2Fy5s9sexb7e7z&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1599891281785&bpp=1&bdt=528&idt=222&shv=r20200909&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280%2C350x280%2C480x280&correlator=4262589847663&frm=20&pv=1&ga_vid=1180873681.1599891281&ga_sid=1599891281&ga_hid=805132598&ga_fc=1&iag=0&icsg=43016696818&dssz=31&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1005&ady=512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067034&oid=3&pvsid=1512294527960316&pem=170&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=9eGai78y4w&p=https%3A//userupload.net&dtd=280
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://userupload.net/y5s9sexb7e7z
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://userupload.net/y5s9sexb7e7z

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 12 Sep 2020 06:14:42 GMT
server
cafe
content-length
204
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 12-Sep-2020 06:29:42 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Sat, 12 Sep 2020 06:14:42 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 6414 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5228806306542248&output=html&h=280&slotname=5644349740&adk=3102016549&adf=3760600436&w=730&fwrn=4&fwrnh=100&lmt=1599891282&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=730x280&url=https%3A%2F%2Fuserupload.net%2Fy5s9sexb7e7z&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1599891281786&bpp=1&bdt=528&idt=329&shv=r20200909&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280%2C350x280%2C480x280%2C350x280&correlator=4262589847663&frm=20&pv=1&ga_vid=1180873681.1599891281&ga_sid=1599891281&ga_hid=805132598&ga_fc=1&iag=0&icsg=43016696818&dssz=31&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=625&ady=933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067034&oid=3&pvsid=1512294527960316&pem=170&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&fsb=1&xpc=i95Zt3BGOD&p=https%3A//userupload.net&dtd=332
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200909/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5228806306542248&output=html&h=280&slotname=5644349740&adk=3102016549&adf=3760600436&w=730&fwrn=4&fwrnh=100&lmt=1599891282&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=730x280&url=https%3A%2F%2Fuserupload.net%2Fy5s9sexb7e7z&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1599891281786&bpp=1&bdt=528&idt=329&shv=r20200909&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280%2C350x280%2C480x280%2C350x280&correlator=4262589847663&frm=20&pv=1&ga_vid=1180873681.1599891281&ga_sid=1599891281&ga_hid=805132598&ga_fc=1&iag=0&icsg=43016696818&dssz=31&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=625&ady=933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067034&oid=3&pvsid=1512294527960316&pem=170&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&fsb=1&xpc=i95Zt3BGOD&p=https%3A//userupload.net&dtd=332
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://userupload.net/y5s9sexb7e7z
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://userupload.net/y5s9sexb7e7z

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 12 Sep 2020 06:14:42 GMT
server
cafe
content-length
12660
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 12-Sep-2020 06:29:42 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Sat, 12 Sep 2020 06:14:42 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame FC0D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5228806306542248&output=html&adk=1812271804&adf=3025194257&lmt=1599891282&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fuserupload.net%2Fy5s9sexb7e7z&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1599891281787&bpp=1&bdt=530&idt=338&shv=r20200909&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280%2C350x280%2C480x280%2C350x280%2C730x280&nras=1&correlator=4262589847663&frm=20&pv=1&ga_vid=1180873681.1599891281&ga_sid=1599891281&ga_hid=805132598&ga_fc=1&iag=0&icsg=43016696818&dssz=31&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067034&oid=3&pvsid=1512294527960316&pem=170&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&dtd=378
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200909/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5228806306542248&output=html&adk=1812271804&adf=3025194257&lmt=1599891282&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fuserupload.net%2Fy5s9sexb7e7z&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1599891281787&bpp=1&bdt=530&idt=338&shv=r20200909&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280%2C350x280%2C480x280%2C350x280%2C730x280&nras=1&correlator=4262589847663&frm=20&pv=1&ga_vid=1180873681.1599891281&ga_sid=1599891281&ga_hid=805132598&ga_fc=1&iag=0&icsg=43016696818&dssz=31&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067034&oid=3&pvsid=1512294527960316&pem=170&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&dtd=378
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://userupload.net/y5s9sexb7e7z
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://userupload.net/y5s9sexb7e7z

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 12 Sep 2020 06:14:42 GMT
server
cafe
content-length
668
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 12-Sep-2020 06:29:42 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Sat, 12 Sep 2020 06:14:42 GMT
cache-control
private
bframe
www.google.com/recaptcha/api2/ Frame 2D70 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=iSHzt4kCrNgSxGUYDFqaZAL9&k=6LfG5EUUAAAAAE7XFZvJfM0HHeaV1tQQqzZ7BTiX&cb=2updm83zlnc1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/iSHzt4kCrNgSxGUYDFqaZAL9/recaptcha__en.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-JLBVOttaWslfzB2TQLcYRw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=iSHzt4kCrNgSxGUYDFqaZAL9&k=6LfG5EUUAAAAAE7XFZvJfM0HHeaV1tQQqzZ7BTiX&cb=2updm83zlnc1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://userupload.net/y5s9sexb7e7z
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://userupload.net/y5s9sexb7e7z

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sat, 12 Sep 2020 06:14:42 GMT
content-security-policy
script-src 'report-sample' 'nonce-JLBVOttaWslfzB2TQLcYRw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1176
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/getconfig/ 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200909&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200909/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7043a265fede743c337a972ff6f3273be90b9613ea7530458e69ab5a6a0a20a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://userupload.net/y5s9sexb7e7z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 12 Sep 2020 06:14:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6761
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200909/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://userupload.net/y5s9sexb7e7z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Sep 2020 06:14:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1591403518460474"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5540
x-xss-protection
0
expires
Sat, 12 Sep 2020 06:14:42 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 0728 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/210/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://userupload.net/y5s9sexb7e7z
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://userupload.net/y5s9sexb7e7z

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4590
date
Sat, 12 Sep 2020 03:16:22 GMT
expires
Sun, 12 Sep 2021 03:16:22 GMT
last-modified
Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
10700
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
761 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200909&jk=1512294527960316&bg=!3N-l38dY9R2QRYs-5GACAAAAU1IAAAAMCgEn9HckDrOAz5yFtRvZu035Ihh1lodR7R4N2G5gLTMqNhSYtxG5lpYBawHLJ3heeLnnK_lF9XvMY1tiWlukPqLHkmyvWzTBv5OYQYlW1Flqu5mGXjjofrfkLOtVN_xahQzeet7BXXMtK5pAflSWMx_8CkyFwfyatQUVtUZUsPXeslG22EmNLIIsMqy6o1adyEH4kFtxozHzW5TxCPY1W9CO04HZJQLlBPaybtkqcRAVhkWI-Ut0TnREBfSzb6rtsTy--gPVTexmYmBxIDafTYsBHsXpMCC_Su_tCZG4li3QFw9S2_zucDiA-rNSoRf0wVjD30CK8ae2twKZo2tDW5oHDnb55UCw0Y2oMlqCwfpDGK5AfAS2l5P8bmf-EgkvlXeKDEn2Na6yGJkBv9eKvUVD11ncs4VxJPgF4rhXCC5sM71umA8z_r6TyXV3FJkAJaMUaP3hFJI0u0MFCBh-VGnvpYb0YTvNuv0lQBBkdPbdyvHuhnn4C_tKIcsFxbCKpqOPkJRniT-C4Ag3MYMbbhs8pI-LjixIwBUtWAEKF1f1pj8qhpUf0fGlk2a8FggG0QMvo_M1Pdm6dcdSp4urkZG7kzwKNcrkpLRHDLWVbuiEPRWItVA--mgEnw1y-SkhqyAQwV7gzPTaideZoDFfUCMVNxXaT6UB77-o1_WIXhRvCjva0pDC2EY8UPACidfzuZ3KpOQ7CXO4MiYksMShJnaA2_8VDyCoHwfPNsff6i3Cfg6XMfZ9PyXW0zkW2mIquxGKgIkOBQBb8rCLUx9Pu9zNnx7SSF1QWCgYtFEXyIs_mnea0_AhMIuBC5myd9Eb-sVVQsu_RKtN_TY5k3fAFUbvnsygfaXfpqbXxVvvC2Xo_QAw5OYlA3WdwnN2tacM1Q0rXZREPDbh9srWwinTuDVY9cApXWqcMvY_mDLlzd2cHUbf9BiN6H6VTqyfcRpNbdGG8TjBBqJf1HsNI8lrMm1ITmEEWyAC3cngsQ
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://userupload.net/y5s9sexb7e7z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Sep 2020 06:14:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
brandon_blk-webfont.woff2
userupload.net/ds2/fonts/ 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://userupload.net/ds2/fonts/brandon_blk-webfont.woff2
Requested by
Host: userupload.net
URL: https://userupload.net/ds2/css/style.min.css?v=0.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.89.234.230 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31202426.ip-51-89-234.eu
Software
Apache /
Resource Hash
f13d4a23664d1a212e275c7ccd6073d3751cd3554820a78fbf697a1fd6e251a3

Request headers

Origin
https://userupload.net
Referer
https://userupload.net/ds2/css/style.min.css?v=0.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 12 Sep 2020 06:14:46 GMT
Content-Encoding
gzip
Last-Modified
Sat, 07 Sep 2019 21:56:34 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
font/woff2
Cache-Control
max-age=1
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
26941
Expires
Sat, 12 Sep 2020 06:14:47 GMT

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| $ function| jQuery function| setPagination object| _gaq object| _gat object| gaGlobal number| timeout object| adsbygoogle object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| delComment function| player_start object| bootstrap object| jQuery191024444151012353843 object| clipboard object| st object| __stdos__ boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus function| __sharethis__docReady object| __sharethis__ object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad boolean| _gfp_p_ function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| recaptcha object| closure_lm_837451 function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms object| google_image_requests

10 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUk5Uml-urkDKTmqFxCMBiwwpvUEKlpRvD1VZydPkw6cOyp6K-tvKek2TsYk
.userupload.net/ Name: __utmb
Value: 30043835.1.10.1599891281
.userupload.net/ Name: __utmt
Value: 1
.userupload.net/ Name: __utma
Value: 30043835.1180873681.1599891281.1599891281.1599891281.1
.doubleclick.net/ Name: DSID
Value: NO_DATA
.userupload.net/ Name: aff
Value: 14526
.userupload.net/ Name: __utmc
Value: 30043835
.userupload.net/ Name: __utmz
Value: 30043835.1599891281.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.userupload.net/ Name: ref_url
Value:
.userupload.net/ Name: lang
Value: english

5 Console Messages

Source Level URL
Text
console-api log URL: https://userupload.net/ds2/js/countdown.js(Line 13)
Message:
Tick
console-api log URL: https://userupload.net/ds2/js/countdown.js(Line 13)
Message:
Tick
console-api log URL: https://userupload.net/ds2/js/countdown.js(Line 13)
Message:
Tick
console-api log URL: https://userupload.net/ds2/js/countdown.js(Line 13)
Message:
Tick
console-api log URL: https://userupload.net/ds2/js/countdown.js(Line 13)
Message:
Tick

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0;includeSubDomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
buttons-config.sharethis.com
c.sharethis.mgr.consensu.org
count-server.sharethis.com
fonts.gstatic.com
googleads.g.doubleclick.net
l.sharethis.com
pagead2.googlesyndication.com
platform-api.sharethis.com
platform-cdn.sharethis.com
ssl.google-analytics.com
stats.g.doubleclick.net
tgwidget.com
tpc.googlesyndication.com
userupload.net
www.google.com
www.googletagservices.com
www.gstatic.com
163.172.107.39
2600:9000:2057:fa00:1d:85c3:6640:93a1
2600:9000:214f:3e00:c:abe:f440:93a1
2600:9000:214f:a600:1c:8a07:5e80:93a1
2600:9000:214f:d600:c:a9b7:ddc0:93a1
2a00:1450:4001:808::2001
2a00:1450:4001:808::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:814::2004
2a00:1450:4001:814::2008
2a00:1450:4001:815::2003
2a00:1450:4001:819::2003
2a00:1450:4001:81a::2004
2a00:1450:4001:825::2002
2a00:1450:400c:c00::9d
3.127.132.197
3.226.37.37
51.89.234.230
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0595cd78fc2e895151da27f2de6361ea315f24a4d7371ef8db0d786e5e71bb9f
08d4e6308d4549372380e8a8d6b3de7613d304b43c2e6f50053af0338e5e0f67
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062
0df94541f853cfed3f723daf9632cefbe7b113edb2fcd087b5bf692f01e21a91
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
19beb10327997e7c00d9c8cb6a9ae4f72963968d2c763c6fe579071c9ee2b86a
28870619e0b50cef037f0ef0daba635dd98ea53bbdaa94244b724c42e23d94c1
2986551fd9e82929eabb8cba7c44f74a28d8496c744893432f067b320dff55da
3477023d8b7129eb517abf377492a608f2469ae91405fa62974e6771751e04ae
568c4d6160efabb5b61ed1d2add90083e6bef67fc9964a27310c8a135b1e077d
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
64ef1788e2c86fe9b9f65689843ec0d459ee8c1477b4fe26b88a3b3cc1e98c56
6b1116dbdcc8665059c0163cb6cd034a949402f5bc6294390e8ffee39952f6ae
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
7a93db43875d9c30ad91e97f045c8d339072fff00b5215c994bd0faecf1bf774
7b1ed14c8d4e5852e773d44304a3a33507ff993a4b6b70ea1d9fb8c6f68e7318
7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c
854f7a7915f240546d3950dd2b067466da13c013d04a3f8c790880c58ec61151
8bdf772d9fc521b1bac964b3e1287466cc5e6497f058ef97112f9a17b2591dfb
8bedd3a9d3d20f71aa28c17e75c18ddc9a323b823275ae9bec6a1b673ea646f5
9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99
b38e3464dee0d0f1007c2c1195c69202c8212455c982d1fddf214b8aeedcb417
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c1bd88cc54165fd50700598361e7484401e4cc1525866fa5a73e8a463df5c226
c4fb91befcf134b81ecfa1c586e1f9d6426c8f4fc1f6c130ac1fddb49ab5df96
c56fd6b910ca93a3fb1875e35074b8ce8501c319ebaa0e8b7252f7e4a7023fe6
c5d647f84ca95728d4bc197197626da00f274d59c1e6d5659550d851d7fb552b
c8ecfe747c979fbd87624913200a9237343679923b495885bced089b80fc84f6
d7c396c8a69d4fd8d8f5eeae071bff6600721663553e9e4c5b2a90b6fc0a0421
e1d4f21db649ec5795e70cb72e59fdec97af300c64b5d8abbc67f00688eb0ecd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f13d4a23664d1a212e275c7ccd6073d3751cd3554820a78fbf697a1fd6e251a3
f7043a265fede743c337a972ff6f3273be90b9613ea7530458e69ab5a6a0a20a
f79c8c5d16a9dd37461d1c9c82df0fd384d3cf2bc733e2948f636cd4ce6f3fda