upfilesurls.com Open in urlscan Pro
2606:4700:20::681a:88a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bit.ly/41KTJfF
Effective URL:
https://upfilesurls.com/gsxoY
Submission: On April 27 via manual (April 27th 2023, 3:26:32 am UTC) from VE — Scanned from DE

Summary HTTP 94 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 33 IPs in 6 countries across 27 domains to perform 94 HTTP transactions. The main IP is 2606:4700:20::681a:88a, located in United States and belongs to CLOUDFLARENET, US. The main domain is upfilesurls.com. The Cisco Umbrella rank of the primary domain is 582666.
TLS certificate: Issued by GTS CA 1P5 on March 29th 2023. Valid for: 3 months.

This is the only time upfilesurls.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.10 67.199.248.10	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	2606:4700:303... 2606:4700:3035::ac43:ad6a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 9	2606:4700:20:... 2606:4700:20::681a:88a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.91.159.191 142.91.159.191	7979 (SERVERS-COM) (SERVERS-COM)
8	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2606:4700::68... 2606:4700::6810:8616	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	37.48.68.71 37.48.68.71	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:2250:7c00:a:e047:752:b361	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	65.9.66.122 65.9.66.122	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.65.229 151.101.65.229	54113 (FASTLY) (FASTLY)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	141.95.33.111 141.95.33.111	16276 (OVH) (OVH)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 4	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	185.89.210.212 185.89.210.212	29990 (ASN-APPNEX) (ASN-APPNEX)
10	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
4	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	54.77.31.84 54.77.31.84	16509 (AMAZON-02) (AMAZON-02)
94	33

1 67.199.248.10 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:ad6a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

upfiles.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:20::681a:88a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

upfilesurls.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.91.159.191 (Netherlands)

ASN7979 (SERVERS-COM, US)

cschyogh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

cdntechone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700::6810:8616 (United States)

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.48.68.71 (Amsterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

datatechone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

b84ab7ff09167748dc551f93be21311a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:7c00:a:e047:752:b361 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-122.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.229 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.130 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.212 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.31.84 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-31-84.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	googlesyndication.com b84ab7ff09167748dc551f93be21311a.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 tpc.googlesyndication.com — Cisco Umbrella Rank: 177 ade.googlesyndication.com — Cisco Umbrella Rank: 317	96 KB
16	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 cm.g.doubleclick.net — Cisco Umbrella Rank: 313 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 394	207 KB
13	demand.supply live.demand.supply — Cisco Umbrella Rank: 32910	33 KB
10	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 373	93 KB
9	upfilesurls.com 1 redirects upfilesurls.com — Cisco Umbrella Rank: 582666	370 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 876	3 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 319	3 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 442 mug.criteo.com — Cisco Umbrella Rank: 1686	7 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 130	743 B
3	google.de adservice.google.de — Cisco Umbrella Rank: 5261	818 B
3	gstatic.com fonts.gstatic.com	69 KB
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 4649	315 B
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1319 id5-sync.com — Cisco Umbrella Rank: 612	18 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1550 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1323	12 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 238	49 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 4083	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 474	1 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 763	13 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 3991	2 KB
1	datatechone.com datatechone.com — Cisco Umbrella Rank: 19949	468 B
1	cdntechone.com cdntechone.com — Cisco Umbrella Rank: 51250	8 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	45 KB
1	cschyogh.com cschyogh.com	1 KB
1	upfiles.com 1 redirects upfiles.com — Cisco Umbrella Rank: 637768	1 KB
1	bit.ly 1 redirects bit.ly — Cisco Umbrella Rank: 4705	411 B
0	cloudfront.net Failed d18kg2zy9x3t96.cloudfront.net Failed
94	27

	Domain	Requested by
13	live.demand.supply	upfilesurls.com live.demand.supply client
11	pagead2.googlesyndication.com	b84ab7ff09167748dc551f93be21311a.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com upfilesurls.com www.googletagservices.com
10	s0.2mdn.net	upfilesurls.com s0.2mdn.net
9	upfilesurls.com	1 redirects upfilesurls.com
8	securepubads.g.doubleclick.net	upfilesurls.com securepubads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	tpc.googlesyndication.com	b84ab7ff09167748dc551f93be21311a.safeframe.googlesyndication.com tpc.googlesyndication.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	adservice.google.com	securepubads.g.doubleclick.net
3	adservice.google.de	securepubads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
2	ade.googlesyndication.com	upfilesurls.com
2	googleads4.g.doubleclick.net	upfilesurls.com
2	gum.criteo.com	1 redirects static.criteo.net
2	esp.rtbhouse.com	invstatic101.creativecdn.com
2	googleads.g.doubleclick.net	b84ab7ff09167748dc551f93be21311a.safeframe.googlesyndication.com pagead2.googlesyndication.com
2	b84ab7ff09167748dc551f93be21311a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	mug.criteo.com	upfilesurls.com
1	id5-sync.com	cdn.id5-sync.com
1	www.googletagservices.com	b84ab7ff09167748dc551f93be21311a.safeframe.googlesyndication.com
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	datatechone.com	cdntechone.com
1	cdntechone.com	upfilesurls.com
1	fonts.googleapis.com	upfilesurls.com
1	www.googletagmanager.com	upfilesurls.com
1	cschyogh.com	upfilesurls.com
1	upfiles.com	1 redirects
1	bit.ly	1 redirects
0	d18kg2zy9x3t96.cloudfront.net Failed	upfilesurls.com
94	36

This site contains links to these domains. Also see Links.

Domain
upfiles.com
sulvo.com

Subject Issuer	Validity	Valid
*.upfilesurls.com GTS CA 1P5	`2023-03-29` - `2023-06-27`	3 months	crt.sh
cschyogh.com R3	`2023-03-11` - `2023-06-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-01-26` - `2024-01-25`	a year	crt.sh
demand.supply Cloudflare Inc ECC CA-3	`2023-02-19` - `2024-02-19`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
datatechone.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-18` - `2023-12-24`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-02-25` - `2023-05-26`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-02-28` - `2023-05-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-03-20` - `2023-06-18`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://upfilesurls.com/gsxoY
Frame ID: F8EB09CB02BAECC658632F54A1812C18
Requests: 55 HTTP requests in this frame

Frame: https://b84ab7ff09167748dc551f93be21311a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 189E685C0BDC5FB5F85E415AFC3E721C
Requests: 1 HTTP requests in this frame

Frame: https://b84ab7ff09167748dc551f93be21311a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F1E6B972A61894C180824BB0C9CD1A56
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKrgbxCdkNj8AxjN0YjmATAB&v=APEucNXMR_4EivywackdOC10Dhf10h2CtsBoYplfTQ1fLp6himnkJLyVth_aigDXhK3wuHyuR17kEE2-PVSX8jdcqB3EbfjpsW3L7uAJ7MC2HAqeTzHAFDnuhhnnW92rXCZk-K1_QsQ7M0y4ad1OcK2-I6xNcPwNizcMVlhc3qEaEwEIhMGqII8CmTp2eyptad_RklDMdUCMfsDN6J1rymCCpruMh-aT9Q
Frame ID: 77E0290FFDF3FE7D378CA2CF10BEF4C6
Requests: 5 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=upfilesurls.com
Frame ID: 29F9D9301A53F6CC0A1A6DEF929AB0B5
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FA3E6C730A5F0AF9F7CF1A068FA85E39
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17103966758194605335/728x90/index.html
Frame ID: 9D8B4247DC7EF8F942D5ACF1E0181EE2
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mexican Earthquake.mp4

Page URL History Show full URLs

http://bit.ly/41KTJfF HTTP 301
https://upfiles.com/gsxoY HTTP 302
https://upfilesurls.com/gsxoY?auth=eyJpdiI6InhuR0JHTW9WVElhbmpnazBSQVdFNHc9PSIsInZhbHVlIjoiTkdwcTF5a... HTTP 302
https://upfilesurls.com/gsxoY Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

94
Requests

94 %
HTTPS

59 %
IPv6

27
Domains

36
Subdomains

33
IPs

6
Countries

1030 kB
Transfer

3128 kB
Size

20
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://upfiles.com/

Search URL Search Domain Scan URL

URL: https://upfiles.com/page/payment-proof
Title: Payment Proof

Search URL Search Domain Scan URL

URL: https://upfiles.com/page/payout-rates
Title: Payout Rates

Search URL Search Domain Scan URL

URL: https://upfiles.com/login
Title: Login

Search URL Search Domain Scan URL

URL: https://upfiles.com/register
Title: Sign Up

Search URL Search Domain Scan URL

URL: https://sulvo.com/?utm_source=https://upfilesurls.com/gsxoY&utm_adtype=sticky_display&utm_medium=sulvo

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bit.ly/41KTJfF HTTP 301
https://upfiles.com/gsxoY HTTP 302
https://upfilesurls.com/gsxoY?auth=eyJpdiI6InhuR0JHTW9WVElhbmpnazBSQVdFNHc9PSIsInZhbHVlIjoiTkdwcTF5amlEVFlibkEwbmpSM2g4Zz09IiwibWFjIjoiYmZjYzgwY2Q4NjAyYTU4NDYxNDA0NDRkNmJhMzg1OTgxMTVlZTA4NGMzMTA2Yjg1NjI4Mjg0ZDgxYjQwMzUyZiIsInRhZyI6IiJ9 HTTP 302
https://upfilesurls.com/gsxoY Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59

https://gum.criteo.com/sid/json?origin=publishertagids&domain=upfilesurls.com&sn=ChromeSyncframe&so=0&topUrl=upfilesurls.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=nmhMJHxlVk9TV0s1QVRyTkhsa2cvVXBIREVYT0V5UXNTWDRVY1lkSmlDaGM2b25GSUJrL1JRM0FuTFJoV0RlTVVXaDNLc3BCalZxakY5bTlkZDVGdmJCaXdpMnFSQmpGSDBsNzR3TVgwOEM5N2Q0b2xuSktGdDFjeUdXbHhTWVhPU0I0RnVUTTQrdlI1dTNiMlduK2xBQmlFN1VzbFBWY3pmTDdVTFh4bFRDSmxHUkdYWEc0TUpidWd1K2JnenVDQXYyMzZGWEtscUdUSXZCNXEvNFZPbHM1UW9MNGZiZ2hlRFFDZjg0OXk3aHg0TUltcHM1U3JUeS9rampCUytJZ0dwY0FHVWoxOTZVNWRNQkkvZVlhajVHajNTUT09fA&cppv=2

Request Chain 60

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKQtQAGP9pet0TtLcg_DImo&google_cver=1

Request Chain 61

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZEnrShB-xBg.0y4W8LybkgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECDXcVfYVBVb83lCIgca27M&google_cver=1&google_hm=2

Request Chain 62

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECWb3OXW6WIWfCDfqQTkRKw&google_cver=1

Request Chain 63

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzMyMDE4NDM0MjUzMDk4MDEyNA%3D%3D

94 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request gsxoY Show response
upfilesurls.com/
Redirect Chain

http://bit.ly/41KTJfF
https://upfiles.com/gsxoY
https://upfilesurls.com/gsxoY?auth=eyJpdiI6InhuR0JHTW9WVElhbmpnazBSQVdFNHc9PSIsInZhbHVlIjoiTkdwcTF5amlEVFlibkEwbmpSM2g4Zz09IiwibWFjIjoiYmZjYzgwY2Q4NjAyYTU4NDYxNDA0NDRkNmJhMzg1OTgxMTVlZTA4NGMzMTA2Yj...
https://upfilesurls.com/gsxoY

90 KB
38 KB

566ms
566ms

Document
text/html

2606:4700:20::681a:88a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://upfilesurls.com/gsxoY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:88a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4869b8fb24f2bdc193c70b14b36041c187d958c61bf3e2597c12079be29a4bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7be3f6274b059bd4-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 27 Apr 2023 03:26:01 GMT
expires: -1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VAQ%2B1%2B0SHEkPAPr13BXAFCYdOqzNrn5z%2BE3oHqqcS2KQBgztUmA07J2w%2Fwi006Kouw8NjYq1P7ebtmrvpNZHBHP87vSINu45f4IPR1yLtU6jnFmUgNAPbv3mpx2lc5wiFKS79pwBF%2FVtX2NfqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

cache-control: private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7be3f62599d99bd4-FRA
content-type: text/html; charset=UTF-8
date: Thu, 27 Apr 2023 03:26:00 GMT
expires: -1
location: https://upfilesurls.com/gsxoY
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zCm%2FR2C96Vc%2FRAioycQ8HAyqDOA7ZRxxlTziU00HpKeV%2FC0J0OJdfRuShZa0h2GgAxu1X9H6JVAU9LZnqEBLkAYPTklhuiOqzmwMz45UvGcmJCDFE7LNoprvJLWqeo876494QHgt7MV5sF%2FNQA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 frontend.css
upfilesurls.com/css/ 255 KB
47 KB 29ms
28ms Stylesheet
text/css 2606:4700:20::681a:88a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://upfilesurls.com/css/frontend.css?id=2396ffb76e738e465b53

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/gsxoY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:88a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e51161fcc5b2c4b90c3381e517152eb275d52a6c288954e502479d7421386240

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/gsxoY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:26:01 GMT
strict-transport-security: max-age=31536000, max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10583630
content-encoding: br
cf-bgj: minify
last-modified: Wed, 21 Dec 2022 18:47:00 GMT
server: cloudflare
etag: W/"63a354a4-3f918"
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MWFNs4IB4cKkQRqEv50f5AMGMTWnCdGPOqfp0LB1aAqlhius5Hl%2BkRBX7Q7tpXLfTlQLhtF0eYmx%2FHit1Hk1gsqxwaUBeY%2Bp6%2BRwfbISs1Zu1xS5o2e9OldDNIawtzlvaFfw%2FKVu3fA73jOdWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7be3f62afdae9bd4-FRA

GET
H2 200 logo.svg
upfilesurls.com/img/ 22 KB
6 KB 23ms
22ms Image
image/svg+xml 2606:4700:20::681a:88a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upfilesurls.com/img/logo.svg

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/gsxoY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:88a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d526da1f4d4af45cefd2a0d140abec2beddc3150d13c47d3de893eaa278a369d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/gsxoY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:26:01 GMT
strict-transport-security: max-age=31536000, max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 215223
content-encoding: br
last-modified: Fri, 08 Apr 2022 10:55:45 GMT
server: cloudflare
etag: W/"625014b1-56e8"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a0xAAZMNynqOE4JWC6dqh2XkxG4%2Fi7yN%2F%2BrDuZMxbUji8vkDrVZTQScsqvkPYxU583WxTpkdtVKFq2fIN8eVzRy1E%2Bw1C%2Fpru61MpBSniw22npSwQ5QqnluwkTITna7Nx8KOlV79pQdTV54Jpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 7be3f62afdaf9bd4-FRA

GET
H2 200 menu.svg
upfilesurls.com/img/ 2 KB
736 B 27ms
23ms Image
image/svg+xml 2606:4700:20::681a:88a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upfilesurls.com/img/menu.svg

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/gsxoY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:88a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d3e6705b468cecdd78fb9a1ee6688d60e1d2c1caa0db7baa88db460315dccea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/gsxoY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:26:01 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2023 16:39:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 215223
etag: W/"63d009ce-72e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wuc90UQeM9OwCWnFjA9GV8RaquaEqOBMFVQUC7TXGujC%2Fw0NqXD9YNn%2FE9kZDqukjXYtw40cEtT8Vx2U6RisrjZ69KFPqiVbAQVYqx4j9xJITJnXSi50kNLveJ4y2H8dHqOiWfWssd4WIRvChQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=2592000
cf-ray: 7be3f62c0e4c9bd4-FRA

GET
H/1.1 200
OK 34742 Show response
cschyogh.com/1clkn/ 6 B
1 KB 122ms
38ms Script
application/javascript 142.91.159.191
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://cschyogh.com/1clkn/34742

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/gsxoY

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

142.91.159.191 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Thu, 27 Apr 2023 03:26:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=1
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Keep-Alive: timeout=20

GET /
d18kg2zy9x3t96.cloudfront.net/ 0
0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 74 KB
25 KB 483ms
311ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/gsxoY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a83572a1fab9170bffead1e851ef6702363858d56d4300268be5e98a95fc4c21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:26:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25062
x-xss-protection: 0
server: cafe
etag: 287 / 19474 / 31074121 / config-hash: 18063574894499659646
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 27 Apr 2023 03:26:02 GMT

GET
H2 200 faqs-image.svg
upfilesurls.com/img/ 37 KB
13 KB 24ms
20ms Image
image/svg+xml 2606:4700:20::681a:88a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upfilesurls.com/img/faqs-image.svg

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/gsxoY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:88a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a717285429d468fadc4d25179fc6feb49e6335f3af1675fb6be1cb50e7e8322

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/gsxoY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:26:01 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Jan 2023 13:29:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 662502
etag: W/"63c15cbf-95fb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=emD8G2yUeORaGRycfMIv71xjARS%2B0UKZTqf3t%2BzEnYtMu4%2Fots7%2ByM7%2BL%2Fy4nCZrfBHHCFjHPioeTdjjr2z0fNFvW7j%2F8x8g34%2BYl2MSnvBT9lGkEjXyVGiZCMXQJufTpPjMx3cFyM5hGwevUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=2592000
cf-ray: 7be3f62c0e4f9bd4-FRA

GET
H2 200 plane.svg
upfilesurls.com/img/ 684 B
817 B 23ms
20ms Image
image/svg+xml 2606:4700:20::681a:88a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upfilesurls.com/img/plane.svg
Requested by: Host: upfilesurls.com
URL: https://upfilesurls.com/gsxoY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:88a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d454583aa343d4c8aa4e42c0876b20e60c20c0b89284e4ef0c662d0426c18254

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/gsxoY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:26:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Jan 2023 13:29:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 215199
etag: W/"63c15cbf-2ac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bsyiHrVc%2F1jAZE%2Ftos4ZOiJQL7r053kD4dXkU5Tv5o1xnZPYePYLu2gtdOcC6Or4elMX1fHC30%2B2GYp5%2Fn1UUB1Uvi4oEzF7gDNzFeq%2FFGw%2F%2FIul7pp1yUauR7sQRik46BBw%2F0NbUZzNLVWMiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=2592000
cf-ray: 7be3f62c0e509bd4-FRA

GET
H2 200 ads.js Show response
upfilesurls.com/js/ 2 KB
1014 B 25ms
25ms Script
application/javascript 2606:4700:20::681a:88a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://upfilesurls.com/js/ads.js

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/gsxoY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:88a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a6496c9ba51de9268160abd403069b72cbf8a70bec8c61f3df9f0fd119aa953

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/gsxoY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:26:01 GMT
strict-transport-security: max-age=31536000, max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10583500
content-encoding: br
cf-bgj: minify
last-modified: Thu, 22 Dec 2022 14:10:31 GMT
server: cloudflare
etag: W/"63a46557-605"
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CR8MyjKUF1QXht9FW0SzwWyZiKsHDflfE6gEN77u2Wy232NcDjsHe30tl0slXOO1yVh0pOrDW55b1ptF3pWluN5TIjHhhlKXYe3oLoD9q4eYoZPB4VQaRMctbDubHrbGvWy5yclI3inwALwB9A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7be3f62b2dc49bd4-FRA

GET
H2 200 frontend.js Show response
upfilesurls.com/js/ 958 KB
262 KB 33ms
32ms Script
application/javascript 2606:4700:20::681a:88a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://upfilesurls.com/js/frontend.js?id=88f283c744d8a6e43cfb

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/gsxoY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:88a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e87e0991dcfaa2c7b015d284d8b5d872363eb52af458b63c8449351b4b24612f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/gsxoY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:26:01 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9388077
cf-polished: origSize=980842
cf-bgj: minify
last-modified: Sun, 08 Jan 2023 11:38:01 GMT
server: cloudflare
etag: W/"63baab19-ef76a"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2OUoc2ZM71XAKdO%2FiqR%2FyV0R%2FvLC7JHogcoTKfOlxDqOknlwv5PcFXF9RoA7Z8gCzrzg3svz9MEFhSZK3KfanX%2FJCXEPgVBqedMEjNV81NEKMj%2FKRffP39DOS0E9oP4bFtdNSM68GBq%2B4tg99A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 7be3f62bfe469bd4-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 114 KB
45 KB 148ms
60ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-197252557-1

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/gsxoY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e9cbaaab6ffc005589d1c3f8b84d04f07ddb878451c7dacdb5b1e344d761dcbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:26:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45408
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 27 Apr 2023 03:26:01 GMT

GET
H2 200 css2
fonts.googleapis.com/ 18 KB
1 KB 131ms
47ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/css/frontend.css?id=2396ffb76e738e465b53

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

122b045d95227f20b88e28c6fb8336f022295044d74694904ddaa04d4022ac45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 27 Apr 2023 03:26:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 03:26:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Apr 2023 03:26:01 GMT

GET
H2 200 stattag.js Show response
cdntechone.com/ 18 KB
8 KB 310ms
22ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdntechone.com/stattag.js
Requested by: Host: upfilesurls.com
URL: https://upfilesurls.com/gsxoY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d45b2164e7d4b3463daed6795455b3a92c97f008b419ab071c7298d02171144

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:26:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 06 Mar 2023 09:49:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4620
etag: W/"6405b746-4829"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a5zvO0ggzrrJ9wri0z4gEneqvIFmV9PpIOW5KHACUkNxJqjXUV%2FrB140N5nCvCja9mkrZYIdWGeDVy7z51pg0z5kVy%2FsiGbw%2FdjnV8IZx2I3QgNGyl2ux0L5sOqTwRB9PXLXjkTeTB26E%2BAxWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7be3f62dda50694c-FRA
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 up.js Show response
live.demand.supply/ 5 KB
3 KB 214ms
163ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/up.js
Requested by: Host: upfilesurls.com
URL: https://upfilesurls.com/gsxoY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdd81eaa7726dbd3a0ecc2d2de70ec2ae470afc424d9a186d2b358d7a645634c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GYAHT2SN209EXQN5SXM4JVJ5
date: Thu, 27 Apr 2023 03:26:01 GMT
content-encoding: br
cf-cache-status: HIT
age: 742
cf-polished: origSize=4391
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"2bcc750d9f5a6b1343fb85264ffd8b3b-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 7be3f62c5b3735ed-FRA
link: <https://live.demand.supply/impl.v16.7.1.js>; rel=preload; as=script,<https://live.demand.supply/p4/v16-2-0/dXBmaWxlc3VybHMuY29tLw==>; rel=preload; as=script
timing-allow-origin: *

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 37 KB
38 KB 141ms
62ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://upfilesurls.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 06:05:37 GMT
x-content-type-options: nosniff
age: 422424
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37924
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 06:05:37 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 182ms
102ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://upfilesurls.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 06:22:44 GMT
x-content-type-options: nosniff
age: 421397
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 06:22:44 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 182ms
112ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://upfilesurls.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 06:10:15 GMT
x-content-type-options: nosniff
age: 422146
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 06:10:15 GMT

GET
H2 200 impl.v16.7.1.js Show response
live.demand.supply/ 73 KB
24 KB 29ms
28ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/impl.v16.7.1.js
Requested by: Host: upfilesurls.com
URL: https://upfilesurls.com/gsxoY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbd979b253f1094192758b903dbf1258373e373ea264905849c30ca44931e1e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GYAHAQ430A5TEKDY09RNW2H8
date: Thu, 27 Apr 2023 03:26:01 GMT
content-encoding: br
cf-cache-status: HIT
age: 732541
cf-polished: origSize=75202
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"af5bcf980a6a31d6010a8947169a5412-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 7be3f62d5be235ed-FRA

GET
H2 200 dXBmaWxlc3VybHMuY29tLw== Show response
live.demand.supply/p4/v16-2-0/ 984 B
543 B 120ms
118ms Script
text/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v16-2-0/dXBmaWxlc3VybHMuY29tLw==
Requested by: Host: upfilesurls.com
URL: https://upfilesurls.com/gsxoY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20ee5b6c7d76a068137ad4d38ad84692ed7f0fbbe569fa52d7555c7f65b6028a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:26:01 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 7be3f62d5be335ed-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
498 B 45ms
21ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?e=ll&d=216&cs=c&dsReferer=dXBmaWxlc3VybHMuY29tL2dzeG9Z
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GYF9797TYACQHZ92R8V8S5E1
date: Thu, 27 Apr 2023 03:26:01 GMT
cf-cache-status: HIT
age: 572237
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7be3f62d8974bbeb-FRA

GET
H2 200 dXBmaWxlc3VybHMuY29tL2dzeG9Z Show response
live.demand.supply/p4/v16-2-0/ 984 B
603 B 86ms
85ms Script
text/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v16-2-0/dXBmaWxlc3VybHMuY29tL2dzeG9Z
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20ee5b6c7d76a068137ad4d38ad84692ed7f0fbbe569fa52d7555c7f65b6028a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:26:01 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 7be3f62d5be535ed-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 ds.2.html Show response
live.demand.supply/ 413 B
642 B 44ms
21ms XHR
text/html 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GW21D4ZC7MNS01SEGZ2MBEKS
date: Thu, 27 Apr 2023 03:26:01 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 571350
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 7be3f62d8972bbeb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 upfilesurls.com_auto_728x90_sticky_display_bottom Show response
live.demand.supply/cp/ 29 B
392 B 147ms
147ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/upfilesurls.com_auto_728x90_sticky_display_bottom?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=dXBmaWxlc3VybHMuY29tL2dzeG9Z
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.7.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a57a359e1c169d89a071f4ca1b31e3587837b56d18851c3b1b50bc6e899b19b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:26:02 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7be3f62de9e7bbeb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29

POST
H/1.1 200
OK add Show response
datatechone.com/log/ 2 B
468 B 50ms
13ms XHR
text/plain 37.48.68.71
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://datatechone.com/log/add?cid=099bff94-57af-4b2b-a42c-300c65c51697
Requested by: Host: cdntechone.com
URL: https://cdntechone.com/stattag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.48.68.71 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://upfilesurls.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 27 Apr 2023 03:26:01 GMT
Server: nginx/1.19.10
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://upfilesurls.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 2

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
496 B 22ms
21ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=upfilesurls.com_auto_728x90_sticky_display_bottom&pdc=0.3599270820617676&ucv=null&e=tcp&dsReferer=dXBmaWxlc3VybHMuY29tL2dzeG9Z
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.7.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GYF9797TYACQHZ92R8V8S5E1
date: Thu, 27 Apr 2023 03:26:02 GMT
cf-cache-status: HIT
age: 572238
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7be3f62edaacbbeb-FRA

GET
H3 200 sdb.css
live.demand.supply/css/ 4 KB
2 KB 28ms
28ms Stylesheet
text/css 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/css/sdb.css
Requested by: Host: client
URL: about:client
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GTP882AJGXJCM3VNH3JF57QN
date: Thu, 27 Apr 2023 03:26:02 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 2158965
etag: W/"14c5381be186641471a926a081d90c88-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 7be3f62edaf83a8c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/ 399 KB
124 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074121

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eebca01c60b315a6937fea6c94dfaa2b2afcb61cd14cdf7e655cefec2fc32017

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 20:22:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25402
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126587
x-xss-protection: 0
server: cafe
etag: 1883905843074567667
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 25 Apr 2024 20:22:40 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 587 B
326 B 143ms
70ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=upfilesurls.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61f7d9eaabbfde4b1fe0a802ca35b9bc8ce06e6d585a0a10071c155c6bcab518

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:26:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Thu, 27 Apr 2023 03:26:02 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 147ms
47ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=upfilesurls.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074121

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:26:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 140ms
44ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=upfilesurls.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074121

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:26:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 2 KB
957 B 288ms
287ms XHR
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4000335004012069&correlator=1927210099670664&eid=31072879%2C31074121%2C44790325%2C44789879&output=ldjh&gdfp_req=1&vrg=202304200101&ptt=17&impl=fif&iu_parts=44890869%3A22859910411%2Cca-pub-3831894559014614-tag%2C044293ce-89b1-498a-9bcf-8275878b2c1e&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&adks=3902365316&sfv=1-0-40&ists=1&fas=8&prev_scp=ti%3D70bb9c0a-f2d4-40a1-9b36-c42dd9078fc0%26chrand%3Dy%26pof%3D0%26interstitials-bid%3D3%26bid-p%3Dgoogle%26bsc%3D46&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1682565962308&lmt=1682565962&dlt=1682565961411&idt=853&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fupfilesurls.com%2FgsxoY&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=511832029.1682565962&ga_sid=1682565962&ga_hid=1261280659&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074121

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e513eca2bb7e7a4a01708638213319204d53b4f39ceb35e47f259ab16707431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:26:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 927
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://upfilesurls.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
7 KB 326ms
325ms XHR
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4000335004012069&correlator=36503796024227&eid=31072879%2C31074121%2C44790325%2C44789879&output=ldjh&gdfp_req=1&vrg=202304200101&ptt=17&impl=fif&iu_parts=44890869%3A22859910411%2Cca-pub-3831894559014614-tag%2C09dea4b7-b301-4406-9573-8ca469e4fde9&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=2&adks=366313947&sfv=1-0-40&prev_scp=ti%3D70bb9c0a-f2d4-40a1-9b36-c42dd9078fc0%26chrand%3Dy%26pof%3D0%26bid%3D0.16%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D46&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1682565962317&lmt=1682565962&dlt=1682565961411&idt=853&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fupfilesurls.com%2FgsxoY&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=511832029.1682565962&ga_sid=1682565962&ga_hid=1261280659&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074121

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4bd45fcc1f040b9c6bc54fc6f8b4b798d533984365b298b317e324c679c8eea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:26:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7506
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://upfilesurls.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
b84ab7ff09167748dc551f93be21311a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 189E 6 KB
3 KB 165ms
43ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b84ab7ff09167748dc551f93be21311a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074121

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upfilesurls.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 27 Apr 2023 03:26:02 GMT
expires: Fri, 26 Apr 2024 03:26:02 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/ 33 KB
12 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl_page_level_ads.js?cb=31074121

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074121

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e1070ef03510c03bf072fc9acc862eb3e3bc71cd0079472eb0dc10455e9838a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 10:37:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60532
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11862
x-xss-protection: 0
server: cafe
etag: 16286120947684496633
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 25 Apr 2024 10:37:10 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
498 B 19ms
19ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=upfilesurls.com_auto_interstitial_desktop&e=nai&dsReferer=dXBmaWxlc3VybHMuY29tL2dzeG9Z
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.7.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GYF9797TYACQHZ92R8V8S5E1
date: Thu, 27 Apr 2023 03:26:02 GMT
cf-cache-status: HIT
age: 572238
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7be3f6325d90bbeb-FRA

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 48ms
46ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=upfilesurls.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074121

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:26:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 46ms
44ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=upfilesurls.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074121

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:26:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
744 B 290ms
289ms XHR
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4000335004012069&correlator=2805195022622804&eid=31072879%2C31074121%2C44790325%2C44789879&output=ldjh&gdfp_req=1&vrg=202304200101&ptt=17&impl=fif&iu_parts=44890869%3A22859910411%2Cca-pub-3831894559014614-tag%2C8218a573-db51-4303-a715-73cced357d63&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=3&adks=655150013&sfv=1-0-40&ists=1&fas=8&prev_scp=ti%3D70bb9c0a-f2d4-40a1-9b36-c42dd9078fc0%26chrand%3Dy%26pof%3D0%26interstitials-bid%3D0.2%26bid-p%3Dgoogle%26bsc%3D46&eri=1&sc=1&cookie=ID%3Db476abeddc029326%3AT%3D1682565962%3AS%3DALNI_MYtT2mjpLZxhsjxMNsbYDtYBPcb2w&gpic=UID%3D00000bf168976e85%3AT%3D1682565962%3ART%3D1682565962%3AS%3DALNI_MZ7rJvhTRg6DkiK5zWWdn2WhTYNUw&abxe=1&dt=1682565962624&lmt=1682565962&dlt=1682565961411&idt=853&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fupfilesurls.com%2FgsxoY&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=511832029.1682565962&ga_sid=1682565962&ga_hid=1261280659&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074121

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

64115d57d55c36e37e807ef9c00f498fda7c453cda6db7241cebbbadf19dd2b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:26:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 713
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://upfilesurls.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 5679ms
4666ms Script
text/javascript 2600:9000:2250:7c00:a:e047:752:b361
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074121
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:7c00:a:e047:752:b361 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Thu, 27 Apr 2023 02:50:38 GMT
Via: 1.1 db1cc9ceb7681bf2a56c0f22acac3a36.cloudfront.net (CloudFront)
Last-Modified: Mon, 23 Jan 2023 04:07:36 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 2126
x-amz-server-side-encryption: AES256
ETag: "aded621b17723f487b3c9d0e43cf2f94"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1859
X-Amz-Cf-Id: mU-092LzN9n6z5ajjddnLZz2nBEJsvJt6PWfY07knpLuOyYmDo5rQg==

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 39 KB
13 KB 61ms
21ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074121

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:26:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-9c21"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 28 Apr 2023 03:26:02 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 1018ms
296ms Script
text/javascript 65.9.66.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074121
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-122.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9cf4fc9350f69e442ebfdf130d4e601377e9273b642282a1ebb4f79d6116e8c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 00:30:12 GMT
content-encoding: gzip
via: 1.1 f2fa38e6635ded6d22a69d089217bc90.cloudfront.net (CloudFront)
last-modified: Thu, 27 Apr 2023 00:14:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 10552
etag: W/"37e703da55f96b973658b8e7aeed0e93"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: Nq91H7mbKMS6oHpzqchYizMULXLCnyJq4DGiz4n_vZKJg4nwJ5Km6A==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 59 KB
17 KB 62ms
22ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074121

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:26:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 06 Apr 2023 12:00:04 GMT
server: cloudflare
x-amz-request-id: QMTF7Y0EQJWTVWC1
age: 3375
etag: W/"110f0c3c343ee36404c8a2300f4755c3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7be3f632ed902bd6-FRA
x-amz-id-2: SeWCqnl1Kp+QuGy2EIyalJ8BkaauZ+FQHDvyvpN+WMxuOXaApqhXsz69QeQqfnfMQbX59aUJB90=

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 503ms
71ms Script
application/javascript 151.101.65.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074121

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 27 Apr 2023 03:26:03 GMT
x-content-type-options: nosniff
age: 8756
x-jsd-version: master
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 732
x-served-by: cache-fra-eddf8230041-FRA
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 2 KB
2 KB 54ms
15ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074121
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0390a205adde41148772c08262a87b8b173f4d1df61e9ce323b89069827643c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 02:50:25 GMT
via: 1.1 google
age: 2137
x-guploader-uploadid: ADPycduhjLnzBs_SuPeLiO-3vIHf1C2Hw6Lh0_me3R9kDvZLUpGDsBy0JJ5_7q4K4uoqoZHoX87X4BxNQddz1kbUzmrVpVqihJEZ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1980
last-modified: Tue, 25 Apr 2023 13:43:05 GMT
server: UploadServer
etag: "692cc2d6f486e447021bff2a69a35f34"
x-goog-generation: 1682430185162277
x-goog-hash: crc32c=dKXvLw==, md5=aSzC1vSG5EcCG/8qaaNfNA==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 1980
accept-ranges: bytes
expires: Thu, 27 Apr 2023 03:50:25 GMT

GET
H2 200 container.html Show response
b84ab7ff09167748dc551f93be21311a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F1E6 6 KB
3 KB 36ms
35ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b84ab7ff09167748dc551f93be21311a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074121

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upfilesurls.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 27 Apr 2023 03:26:02 GMT
expires: Fri, 26 Apr 2024 03:26:02 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 182 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 834 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
497 B 19ms
19ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.16&b=2&r=upfilesurls.com_auto_728x90_sticky_display_bottom&sy=537afd89-b045-43dc-bbfb-943b34cddcb8&ts=46&cd=2&pud=216&pus=c&pue=1922&pid=33&pis=c&pie=1955&ppd=121&pps=a&ppe=2043&pcl=-1682565959894&ttc=2013&tti=2781&ttif=0&lca=2043&lcak=ppe&lct=2043&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=upfilesurls.com&mlre=undefined&mlin=0&mlsi=728x90&mlbw=4g&mlcs=NaN&mltp=70bb9c0a-f2d4-40a1-9b36-c42dd9078fc0&e=lm&dsReferer=dXBmaWxlc3VybHMuY29tL2dzeG9Z
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.7.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GYF9797TYACQHZ92R8V8S5E1
date: Thu, 27 Apr 2023 03:26:02 GMT
cf-cache-status: HIT
age: 572238
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7be3f632bdccbbeb-FRA

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 77E0 624 B
827 B 146ms
53ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKrgbxCdkNj8AxjN0YjmATAB&v=APEucNXMR_4EivywackdOC10Dhf10h2CtsBoYplfTQ1fLp6himnkJLyVth_aigDXhK3wuHyuR17kEE2-PVSX8jdcqB3EbfjpsW3L7uAJ7MC2HAqeTzHAFDnuhhnnW92rXCZk-K1_QsQ7M0y4ad1OcK2-I6xNcPwNizcMVlhc3qEaEwEIhMGqII8CmTp2eyptad_RklDMdUCMfsDN6J1rymCCpruMh-aT9Q

Requested by

Host: b84ab7ff09167748dc551f93be21311a.safeframe.googlesyndication.com
URL: https://b84ab7ff09167748dc551f93be21311a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b84ab7ff09167748dc551f93be21311a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Apr 2023 03:26:02 GMT
expires: Thu, 27 Apr 2023 03:26:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame F1E6 78 KB
28 KB 142ms
49ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: b84ab7ff09167748dc551f93be21311a.safeframe.googlesyndication.com
URL: https://b84ab7ff09167748dc551f93be21311a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b84ab7ff09167748dc551f93be21311a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:26:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28043
x-xss-protection: 0
server: cafe
etag: 15270303690107644053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 27 Apr 2023 03:26:02 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F1E6 42 B
173 B 181ms
89ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B_WAjFUP9u6P3KfnH5gGJIEl70UzJR7UNU_cO9WOLWZRsPmwZC1IE9A_qZMgqE8i-KsIlTLGm799twzfCd575PrquJ_fw7iV0teU5S9UvF_sixsF4

Requested by

Host: b84ab7ff09167748dc551f93be21311a.safeframe.googlesyndication.com
URL: https://b84ab7ff09167748dc551f93be21311a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b84ab7ff09167748dc551f93be21311a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 03:26:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F1E6 0
58 B 183ms
91ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=9837317095804494070&x=1&ct=119

Requested by

Host: b84ab7ff09167748dc551f93be21311a.safeframe.googlesyndication.com
URL: https://b84ab7ff09167748dc551f93be21311a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b84ab7ff09167748dc551f93be21311a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 03:26:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/ Frame F1E6 3 KB
1 KB 143ms
43ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/window_focus_fy2021.js

Requested by

Host: b84ab7ff09167748dc551f93be21311a.safeframe.googlesyndication.com
URL: https://b84ab7ff09167748dc551f93be21311a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b84ab7ff09167748dc551f93be21311a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 00:54:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9076
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 May 2023 00:54:46 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/ Frame F1E6 19 KB
8 KB 138ms
38ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: b84ab7ff09167748dc551f93be21311a.safeframe.googlesyndication.com
URL: https://b84ab7ff09167748dc551f93be21311a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1703a72fa6f4e4c3e4226e77f416e403c9350226515a4addb2dba832adddec33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b84ab7ff09167748dc551f93be21311a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 02:00:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5110
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7958
x-xss-protection: 0
server: cafe
etag: 6327879953816217519
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 May 2023 02:00:52 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F1E6 158 KB
49 KB 152ms
52ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b84ab7ff09167748dc551f93be21311a.safeframe.googlesyndication.com
URL: https://b84ab7ff09167748dc551f93be21311a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b84ab7ff09167748dc551f93be21311a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:26:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49538
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682508732222081"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Apr 2023 03:26:02 GMT

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 221 B
315 B 38ms
36ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: e510ae4b9e94e528a3c68356a392a39d0d9f3ef33518945d9f1341e549992b0b

Request headers

Referer: https://upfilesurls.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 27 Apr 2023 03:26:02 GMT
via: 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 9b25c6bf9b0dee2129c2c8778e1ed7c9
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 221

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 62ms
25ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://upfilesurls.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://upfilesurls.com
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Thu, 27 Apr 2023 03:26:02 GMT
server: Google Frontend
vary: Origin
via: 1.1 google
x-cloud-trace-context: 4f23ba1d964710ec3a2566d1b552c251

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 29F9 15 KB
6 KB 47ms
17ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=upfilesurls.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://upfilesurls.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 27 Apr 2023 03:26:02 GMT
server: Kestrel
server-processing-duration-in-ticks: 373717
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
324 B 98ms
28ms XHR
text/plain 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://upfilesurls.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://upfilesurls.com
date: Thu, 27 Apr 2023 03:26:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2

200

sid Show response
mug.criteo.com/ Frame 29F9
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=upfilesurls.com&sn=ChromeSyncframe&so=0&topUrl=upfilesurls.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=nmhMJHxlVk9TV0s1QVRyTkhsa2cvVXBIREVYT0V5UXNTWDRVY1lkSmlDaGM2b25GSUJrL1JRM0FuTFJoV0RlTVVXaDNLc3BCalZxakY5bTlkZDVGdmJCaXdpMnFSQmpGSDBsNzR3TVgwOEM5N2Q0b2xuSktGdDFjeUdXbH...

439 B
669 B

73ms
23ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=nmhMJHxlVk9TV0s1QVRyTkhsa2cvVXBIREVYT0V5UXNTWDRVY1lkSmlDaGM2b25GSUJrL1JRM0FuTFJoV0RlTVVXaDNLc3BCalZxakY5bTlkZDVGdmJCaXdpMnFSQmpGSDBsNzR3TVgwOEM5N2Q0b2xuSktGdDFjeUdXbHhTWVhPU0I0RnVUTTQrdlI1dTNiMlduK2xBQmlFN1VzbFBWY3pmTDdVTFh4bFRDSmxHUkdYWEc0TUpidWd1K2JnenVDQXYyMzZGWEtscUdUSXZCNXEvNFZPbHM1UW9MNGZiZ2hlRFFDZjg0OXk3aHg0TUltcHM1U3JUeS9rampCUytJZ0dwY0FHVWoxOTZVNWRNQkkvZVlhajVHajNTUT09fA&cppv=2

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/gsxoY

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7c867eef7abcc6a54c7dbdca882addf0a2a964dd4a388b8e32fb10029da08183

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 03:26:02 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1297507
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 27 Apr 2023 03:26:01 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=nmhMJHxlVk9TV0s1QVRyTkhsa2cvVXBIREVYT0V5UXNTWDRVY1lkSmlDaGM2b25GSUJrL1JRM0FuTFJoV0RlTVVXaDNLc3BCalZxakY5bTlkZDVGdmJCaXdpMnFSQmpGSDBsNzR3TVgwOEM5N2Q0b2xuSktGdDFjeUdXbHhTWVhPU0I0RnVUTTQrdlI1dTNiMlduK2xBQmlFN1VzbFBWY3pmTDdVTFh4bFRDSmxHUkdYWEc0TUpidWd1K2JnenVDQXYyMzZGWEtscUdUSXZCNXEvNFZPbHM1UW9MNGZiZ2hlRFFDZjg0OXk3aHg0TUltcHM1U3JUeS9rampCUytJZ0dwY0FHVWoxOTZVNWRNQkkvZVlhajVHajNTUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 328568
content-length: 0
expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 77E0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKQtQAGP9pet0TtLcg_DImo&google_cver=1

43 B
766 B

8ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKQtQAGP9pet0TtLcg_DImo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKrgbxCdkNj8AxjN0YjmATAB&v=APEucNXMR_4EivywackdOC10Dhf10h2CtsBoYplfTQ1fLp6himnkJLyVth_aigDXhK3wuHyuR17kEE2-PVSX8jdcqB3EbfjpsW3L7uAJ7MC2HAqeTzHAFDnuhhnnW92rXCZk-K1_QsQ7M0y4ad1OcK2-I6xNcPwNizcMVlhc3qEaEwEIhMGqII8CmTp2eyptad_RklDMdUCMfsDN6J1rymCCpruMh-aT9Q
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Apr 2023 03:26:03 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 27 Apr 2023 03:26:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKQtQAGP9pet0TtLcg_DImo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 77E0
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZEnrShB-xBg.0y4W8LybkgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECDXcVfYVBVb83lCIgca27M&google_cver=1&google_hm=2

43 B
766 B

16ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECDXcVfYVBVb83lCIgca27M&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKrgbxCdkNj8AxjN0YjmATAB&v=APEucNXMR_4EivywackdOC10Dhf10h2CtsBoYplfTQ1fLp6himnkJLyVth_aigDXhK3wuHyuR17kEE2-PVSX8jdcqB3EbfjpsW3L7uAJ7MC2HAqeTzHAFDnuhhnnW92rXCZk-K1_QsQ7M0y4ad1OcK2-I6xNcPwNizcMVlhc3qEaEwEIhMGqII8CmTp2eyptad_RklDMdUCMfsDN6J1rymCCpruMh-aT9Q
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Apr 2023 03:26:03 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 27 Apr 2023 03:26:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECDXcVfYVBVb83lCIgca27M&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 77E0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECWb3OXW6WIWfCDfqQTkRKw&google_cver=1

43 B
1 KB

14ms
13ms

Image
image/gif

185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECWb3OXW6WIWfCDfqQTkRKw&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKrgbxCdkNj8AxjN0YjmATAB&v=APEucNXMR_4EivywackdOC10Dhf10h2CtsBoYplfTQ1fLp6himnkJLyVth_aigDXhK3wuHyuR17kEE2-PVSX8jdcqB3EbfjpsW3L7uAJ7MC2HAqeTzHAFDnuhhnnW92rXCZk-K1_QsQ7M0y4ad1OcK2-I6xNcPwNizcMVlhc3qEaEwEIhMGqII8CmTp2eyptad_RklDMdUCMfsDN6J1rymCCpruMh-aT9Q

Protocol

HTTP/1.1

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Apr 2023 03:26:03 GMT
AN-X-Request-Uuid: d4d6e7a7-d69e-4033-8a21-fab940976966
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.174; 185.213.155.174; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Apr 2023 03:26:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECWb3OXW6WIWfCDfqQTkRKw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 77E0
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzMyMDE4NDM0MjUzMDk4MDEyNA%3D%3D

170 B
243 B

48ms
48ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzMyMDE4NDM0MjUzMDk4MDEyNA%3D%3D

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 03:26:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 27 Apr 2023 03:26:02 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.174; 185.213.155.174; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 5289ce9d-3a4c-4b6f-a216-65bea4a3c942
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzMyMDE4NDM0MjUzMDk4MDEyNA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
501 B 20ms
19ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=upfilesurls.com_auto_interstitial_desktop&e=nai&dsReferer=dXBmaWxlc3VybHMuY29tL2dzeG9Z
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.7.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GYF9797TYACQHZ92R8V8S5E1
date: Thu, 27 Apr 2023 03:26:02 GMT
cf-cache-status: HIT
age: 572238
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7be3f6345f33bbeb-FRA

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 44ms
44ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=upfilesurls.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074121

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:26:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 48ms
47ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=upfilesurls.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074121

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:26:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
737 B 317ms
315ms XHR
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4000335004012069&correlator=1356006999688976&eid=31072879%2C31074121%2C44790325%2C44789879&output=ldjh&gdfp_req=1&vrg=202304200101&ptt=17&impl=fif&iu_parts=44890869%3A22859910411%2Cca-pub-3831894559014614-tag%2C924bb2f9-87c6-44fc-98aa-87c9fd0ebc73&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=4&adks=2177133344&sfv=1-0-40&ists=1&fas=8&prev_scp=ti%3D70bb9c0a-f2d4-40a1-9b36-c42dd9078fc0%26chrand%3Dy%26pof%3D0%26interstitials-bid%3D0.2%26bid-p%3Dgoogle%26bsc%3D46&eri=1&sc=1&cookie=ID%3Df80bd6641c92a16e%3AT%3D1682565962%3AS%3DALNI_MaQ8zMr5X15o5GWB3ol1G8ekTlKiQ&gpic=UID%3D00000bf168572fc7%3AT%3D1682565962%3ART%3D1682565962%3AS%3DALNI_MbGrc9jHEDSUdVcvBJ6g93nJSwhbQ&abxe=1&dt=1682565962952&lmt=1682565962&dlt=1682565961411&idt=853&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fupfilesurls.com%2FgsxoY&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=511832029.1682565962&ga_sid=1682565962&ga_hid=1261280659&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYorf8hfwwSABSAghkEhkKCnB1YmNpZC5vcmcYorf8hfwwSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGKK3_IX8MEgAUgIIZBLCAQoIcnRiaG91c2USrAEveUlzd1Rnb2RmOFF2UmhnSVlWaE1ibCtEamxRT2xxTEFuY1RmeitjV2sxYThLUVJpMklvZDFyVWRRWitLUHVjWHV0L3hkWkZTeUNFa2o2T1NZeXcrU1hGT3NTbUdoangvUVBVenQvNFM1UTRQbHBNYkZITFFYWlE5VTA1cDNaTy9wUnBtOSt4ZDN6ZmpxMlAzelRFVkhJUW1zUWtpcWZNczU5UjRxS3MramM9GMe4_IX8MEgAEhkKCnVpZGFwaS5jb20Yorf8hfwwSABSAghkEhsKDGlkNS1zeW5jLmNvbRjVuPyF_DBIAFICCGo.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074121

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ce67e398902c71f1a36b9cc30373e7fee69b3af7a6aa457f87f1edc0267cb4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:26:03 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 708
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://upfilesurls.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F1E6 0
56 B 70ms
69ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3911575338087&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b84ab7ff09167748dc551f93be21311a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 03:26:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F1E6 0
56 B 69ms
68ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3911575338087&version=m202301230201&ct=119&x=1&cor=9837317095804494000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b84ab7ff09167748dc551f93be21311a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 03:26:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame F1E6 82 KB
35 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DgPXw8Cjv_kkcaLJ57AkjjrM1FJSmlsBnycmyyHpQjLNS1oRMx3-syAeM9YhUPm-7sO4x4o5NehKe8kfNDLYEJEgSr8Tt73DdCXPb1T_NJxnAODy0UiOp7uIpqN_-LFLUBV9wrdAPj_J2rG2anmyYATSs9cWdb3KrpQ9rs0aqG8go2AS4&cry=1&dbm_d=AKAmf-APqH8ykUGXSQf-46R5LNhmjs0xeqOkcjpSZtqnh2lNtfx52mUrJDZzhLGRRcPYt_T_8TtYw7C30VhvjQUF9x0yBp-GpaoMGb3T00O8ZnKLyb2kPEqDRuePpS48IHl1CkK32JWthC8R2IK-fFcVyQNKDu0ktEVBilJbR_mOd-tC-a80yscASYxKMouG-k249qi6X7eZyj4rRxZqeyRGAFaSBFjuUs8Sd9t2JETx49urCC7WZu08NdIU1Z4mmW9h8Wd7_z0Q3sRuKdZFNDd_qZkTBQuZLvUjya5iF5idtxLIT0KYcLL-pp9xHFw-cDrvtYUNgrcSWpIbrrTn6sDq_Zz7q_CgMV8VU01k_JCF9aO22vOXYj-UfIQ7xM1ROxnkFdgHGZ_E3HSpBRtRBqD_aG0imxw86l39Vo5FoHcOULm9sOE-DN6c5m2XwfTBj3tjkaej_xLfAl_TZgZoHfQ6FT1XJ1sLP_2tnCC2zanBNnExRlr4V0xukeA18Fr26_7HS1k0KmmN26UoXMTaTaaX3jCROhV6w3EZVksO4zj6PURFEYMAjrpeXg9YAAr-NKH3LKv4nqKwn_bI3PKjGCFDVwxi6OnyaOAQMhJB8WubnjoQ5FyeZ9TYDKMKrw-UKdJUt8_ng2Dd1QwTMewHruQTUz2I1W9KAbxQkq2ImxAwNA38alTF45ehGrr-bbZvsMqgWWYt4pUGzWRN_N73viN0uy7nEp3judQq26ia4zGSFTOuvGViJVtmXeLBGmERVQKpgWnBfLASoX4BZ3rCgPn-jKtSkpC3f8eljNnFXhfVme1wKfmOpDndHF3BOGvnQHcNNnl_tqRvIkJMAGGB-Al-_srCiHYR_Y35xGb5R6PM4hOGLBHuuJEZs8GZiT69-51N5ooqpHYykqR6RbYuGsaQvDjeL_9OT4sQ3qnVC-GDLLgj7fPZx5wAw3bTYIHkDVVy-BBt3B8GoWQAjMJD6hrOcdNe41jKZLNWRR2tYfyysWZhHoKWxjM57mBWzt_wJ94RBaoFioLR1r7z3jcTUahsPnrE60m38NXwCEV0Ol0s7k_R_icxdb3WDEb2SzGP0mvHO2vBNnxIKeYIGvD6g3ZPBWZ5WQX6VgGnSFAnol3SPZhvcxw_WjH8apQGRVvIVLFBjKLMRale-NlHg93OYf0F9IKWCufh8RU6CcuIv4JNlMLR9mCujUvvzEraMniMZKlXBg9a0qH0u_SEVaocYLKW4wgxVX4wl3BuVZfEd9YRbofHcrhjtwv6ICjDldv-k5iWqqm2hKzGXJErXtoF9zb5ALl66WzrEaAn7PBFVJiSDhmaMuWUfN4JZgGPCutB2zCUyliRt1oo-ALbYA_wbVRtuqVfCHL4ZPm3NZH1vOmV4MvEtJY9jxydIYYUhqI5FXR3GRJF5H0dbaynkskHIj0iH_0Wf8FdJUfKS5BoP7mBXkhwj27fGeYeh7g_oktNcZbkIvdo1nHaozGojkdE-n2FbToo7CVRyjJlnxuL7dgruyI94r-vuJ7RoXNFBzkb2SAQxDcdk-yytr4D7nDzPhY9E9cVrrXvgyIwAYEvi5oJCVT-6P7yhecT0_LHRJQf_3B-FN5JMq__ZAGmTmTq1MsJvYrjlHNvCpUbI_qwV_9wy_i4Xi9s9fAJzsdHeJkyt5iqpHBqkntunl3_PK_gvvNMJzTrBou2EPX89re2uprETxJGi8dfZba86B3j0ApIEVcXSA2RuifgrxRC8IiNI1DXpCLmxBVkxu6pzQslbHe148MYTgpjVCn3uY53sP80zySf7ST6333kFgljRbaICMJgf9Un6iaaTi9eKClzM1J4SDsaU6_khxMIkaSQg0Juw5zlu_wh8KPbSePYS6SUV2NBDvCLhBArpIinQ8D2o5-Cf1SK3EZw3-1wdARDJYaIrR7YVYCdixu3CVwjQH93xy8VYNw3VC01lxqpxFuOHvuiig312s8z_NgNLi3vDGX8z4N4a4ZhOlE00YHBVx9ZpSsXRDZr8YnPY9USA-Y2Jk43d3xn3ZcrwDdvnbS90EtmTUSGgiu59ftTu-nMzaTVhSiN-qPx9C3aKY1FDg-l5G-sap6GazZfaxn-w95GusXE8OJOJ2O1QsxRzqOUQuHbJ3oX9Puaqf8e7jmvoFfWLnpCN49Jw9_loGynL-tqKjA2fduYlwfJ-0AUwLwAJ_Zjx0akANtepWLDb5OnStBAhSwgu9qjBhuP4m4zU4EZk32hm4uzuVXrJa9fJGeRe2dU9NSddb93sgeFa7q6Pjb374BsZZCg13ROe0HH7A_GicJe1ydcN-MRjRh9XDYKHd9Lw95wHHVBvWxuBAjwKjHaYhUB0pTy6g18jk5UhMgEjaIY2uwravtglsJcJr0Q_C42c2Ow2Y812QMQkM6ZfMYdnGHkFkQm26rUh-EWRtwhfBcdzjCe40B8Hz_ja0Xca7DSPbq-kgQ0iXS5GOR1JR2SbePwmePW_WNIVWTLwvN7Cfxw5jG6xX1vMhvX669alXaivD_WhtX8hVtlt7_o7736f-S9WIHCicfFqlSX2KZoZOMaLNNDhPg1KfDyTBfcjsjm3Y6kM464TYGgTVXKHbldvvS_wlj-t4a-0PlvTuIhToU7UeOJzxp0W_DS8uydhMFuiY0BxvDjGwr68vEJU44qlQ8xv1BaJ8yMvPrWLv1C1phk-2amPI2ch1kApIURJzxKNNATKnccgrPUfFuuVLze6RdypYJ4DrKZx7upQ2K6ovG0cZc7R1AnDg-Kivg5AV5yG_RWAY5iXrqSWzSSMif4aDV9ZtUyE1F7D4gP8OMSN9LyRpKmrSuXkTXKjaN7CCtpjELmOk0XVxVAzAqZv-lP31WzrcF2o2B81RCC76h4UoF--49pEIHmulnN8CUT_9Sjl0qM8gs1pWd6ggei300gEZ2t_i8__4MbNGSUeSlMUclzsw6d-CwVC1ZJgz6MK6CD_9MTm23h4Uq0vsAypSJqp2XY4ITiaasaz70x_rFMr2AFc5D08JjxPSDb58c36GEJfImszOJlj7FAVjBZatqTbX4XDRqJ_MXkvRpuzf6nqE6eZAF99rHTz2tzQwO17NTGPW7NppVAOAF78lqYM6EERp7M1jH82aP6YO8WJV2HsBJF7Q_lBXWQL3b31tXmYUe99YzVvsDCXdf7Zsb2wdmV9yKbkudPZUoP-SCIkIRuReIXGfA_t96M-k0OYd81s9lJs4W2l13FO27J88EyeJIhZfKCW8zZilaeC4KusFEHUn94HDjeFNHH8IebV_X_K4RbTppdBM02z4Lq2F6qTtCowkZ3ggXW6XMzwlySttXvwjY09yb01vg3D9gQr98RoEmX1Du9leWLwErZVfwAzXaJ4e1GskKvJEq-FTgw49VrbVT6Hj8TDDA4ruggxtKoPaWUHfzAvrJDCTcMsYNp0E0GmOIZFaS_jbUWUrZgv0n4azDFcf73uC17NE3NrQF0BxCLx3eJHpIisGlXnbfcqrWBq0nO5qmEYwujsvYVdy8ko_FsTQnTb1UcPaHPY7DZ19UmJ-cZCHAu6MS1u8qeTC4YuDnb08tBkowmiGOKxufQ6lB1pVgZu-HLKOraFrBRxjqYNLWZrmv4KcUJ--dtWsrk5zIApbh4BEFdUlfZ4_D2-CnA8xcACpjkb4PEuQ6WZajNX64SXhow02urg_5gfuk7uHoUHnRa3LX23Bwh8CSYEMc5JT0uuzJ3jcQeygmr-Jcn_C2O9k313-svFEBROsZJT2bzEq7KOD1qmFpBJlndyrdPk8jTc0lKsZg0&cid=CAQSTABygQiDg6ojI57eYVl5_E0TUl4RUExZFhb01qTICavMgUvhpRiL1NjF2CkY8EGqkrvy7lI1SVQ3CcloEuuyGT96P1aEI2NdAzV3uGYYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fupfilesurls.com%2F&ds=l&xdt=1&iif=1&cor=9837317095804494000&adk=356101037&idt=181&cac=0&dtd=9

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

afeb263d25c0c26fe33149083bdc2e7bd1a3d50993c2cee411541f4297f6d362

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b84ab7ff09167748dc551f93be21311a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 03:26:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35667
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame F1E6 106 KB
37 KB 141ms
37ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/gsxoY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b84ab7ff09167748dc551f93be21311a.safeframe.googlesyndication.com/
Origin: https://b84ab7ff09167748dc551f93be21311a.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 09:27:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64730
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Apr 2023 09:27:13 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230420/r20110914/elements/html/ Frame F1E6 11 KB
4 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230420/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DgPXw8Cjv_kkcaLJ57AkjjrM1FJSmlsBnycmyyHpQjLNS1oRMx3-syAeM9YhUPm-7sO4x4o5NehKe8kfNDLYEJEgSr8Tt73DdCXPb1T_NJxnAODy0UiOp7uIpqN_-LFLUBV9wrdAPj_J2rG2anmyYATSs9cWdb3KrpQ9rs0aqG8go2AS4&cry=1&dbm_d=AKAmf-APqH8ykUGXSQf-46R5LNhmjs0xeqOkcjpSZtqnh2lNtfx52mUrJDZzhLGRRcPYt_T_8TtYw7C30VhvjQUF9x0yBp-GpaoMGb3T00O8ZnKLyb2kPEqDRuePpS48IHl1CkK32JWthC8R2IK-fFcVyQNKDu0ktEVBilJbR_mOd-tC-a80yscASYxKMouG-k249qi6X7eZyj4rRxZqeyRGAFaSBFjuUs8Sd9t2JETx49urCC7WZu08NdIU1Z4mmW9h8Wd7_z0Q3sRuKdZFNDd_qZkTBQuZLvUjya5iF5idtxLIT0KYcLL-pp9xHFw-cDrvtYUNgrcSWpIbrrTn6sDq_Zz7q_CgMV8VU01k_JCF9aO22vOXYj-UfIQ7xM1ROxnkFdgHGZ_E3HSpBRtRBqD_aG0imxw86l39Vo5FoHcOULm9sOE-DN6c5m2XwfTBj3tjkaej_xLfAl_TZgZoHfQ6FT1XJ1sLP_2tnCC2zanBNnExRlr4V0xukeA18Fr26_7HS1k0KmmN26UoXMTaTaaX3jCROhV6w3EZVksO4zj6PURFEYMAjrpeXg9YAAr-NKH3LKv4nqKwn_bI3PKjGCFDVwxi6OnyaOAQMhJB8WubnjoQ5FyeZ9TYDKMKrw-UKdJUt8_ng2Dd1QwTMewHruQTUz2I1W9KAbxQkq2ImxAwNA38alTF45ehGrr-bbZvsMqgWWYt4pUGzWRN_N73viN0uy7nEp3judQq26ia4zGSFTOuvGViJVtmXeLBGmERVQKpgWnBfLASoX4BZ3rCgPn-jKtSkpC3f8eljNnFXhfVme1wKfmOpDndHF3BOGvnQHcNNnl_tqRvIkJMAGGB-Al-_srCiHYR_Y35xGb5R6PM4hOGLBHuuJEZs8GZiT69-51N5ooqpHYykqR6RbYuGsaQvDjeL_9OT4sQ3qnVC-GDLLgj7fPZx5wAw3bTYIHkDVVy-BBt3B8GoWQAjMJD6hrOcdNe41jKZLNWRR2tYfyysWZhHoKWxjM57mBWzt_wJ94RBaoFioLR1r7z3jcTUahsPnrE60m38NXwCEV0Ol0s7k_R_icxdb3WDEb2SzGP0mvHO2vBNnxIKeYIGvD6g3ZPBWZ5WQX6VgGnSFAnol3SPZhvcxw_WjH8apQGRVvIVLFBjKLMRale-NlHg93OYf0F9IKWCufh8RU6CcuIv4JNlMLR9mCujUvvzEraMniMZKlXBg9a0qH0u_SEVaocYLKW4wgxVX4wl3BuVZfEd9YRbofHcrhjtwv6ICjDldv-k5iWqqm2hKzGXJErXtoF9zb5ALl66WzrEaAn7PBFVJiSDhmaMuWUfN4JZgGPCutB2zCUyliRt1oo-ALbYA_wbVRtuqVfCHL4ZPm3NZH1vOmV4MvEtJY9jxydIYYUhqI5FXR3GRJF5H0dbaynkskHIj0iH_0Wf8FdJUfKS5BoP7mBXkhwj27fGeYeh7g_oktNcZbkIvdo1nHaozGojkdE-n2FbToo7CVRyjJlnxuL7dgruyI94r-vuJ7RoXNFBzkb2SAQxDcdk-yytr4D7nDzPhY9E9cVrrXvgyIwAYEvi5oJCVT-6P7yhecT0_LHRJQf_3B-FN5JMq__ZAGmTmTq1MsJvYrjlHNvCpUbI_qwV_9wy_i4Xi9s9fAJzsdHeJkyt5iqpHBqkntunl3_PK_gvvNMJzTrBou2EPX89re2uprETxJGi8dfZba86B3j0ApIEVcXSA2RuifgrxRC8IiNI1DXpCLmxBVkxu6pzQslbHe148MYTgpjVCn3uY53sP80zySf7ST6333kFgljRbaICMJgf9Un6iaaTi9eKClzM1J4SDsaU6_khxMIkaSQg0Juw5zlu_wh8KPbSePYS6SUV2NBDvCLhBArpIinQ8D2o5-Cf1SK3EZw3-1wdARDJYaIrR7YVYCdixu3CVwjQH93xy8VYNw3VC01lxqpxFuOHvuiig312s8z_NgNLi3vDGX8z4N4a4ZhOlE00YHBVx9ZpSsXRDZr8YnPY9USA-Y2Jk43d3xn3ZcrwDdvnbS90EtmTUSGgiu59ftTu-nMzaTVhSiN-qPx9C3aKY1FDg-l5G-sap6GazZfaxn-w95GusXE8OJOJ2O1QsxRzqOUQuHbJ3oX9Puaqf8e7jmvoFfWLnpCN49Jw9_loGynL-tqKjA2fduYlwfJ-0AUwLwAJ_Zjx0akANtepWLDb5OnStBAhSwgu9qjBhuP4m4zU4EZk32hm4uzuVXrJa9fJGeRe2dU9NSddb93sgeFa7q6Pjb374BsZZCg13ROe0HH7A_GicJe1ydcN-MRjRh9XDYKHd9Lw95wHHVBvWxuBAjwKjHaYhUB0pTy6g18jk5UhMgEjaIY2uwravtglsJcJr0Q_C42c2Ow2Y812QMQkM6ZfMYdnGHkFkQm26rUh-EWRtwhfBcdzjCe40B8Hz_ja0Xca7DSPbq-kgQ0iXS5GOR1JR2SbePwmePW_WNIVWTLwvN7Cfxw5jG6xX1vMhvX669alXaivD_WhtX8hVtlt7_o7736f-S9WIHCicfFqlSX2KZoZOMaLNNDhPg1KfDyTBfcjsjm3Y6kM464TYGgTVXKHbldvvS_wlj-t4a-0PlvTuIhToU7UeOJzxp0W_DS8uydhMFuiY0BxvDjGwr68vEJU44qlQ8xv1BaJ8yMvPrWLv1C1phk-2amPI2ch1kApIURJzxKNNATKnccgrPUfFuuVLze6RdypYJ4DrKZx7upQ2K6ovG0cZc7R1AnDg-Kivg5AV5yG_RWAY5iXrqSWzSSMif4aDV9ZtUyE1F7D4gP8OMSN9LyRpKmrSuXkTXKjaN7CCtpjELmOk0XVxVAzAqZv-lP31WzrcF2o2B81RCC76h4UoF--49pEIHmulnN8CUT_9Sjl0qM8gs1pWd6ggei300gEZ2t_i8__4MbNGSUeSlMUclzsw6d-CwVC1ZJgz6MK6CD_9MTm23h4Uq0vsAypSJqp2XY4ITiaasaz70x_rFMr2AFc5D08JjxPSDb58c36GEJfImszOJlj7FAVjBZatqTbX4XDRqJ_MXkvRpuzf6nqE6eZAF99rHTz2tzQwO17NTGPW7NppVAOAF78lqYM6EERp7M1jH82aP6YO8WJV2HsBJF7Q_lBXWQL3b31tXmYUe99YzVvsDCXdf7Zsb2wdmV9yKbkudPZUoP-SCIkIRuReIXGfA_t96M-k0OYd81s9lJs4W2l13FO27J88EyeJIhZfKCW8zZilaeC4KusFEHUn94HDjeFNHH8IebV_X_K4RbTppdBM02z4Lq2F6qTtCowkZ3ggXW6XMzwlySttXvwjY09yb01vg3D9gQr98RoEmX1Du9leWLwErZVfwAzXaJ4e1GskKvJEq-FTgw49VrbVT6Hj8TDDA4ruggxtKoPaWUHfzAvrJDCTcMsYNp0E0GmOIZFaS_jbUWUrZgv0n4azDFcf73uC17NE3NrQF0BxCLx3eJHpIisGlXnbfcqrWBq0nO5qmEYwujsvYVdy8ko_FsTQnTb1UcPaHPY7DZ19UmJ-cZCHAu6MS1u8qeTC4YuDnb08tBkowmiGOKxufQ6lB1pVgZu-HLKOraFrBRxjqYNLWZrmv4KcUJ--dtWsrk5zIApbh4BEFdUlfZ4_D2-CnA8xcACpjkb4PEuQ6WZajNX64SXhow02urg_5gfuk7uHoUHnRa3LX23Bwh8CSYEMc5JT0uuzJ3jcQeygmr-Jcn_C2O9k313-svFEBROsZJT2bzEq7KOD1qmFpBJlndyrdPk8jTc0lKsZg0&cid=CAQSTABygQiDg6ojI57eYVl5_E0TUl4RUExZFhb01qTICavMgUvhpRiL1NjF2CkY8EGqkrvy7lI1SVQ3CcloEuuyGT96P1aEI2NdAzV3uGYYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fupfilesurls.com%2F&ds=l&xdt=1&iif=1&cor=9837317095804494000&adk=356101037&idt=181&cac=0&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b84ab7ff09167748dc551f93be21311a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 16:32:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39190
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4122
x-xss-protection: 0
server: cafe
etag: 11429739870029468282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 May 2023 16:32:53 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230420/r20110914/ Frame F1E6 28 KB
11 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230420/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fcaaacbe09be7babfecfbcad09df9c01257b0ea95ee996105d6756ba75f41aa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b84ab7ff09167748dc551f93be21311a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 16:32:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39233
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10768
x-xss-protection: 0
server: cafe
etag: 11141491900784070631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 May 2023 16:32:10 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame F1E6 41 KB
15 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: b84ab7ff09167748dc551f93be21311a.safeframe.googlesyndication.com
URL: https://b84ab7ff09167748dc551f93be21311a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b84ab7ff09167748dc551f93be21311a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 14:54:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45080
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Apr 2024 14:54:43 GMT

GET
DATA 200
OK truncated
/ Frame F1E6 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: edb077dff6d680ca2a47dce0b6443ead4b931d09a73cc0bde5377880cf345f9b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame FA3E 22 KB
8 KB 41ms
38ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b84ab7ff09167748dc551f93be21311a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 362692
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 22 Apr 2023 22:41:11 GMT
expires: Sun, 21 Apr 2024 22:41:11 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
501 B 23ms
23ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=upfilesurls.com_auto_interstitial_desktop&e=nai&dsReferer=dXBmaWxlc3VybHMuY29tL2dzeG9Z
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.7.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GYF9797TYACQHZ92R8V8S5E1
date: Thu, 27 Apr 2023 03:26:03 GMT
cf-cache-status: HIT
age: 572239
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7be3f63678cabbeb-FRA

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/17103966758194605335/728x90/ Frame 9D8B 87 KB
20 KB 110ms
35ms Document
text/html 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17103966758194605335/728x90/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1321a7f8342b43cb197f39a0c173574d4b7c7c8b0bf8a43284a2d2eb151e4e81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b84ab7ff09167748dc551f93be21311a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 372013
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 20092
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 22 Apr 2023 20:05:50 GMT
expires: Sun, 21 Apr 2024 20:05:50 GMT
last-modified: Thu, 06 Apr 2023 14:57:00 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F1E6 0
0 195ms
83ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuYDU_nbhgn4fFFNAkk1OtYdp5G7q4OLp8FnwQtSsCUYMQHaJyxZMJTpr9_CQj5jEnqk294MOTdIpe3gK9P762FbWy0KbFSYImdpaz6Havrd0wWKsE6fGOtu5Kp5NPa5dicQUEKjsUBiCMx8VVuZt7nHdMIJTXZE0rtvkjOvw-v63i_Ler6adYt_Q28glqO9Oos2pS09o4ikS2usRYLD2BnLIuC2OBPh-e1vcTSBDY4qbvZ-Jw_9tKbVIgVErbwmmzykuUSmHz2-GIvb_2VyHn4YxyeL3gLLZ3PEkTvLl_qrRFCMZozSSsKob7yyAXPYP8TpvJu1yHauaV2IF8nX-KsDhtJ40Dlo9AETn4tj6nwDONIzC7p72-8hdAydGdqo--HMvomL9JDCHsOkK-3ICf6YrYW0qp6P3jD6WTnDpoz9p7zsdnHyVpMxj1IdV8UqkqJHUkMF4zUeumO4ltaMvdTVkAsxD-tg7Hv9HzRIS5jzEWBW24cdhLRO2bcrj39VJo4FVWopbw22SHkO_VJzu-fXC1k634Z48MmPzyQ1IEFufi_CefH7uJ4IKTdtyDu_uYf4ix8Wzl7oIEN5ykhflofWnMAxGEDo2yJj3tH0pTuzymqTpq29SLfgUTUQjvVRklCxPpNfEgHyXkXW-0BniEKAHwz392awt75aZAoLvaVUgLNYTI-5Rt5h4nMHgkQxoM6PkFjyTBEgw9eXWr8W2qmXzUNXvcz6IQdnvV_8AUU6tgAPQVufuQ2A-ph_KZT8A__d4i0LSjKnZZKwOYuHHh4PkQoPb0fBNobtnkPCFPmliyOUKUtJ2hz8mhMYc08H_ZshxHV-ZOBdtE_mdBsj5qn88-lCcRgmTMRAHkxSK-a58pZAOhif7GC-h86JXJ33rpbWRdCz-_p3FC_jfe45pIFthCLLKek2vdKBngAfICF7O52o8SlUZfU5dfuxJyCDD2ZyXhY_vfirKvkc8JFo_d4EYLCQPaTwpALMV8A8JoWP9qDahC7-13Em3IkmEOTZFfJtT1lO-O7a9jDQ-OfHZ4Af4vQlLCwT4thHY-unQLcN7PMjl9N_bkZeSfDXPLajS2ycTgZGdST7xWLN5CXOW7aNhPebIp-yhh9RAeUaETQ-W-yzN5dnHW8e_rhDA2OGltr1Jo-2yrpnnLy_F7mZXSjO7bU4G1ygMOSNFyMO80FzB3jDwGdMBbecQqBhcfYFMuChhngtEoVDqvY4jL6XvTgzmp_oUL5dsh7PqTdSFaMeobNM7QkyQqCgrre-pMg&sai=AMfl-YTGdTUOfCFKV6CO6GyC6KBrtud0LTQjDSNJvhHJgztaHn3zpg7q91UZJapWCdIK-F3-26g-qh9HzDhcDKYfxLvXxMyxATbKO60K6aSivPynmAK1dGuMNLB8DTzMKKSuh8Ecr2pxyiq7buJa0KiLOHTDrM_zJL12DiC8dYmOtIYS4i2h49EbhkM2YFUGptZsPCUhlTT3pY9UN82-wYK7wBooeMuleehnWoEqXw9o5HN2Fc4_hQEPCrYygbrqIdPcpeX5HftyCswImzD0Z9pTCQyVSVrqae13WW0T&sig=Cg0ArKJSzIYOAFKUzlHUEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=198&cbvp=1&cstd=194&cisv=r20230420.15635&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/gsxoY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b84ab7ff09167748dc551f93be21311a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 27 Apr 2023 03:26:03 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Thu, 27 Apr 2023 03:26:03 GMT

GET
H3 200 FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js Show response
pagead2.googlesyndication.com/bg/ Frame FA3E 36 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 14:12:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47624
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14264
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Apr 2024 14:12:19 GMT

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 9D8B 29 KB
10 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17103966758194605335/728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17103966758194605335/728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 03:57:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84519
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Apr 2023 03:57:24 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F1E6 0
0 76ms
75ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuYDU_nbhgn4fFFNAkk1OtYdp5G7q4OLp8FnwQtSsCUYMQHaJyxZMJTpr9_CQj5jEnqk294MOTdIpe3gK9P762FbWy0KbFSYImdpaz6Havrd0wWKsE6fGOtu5Kp5NPa5dicQUEKjsUBiCMx8VVuZt7nHdMIJTXZE0rtvkjOvw-v63i_Ler6adYt_Q28glqO9Oos2pS09o4ikS2usRYLD2BnLIuC2OBPh-e1vcTSBDY4qbvZ-Jw_9tKbVIgVErbwmmzykuUSmHz2-GIvb_2VyHn4YxyeL3gLLZ3PEkTvLl_qrRFCMZozSSsKob7yyAXPYP8TpvJu1yHauaV2IF8nX-KsDhtJ40Dlo9AETn4tj6nwDONIzC7p72-8hdAydGdqo--HMvomL9JDCHsOkK-3ICf6YrYW0qp6P3jD6WTnDpoz9p7zsdnHyVpMxj1IdV8UqkqJHUkMF4zUeumO4ltaMvdTVkAsxD-tg7Hv9HzRIS5jzEWBW24cdhLRO2bcrj39VJo4FVWopbw22SHkO_VJzu-fXC1k634Z48MmPzyQ1IEFufi_CefH7uJ4IKTdtyDu_uYf4ix8Wzl7oIEN5ykhflofWnMAxGEDo2yJj3tH0pTuzymqTpq29SLfgUTUQjvVRklCxPpNfEgHyXkXW-0BniEKAHwz392awt75aZAoLvaVUgLNYTI-5Rt5h4nMHgkQxoM6PkFjyTBEgw9eXWr8W2qmXzUNXvcz6IQdnvV_8AUU6tgAPQVufuQ2A-ph_KZT8A__d4i0LSjKnZZKwOYuHHh4PkQoPb0fBNobtnkPCFPmliyOUKUtJ2hz8mhMYc08H_ZshxHV-ZOBdtE_mdBsj5qn88-lCcRgmTMRAHkxSK-a58pZAOhif7GC-h86JXJ33rpbWRdCz-_p3FC_jfe45pIFthCLLKek2vdKBngAfICF7O52o8SlUZfU5dfuxJyCDD2ZyXhY_vfirKvkc8JFo_d4EYLCQPaTwpALMV8A8JoWP9qDahC7-13Em3IkmEOTZFfJtT1lO-O7a9jDQ-OfHZ4Af4vQlLCwT4thHY-unQLcN7PMjl9N_bkZeSfDXPLajS2ycTgZGdST7xWLN5CXOW7aNhPebIp-yhh9RAeUaETQ-W-yzN5dnHW8e_rhDA2OGltr1Jo-2yrpnnLy_F7mZXSjO7bU4G1ygMOSNFyMO80FzB3jDwGdMBbecQqBhcfYFMuChhngtEoVDqvY4jL6XvTgzmp_oUL5dsh7PqTdSFaMeobNM7QkyQqCgrre-pMg&sai=AMfl-YTGdTUOfCFKV6CO6GyC6KBrtud0LTQjDSNJvhHJgztaHn3zpg7q91UZJapWCdIK-F3-26g-qh9HzDhcDKYfxLvXxMyxATbKO60K6aSivPynmAK1dGuMNLB8DTzMKKSuh8Ecr2pxyiq7buJa0KiLOHTDrM_zJL12DiC8dYmOtIYS4i2h49EbhkM2YFUGptZsPCUhlTT3pY9UN82-wYK7wBooeMuleehnWoEqXw9o5HN2Fc4_hQEPCrYygbrqIdPcpeX5HftyCswImzD0Z9pTCQyVSVrqae13WW0T&sig=Cg0ArKJSzIYOAFKUzlHUEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=466&vt=11&dtpt=268&dett=3&cstd=194&cisv=r20230420.15635&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/gsxoY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b84ab7ff09167748dc551f93be21311a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:26:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 27 Apr 2023 03:26:03 GMT

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/17103966758194605335/728x90/ Frame 9D8B 2 KB
1 KB 36ms
36ms Image
image/svg+xml 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17103966758194605335/728x90/logo.svg

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/gsxoY

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f006f2f469e6f474321a37a5764e8ef6f29913f2a07c588a67746f32e1f0b842

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17103966758194605335/728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 381166
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1113
x-xss-protection: 0
last-modified: Thu, 06 Apr 2023 14:57:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 Apr 2024 17:33:17 GMT

GET
H3 200 cta.svg
s0.2mdn.net/sadbundle/17103966758194605335/728x90/ Frame 9D8B 2 KB
1 KB 38ms
37ms Image
image/svg+xml 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17103966758194605335/728x90/cta.svg

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/gsxoY

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e9b42a21951a33625a66786cdd5928ab232cecfa892e8c5a3c4513ef350aaeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17103966758194605335/728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 19:34:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28281
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 995
x-xss-protection: 0
last-modified: Thu, 06 Apr 2023 14:57:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 25 Apr 2024 19:34:42 GMT

GET
H3 200 text3.svg
s0.2mdn.net/sadbundle/17103966758194605335/728x90/ Frame 9D8B 5 KB
1 KB 37ms
36ms Image
image/svg+xml 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17103966758194605335/728x90/text3.svg

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/gsxoY

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f7e8360b69d28cbe99095cd8e95eeca832c515fb35986f0990c8d414dc37dd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17103966758194605335/728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:29:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 381423
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1322
x-xss-protection: 0
last-modified: Thu, 06 Apr 2023 14:57:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 Apr 2024 17:29:00 GMT

GET
H3 200 text2.svg
s0.2mdn.net/sadbundle/17103966758194605335/728x90/ Frame 9D8B 6 KB
2 KB 54ms
52ms Image
image/svg+xml 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17103966758194605335/728x90/text2.svg

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/gsxoY

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6aa0a4cc2215a67ad2fefa92e5d119f98cc1bbe289c7beaebd171f110e37180f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17103966758194605335/728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 20:17:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 371296
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2134
x-xss-protection: 0
last-modified: Thu, 06 Apr 2023 14:57:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 Apr 2024 20:17:47 GMT

GET
H3 200 text1.svg
s0.2mdn.net/sadbundle/17103966758194605335/728x90/ Frame 9D8B 6 KB
2 KB 54ms
53ms Image
image/svg+xml 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17103966758194605335/728x90/text1.svg

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/gsxoY

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfd1d8eeeb65d28adbcde7c51b0be16529ca7ae44323c4e214c5265e085b830a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17103966758194605335/728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 20:47:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 369528
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2195
x-xss-protection: 0
last-modified: Thu, 06 Apr 2023 14:57:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 Apr 2024 20:47:15 GMT

GET
H3 200 legal.svg
s0.2mdn.net/sadbundle/17103966758194605335/728x90/ Frame 9D8B 26 KB
4 KB 38ms
37ms Image
image/svg+xml 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17103966758194605335/728x90/legal.svg

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/gsxoY

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b2dc18beac0dff71e0e07f85256802ecec071eff53741894b3358b32c688e4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17103966758194605335/728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 22:40:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 362760
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4472
x-xss-protection: 0
last-modified: Thu, 06 Apr 2023 14:57:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 Apr 2024 22:40:03 GMT

GET
H3 200 bg.jpg
s0.2mdn.net/sadbundle/17103966758194605335/728x90/ Frame 9D8B 14 KB
14 KB 40ms
39ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17103966758194605335/728x90/bg.jpg

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/gsxoY

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1bf903da55dcc870a4a72b4a717a67226c181fa41bb78f4af842961be94a397

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17103966758194605335/728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 20:27:03 GMT
x-content-type-options: nosniff
age: 370740
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13878
x-xss-protection: 0
last-modified: Thu, 06 Apr 2023 14:57:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 Apr 2024 20:27:03 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FA3E 0
20 B 75ms
75ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BBxvnSutJZJPPPOeFjuwP_MmJqAkAAAAAOAHgBAI&bg=!dHeldyPNAAYfNdXmPzU7ADkAdvg8WqRPOu_PzSz0asr67gY7W2QppcOCMgWgDo9gDt5NiuUlxzfIbK_E1IhO3FbyiLqZ_UHDXPMCAAAAZFIAAAACaAEHmQMKT-_eM4mlzw__FJ0akEukCYxJk41uY7ZqGyEn_iWBbhJy1xujv76TcRAvMZCtD2LvQvs-5LxDelE6A6XmVw2mAPKq_3ep-A5sf5LafzwDJW_Mcv1IrMGAgm4zjMkcmrgM1KCqagNTq11MS7M7on50JVK5cym2zlKlPOg4BcByater-zdX5hiJLQb27qouKdMHuWpSREQzv1tQs5roLxDHNsf0ZvWGmLQo71-7DsYSAeRABJWjEJYxhuFwErdr0XfO8bqKncbWAiB_GwfrBlmlQhK_DYgBiSNzojP28wI04CUTkzqQQ7y5LOFCLVS-WB28RbaFq_sqUJ3dQ4Z_hpiXp150BYZUDu0lby2oVfgDUWAqRQHhPHIsXKZC1yJ9_ZXWKCNHwVu28wvjNv5_popw_G4vbAl5bD5GNGHiqHoFEzEnspP-V5qlwB7idPZBytgUf-YL0fejmyH3A5jEjsYv-9pvSER6JOZTYhoPgT5zpXtkX3p7z_k23LeGc3bkPzSQEGY6aMax_aPKtv-KHoB6Qx7ww_qSsQ-_4aDRCYeRfNLGlrfxxhMGPysFqfHiM2NACoJAPFPNupjjLIHuJUUsk_Fzzy0D8xGVOg3PdbDxQ-dnNvzidMB3F4mqjlmYq5WPOpJeA44znX5LYqARkNJRRV_yFXdE7rNLs9zRf1mGCZqZqAVFL8qN3Rkb5nTf1OMH4WaPq2Wc21USrVgPd-snV4dVSjK4yt9vJVyhXAz10mpvFJESgKC1tdTAklam9n7H_wdAKSIk7ciP_qEegU1K0PcmUrfwrOdduVkW9_cg518mbeES-fQLvyDZpCvjZCoUrUyPxAUiakrlgKVCxWsSxJt9HhwgIJBJcJHIVQTYVXy2Qzh3cmmwblnNINstxhaQGEK8MgnFfZGoFnxdR-2EK1PuixHm2Z5aarpKChFI8hgSYtYeKLDAIT15uw-TG9m874K1PJoAJddGAH-ry3unSZ4uqOWtVyoJQ4-gEZM_BeBfydXjVLzx39lGOCPxyJuwuqA9odDQJCtEcQ

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/gsxoY

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 03:26:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
334 B 382ms
122ms XHR
application/json 54.77.31.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.31.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-31-84.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 11449f89c099c641fddd8e5d1c38abc06fc0fb00f51b8e71130e7634e7e2caa4

Request headers

Referer: https://upfilesurls.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 03:26:03 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://upfilesurls.com
cache-control: no-cache
x-server: 10.45.16.72
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F1E6 42 B
64 B 156ms
75ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstmxIvtk3rQxUo-I20_Uj43dZq24Wdctw9DGjeepqNL3zImYJStkvwt2JL23oH6UNFGvZdeshIWKuzZZaXiZsjh_ryTOwdD0zI4hV6UnUQ3sXjEA9K3lun8gZ5p-IwaROvnj6R6zg&sai=AMfl-YRfGOTIcM5XonffMAoaJzh27vFvpGEC2ZdIQVNgjSzM3g925fnt_fjBzPZOY69v45tQdJDEp7vCfSN34q4njpSR4abyfnTnfPAYtPFU5MjyvbGF6F8n-TmFzK7bRXWUqdmZWIg_kr3-sBCv_Q&sig=Cg0ArKJSzNR8QCBxTExBEAE&cid=CAQSTABygQiDg6ojI57eYVl5_E0TUl4RUExZFhb01qTICavMgUvhpRiL1NjF2CkY8EGqkrvy7lI1SVQ3CcloEuuyGT96P1aEI2NdAzV3uGYYAQ&id=lidar2&mcvt=1002&p=1110,436,1200,1164&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230426&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=366313947&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1682565962668&rpt=535&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b84ab7ff09167748dc551f93be21311a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 03:26:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F1E6 0
20 B 73ms
72ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3911575338087&version=m202301230201&ct=119&x=1&cor=9837317095804494000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b84ab7ff09167748dc551f93be21311a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 03:26:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIk5yk1I7J_gIV54KDBx38ZAKVEAAYACCq_8VaQhMIpcz9047J_gIVNcq7CB0rAgwj;met=1;&timestamp=1682565973568;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame F1E6 42 B
401 B 180ms
75ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIk5yk1I7J_gIV54KDBx38ZAKVEAAYACCq_8VaQhMIpcz9047J_gIVNcq7CB0rAgwj;met=1;&timestamp=1682565973568;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/gsxoY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b84ab7ff09167748dc551f93be21311a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 03:26:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIk5yk1I7J_gIV54KDBx38ZAKVEAAYACCq_8VaQhMIpcz9047J_gIVNcq7CB0rAgwj;met=1;&timestamp=1682565983565;eid1=2;ecn1=0;etm1=10;
ade.googlesyndication.com/ddm/activity/ Frame F1E6 42 B
107 B 76ms
74ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIk5yk1I7J_gIV54KDBx38ZAKVEAAYACCq_8VaQhMIpcz9047J_gIVNcq7CB0rAgwj;met=1;&timestamp=1682565983565;eid1=2;ecn1=0;etm1=10;

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/gsxoY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b84ab7ff09167748dc551f93be21311a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 03:26:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: d18kg2zy9x3t96.cloudfront.net
URL: https://d18kg2zy9x3t96.cloudfront.net/?yzgkd=978153

Verdicts & Comments Add Verdict or Comment

157 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bit.ly/	1970-01-20 15:41:57	Name: _bit Value: n3r3pX-91d111946741496306-00C
upfiles.com/	1970-01-20 11:22:53	Name: XSRF-TOKEN Value: eyJpdiI6Inl5NE5zRlB5Z25kYkVrTjA3ZThnWmc9PSIsInZhbHVlIjoiNHZxTWlvdHcvVUUrVzltSjNMajVnUU82Wkk1RWVDRVlHVDk0NVZVRVdDY3B2L0NLZ3dEdGxhZEtMN1plRDdJR2tjY2liTmFNT3h3b3pkNG1DWVNmd0lIV3k1M3BTKzhzamZ3anZ0TVNzajN6NjY3dlpoVWZPdEhibHN4L2VibVAiLCJtYWMiOiIwNzI0NjhkMmU5NGE4YzJlMmQyN2Y1ZWVmOTNiYzZiMWNkODFiYmZhYTBmYTU5NmQxM2QzYjM2M2VlMmVlMmNhIiwidGFnIjoiIn0%3D
upfiles.com/	1970-01-20 11:22:53	Name: upfiles_session Value: eyJpdiI6ImFLVTl2R2ZDTVJ3cC9ZZ0pQSXJXMnc9PSIsInZhbHVlIjoiTkI4THRJVTlUTmorOStQWndiQUZrWlFtd1VtTkQwd0JjV2lRZGhaa3VzamtRMVV2a2xLaXZoKzdHWjBlcHZ3ZFZpaThHbEhKTXhHa2FmZ2hpZXdrZUFxWVU3NGN3NERZUnczTnhaWEFkcDVNRU1VQnk3TUZkdk4zcEM0eEVVOVciLCJtYWMiOiIyODllOTJhNDMyMGI3YWMyNTQ3MTk3NGMyZDIyMWQ4MWQyZWNmMThmYTQ5N2JlMDk3ZWVmZjU4NzFlYWEzZjMwIiwidGFnIjoiIn0%3D
upfilesurls.com/	1969-12-31 23:59:59	Name: auth Value: eyJpdiI6InhuR0JHTW9WVElhbmpnazBSQVdFNHc9PSIsInZhbHVlIjoiTkdwcTF5amlEVFlibkEwbmpSM2g4Zz09IiwibWFjIjoiYmZjYzgwY2Q4NjAyYTU4NDYxNDA0NDRkNmJhMzg1OTgxMTVlZTA4NGMzMTA2Yjg1NjI4Mjg0ZDgxYjQwMzUyZiIsInRhZyI6IiJ9
upfilesurls.com/	1970-01-20 11:22:53	Name: XSRF-TOKEN Value: eyJpdiI6InpuTE5ja2s5NVE3amlncWFDVm1jZmc9PSIsInZhbHVlIjoicHk1Ym9nK3M2aFdmQW56N3ZNbVZYK3hrSTBaV3phc1ZTeTlmcEJ2VEF1a1JEMFcxVGowV2UwY3BKQXhscWphQTErNmgvSFE2MTMzaHBLOWJ2WER4YW1Xc2tIQ3Z1dEpKTDM1cGFzVGh6bzIvcGFycmQ4MEc4OWZ6QWsxWDBjdUwiLCJtYWMiOiIzYWRlOTE5MzI2NDk5NzU0M2IzZDE0MmFjNzYyOTVlMDU0ZDc3OTc0ZGViZmE3YjA4Mzk5YmViZjc5ZTY2MjkxIiwidGFnIjoiIn0%3D
upfilesurls.com/	1970-01-20 11:22:53	Name: upfiles_session Value: eyJpdiI6InluNHdHSVhDZFljWmllT3lxWXc3dVE9PSIsInZhbHVlIjoidjU3ZnJ1eDIrSHVDYkRIV0NaVHd1MGlocVB1SVJlUmZKUGs2U1pyUzR6ZC9NMUgvOWJMK0JVb2g5MmlmdzIzbDEwcTJ0ZFhlSUx2S0dNc003NXVpaW5lbDJHYjRvR1czSHBvQ2thTGwxUU5JcGJEbXdZOXE0aXpZc3F3MDZxcHoiLCJtYWMiOiJkODE5MDYzYWM1N2I1YmJjNmZjMTY2NTJiNTQ0YjQxNTEyZjk1MThiNmY4YzA5NjY1YjhhNjUwZTI0NDg4ZjdmIiwidGFnIjoiIn0%3D
cschyogh.com/	1970-01-20 11:24:12	Name: GL_UI4 Value: eJw9jdtOhDAYhDmz6oJOwgP4CNTloJdmH8JLUugPWxfaTakQ397GRK%2Fmy%2BSbjOd5QfEIf0sihF%2B8xrNoqRpPbcNoqETNXvuRNSPxitXN26mlFndy7SzvZ7IRDuvCje3sFuE4kSIjh27QgjI8OeuvuSq9qwhxb7gSGeLFGXOGtDd6X8kUISLFF0JyvhjtMl74pzYIGXtxLJVjv0Sg1yLM75F%2BSCXcMD8iYGWeJx4ebjO3ozZLJ0XiI54MFwT%2FHYeBW5q0%2BUYqaL1afQP0LLp%2F%2F%2Fc33FmJRNAmB3eu7YXMD0rnTmc%3D
cschyogh.com/	1970-01-20 11:24:12	Name: GL_GI10 Value: eJxljNFKwzAYhbvUxRVl48AeoC%2BwQqxl3qrr3I1XPkAI3d8RpEn4kw3r06sbiODd4TvnO1mWieUcwgYs1ENT3am6Uk1TqfU98gN5iE2L284fXeJROzMQrl%2BIB%2BNGSKaD9Q5i1%2BLmknXn94Tppl39YWdruqMYCVedTSOwZePe%2ByOn0gzlq7EOxU9x0Zff%2Bv9BbmMAaqXWdflGfLIdxfLxCYWjpGMg2qN49hw8m0SY%2F9Lzp8wxs1EH9h%2BjnGCR7ECf3pH2fR8pSYHJSYov5ERPzg%3D%3D
live.demand.supply/	1970-01-20 20:58:45	Name: demandSupplyTi Value: 70bb9c0a-f2d4-40a1-9b36-c42dd9078fc0
.demand.supply/	1970-01-20 11:22:47	Name: __cf_bm Value: XuB3yh5IkSWSQ4iZWGNdkT2KaaN0nM0tg.bSXtxGheE-1682565961-0-ATPvXTDTKoEN7xo1t/XvfYQtgSqa8WkPwAZzSwREGFmCKP7+AUCbqxZXuAPl6ahqJ0gOO0Tdujl7vfKNK266XYA=
.upfilesurls.com/	1970-01-20 20:44:21	Name: __gads Value: ID=f80bd6641c92a16e:T=1682565962:S=ALNI_MaQ8zMr5X15o5GWB3ol1G8ekTlKiQ
.upfilesurls.com/	1970-01-20 20:44:21	Name: __gpi Value: UID=00000bf168572fc7:T=1682565962:RT=1682565962:S=ALNI_MbGrc9jHEDSUdVcvBJ6g93nJSwhbQ
.criteo.com/	1970-01-20 20:44:21	Name: uid Value: 8f279862-9286-45ac-a2ec-82e6dccbaa0e
.doubleclick.net/	1970-01-20 20:44:21	Name: IDE Value: AHWqTUlZd-otFpqgwK0XDK-k44f5Hk2i410qryGiHVN2w-fLL9grfTnVqgLxzuIm0qg
.casalemedia.com/	1970-01-20 20:08:21	Name: CMID Value: ZEnrShB-xBg.0y4W8LybkgAA
.casalemedia.com/	1970-01-20 13:32:21	Name: CMPS Value: 5128
.casalemedia.com/	1970-01-20 13:32:21	Name: CMPRO Value: 5128
.adnxs.com/	1970-01-20 13:32:21	Name: uuid2 Value: 7320184342530980124
.upfilesurls.com/	1970-01-20 20:44:21	Name: cto_bundle Value: 95Vnc190JTJGMlU1M1hqQ0E1WGl2QU41VnVybGhtVW1UeFZmR0YlMkIlMkZiZEx4TWZUSk5DdllJdnFkazF4dmJVYmxNalhoeHp6YVZxWjBLNlg4VSUyQmpYYWtuJTJGS1p5Y1l5UWM5dnIyQ3dUQ3JDJTJGV3JaeEh1R29zVmI3T1BMazJjNmNnSiUyRnpGeVh6YmNuSWxneUlRTlBvZE1SYnBMYU5jQSUzRCUzRA
.adnxs.com/	1970-01-20 13:32:21	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C$SrN1ym!]tbPl1M>e)ZlrFUfJ+tGXxoaKetAb:CG3F9bqS=6Tg6<=Y+AaaVLJg<:IX3If)y3KL9D3I?+<2>lz

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
adservice.google.com
adservice.google.de
b84ab7ff09167748dc551f93be21311a.safeframe.googlesyndication.com
bcp.crwdcntrl.net
bit.ly
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdntechone.com
cm.g.doubleclick.net
cschyogh.com
d18kg2zy9x3t96.cloudfront.net
datatechone.com
dsum-sec.casalemedia.com
esp.rtbhouse.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
invstatic101.creativecdn.com
live.demand.supply
mug.criteo.com
pagead2.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
static.criteo.net
tags.crwdcntrl.net
tpc.googlesyndication.com
upfiles.com
upfilesurls.com
www.googletagmanager.com
www.googletagservices.com
d18kg2zy9x3t96.cloudfront.net
141.95.33.111
142.250.185.130
142.250.186.66
142.91.159.191
151.101.65.229
178.250.7.13
185.80.39.216
185.89.210.212
2600:9000:2250:7c00:a:e047:752:b361
2606:4700:10::6816:3456
2606:4700:20::681a:88a
2606:4700:3035::ac43:ad6a
2606:4700::6810:8616
2a00:1450:4001:808::2002
2a00:1450:4001:809::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2006
2a00:1450:4001:828::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2001
2a00:1450:4001:830::200a
2a02:2638:3::c
2a02:2638:d::2
2a06:98c1:3120::3
34.96.70.87
35.190.39.111
37.48.68.71
54.77.31.84
65.9.66.122
67.199.248.10
0390a205adde41148772c08262a87b8b173f4d1df61e9ce323b89069827643c2
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e1070ef03510c03bf072fc9acc862eb3e3bc71cd0079472eb0dc10455e9838a
0e9b42a21951a33625a66786cdd5928ab232cecfa892e8c5a3c4513ef350aaeb
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528
11449f89c099c641fddd8e5d1c38abc06fc0fb00f51b8e71130e7634e7e2caa4
122b045d95227f20b88e28c6fb8336f022295044d74694904ddaa04d4022ac45
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1321a7f8342b43cb197f39a0c173574d4b7c7c8b0bf8a43284a2d2eb151e4e81
15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3
1703a72fa6f4e4c3e4226e77f416e403c9350226515a4addb2dba832adddec33
20ee5b6c7d76a068137ad4d38ad84692ed7f0fbbe569fa52d7555c7f65b6028a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3a6496c9ba51de9268160abd403069b72cbf8a70bec8c61f3df9f0fd119aa953
3d3e6705b468cecdd78fb9a1ee6688d60e1d2c1caa0db7baa88db460315dccea
3d45b2164e7d4b3463daed6795455b3a92c97f008b419ab071c7298d02171144
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
61f7d9eaabbfde4b1fe0a802ca35b9bc8ce06e6d585a0a10071c155c6bcab518
64115d57d55c36e37e807ef9c00f498fda7c453cda6db7241cebbbadf19dd2b3
6aa0a4cc2215a67ad2fefa92e5d119f98cc1bbe289c7beaebd171f110e37180f
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde
7c867eef7abcc6a54c7dbdca882addf0a2a964dd4a388b8e32fb10029da08183
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
8f7e8360b69d28cbe99095cd8e95eeca832c515fb35986f0990c8d414dc37dd4
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
9a717285429d468fadc4d25179fc6feb49e6335f3af1675fb6be1cb50e7e8322
9b2dc18beac0dff71e0e07f85256802ecec071eff53741894b3358b32c688e4c
9ce67e398902c71f1a36b9cc30373e7fee69b3af7a6aa457f87f1edc0267cb4e
9cf4fc9350f69e442ebfdf130d4e601377e9273b642282a1ebb4f79d6116e8c5
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a57a359e1c169d89a071f4ca1b31e3587837b56d18851c3b1b50bc6e899b19b2
a83572a1fab9170bffead1e851ef6702363858d56d4300268be5e98a95fc4c21
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
afeb263d25c0c26fe33149083bdc2e7bd1a3d50993c2cee411541f4297f6d362
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
bfd1d8eeeb65d28adbcde7c51b0be16529ca7ae44323c4e214c5265e085b830a
c4869b8fb24f2bdc193c70b14b36041c187d958c61bf3e2597c12079be29a4bb
c4bd45fcc1f040b9c6bc54fc6f8b4b798d533984365b298b317e324c679c8eea
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
cbd979b253f1094192758b903dbf1258373e373ea264905849c30ca44931e1e1
cdd81eaa7726dbd3a0ecc2d2de70ec2ae470afc424d9a186d2b358d7a645634c
d454583aa343d4c8aa4e42c0876b20e60c20c0b89284e4ef0c662d0426c18254
d526da1f4d4af45cefd2a0d140abec2beddc3150d13c47d3de893eaa278a369d
d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e510ae4b9e94e528a3c68356a392a39d0d9f3ef33518945d9f1341e549992b0b
e51161fcc5b2c4b90c3381e517152eb275d52a6c288954e502479d7421386240
e513eca2bb7e7a4a01708638213319204d53b4f39ceb35e47f259ab16707431a
e87e0991dcfaa2c7b015d284d8b5d872363eb52af458b63c8449351b4b24612f
e9cbaaab6ffc005589d1c3f8b84d04f07ddb878451c7dacdb5b1e344d761dcbd
edb077dff6d680ca2a47dce0b6443ead4b931d09a73cc0bde5377880cf345f9b
eebca01c60b315a6937fea6c94dfaa2b2afcb61cd14cdf7e655cefec2fc32017
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f006f2f469e6f474321a37a5764e8ef6f29913f2a07c588a67746f32e1f0b842
f1bf903da55dcc870a4a72b4a717a67226c181fa41bb78f4af842961be94a397
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fcaaacbe09be7babfecfbcad09df9c01257b0ea95ee996105d6756ba75f41aa3

upfilesurls.com Open in urlscan Pro 2606:4700:20::681a:88a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

94 Requests

94 %HTTPS

59 %IPv6

27 Domains

36 Subdomains

33 IPs

6 Countries

1030 kBTransfer

3128 kBSize

20 Cookies

6 Outgoing links

Page URL History

Redirected requests

94 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

upfilesurls.com Open in urlscan Pro
2606:4700:20::681a:88a Public Scan

Screenshot
Live screenshot

Full Image

94
Requests

94 %
HTTPS

59 %
IPv6

27
Domains

36
Subdomains

33
IPs

6
Countries

1030 kB
Transfer

3128 kB
Size

20
Cookies

94 HTTP transactions
3 data transactions