URL: https://www.directupload.net/file/d/6813/gakgcgxt_jpg.htm
Submission Tags: falconsandbox
Submission: On February 24 via api from US — Scanned from FI

Summary

This website contacted 10 IPs in 4 countries across 7 domains to perform 24 HTTP transactions. The main IP is 2a01:4f9:4b:1406::2, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.directupload.net.
TLS certificate: Issued by R3 on December 16th 2022. Valid for: 3 months.
This is the only time www.directupload.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
13 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 803
scontent-hel3-1.xx.fbcdn.net — Cisco Umbrella Rank: 38730
292 KB
4 directupload.net
www.directupload.net
s20.directupload.net — Cisco Umbrella Rank: 657062
142 KB
2 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 352
17 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 105
27 KB
1 gstatic.com
fonts.gstatic.com
44 KB
1 mgid.com
jsc.mgid.com — Cisco Umbrella Rank: 8450
603 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36
1 KB
24 7
Domain Requested by
11 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
2 scontent-hel3-1.xx.fbcdn.net www.facebook.com
2 ssl.google-analytics.com www.directupload.net
2 s20.directupload.net www.directupload.net
2 www.facebook.com www.directupload.net
2 www.directupload.net www.directupload.net
1 fonts.gstatic.com fonts.googleapis.com
1 jsc.mgid.com www.directupload.net
1 fonts.googleapis.com www.directupload.net
24 9

This site contains links to these domains. Also see Links.

Domain
play.google.com
www.facebook.com
www.cash4webmaster.de
Subject Issuer Validity Valid
directupload.net
R3
2022-12-16 -
2023-03-16
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-05-11 -
2023-05-11
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-01-10 -
2023-03-04
2 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh
*.directupload.net
R3
2022-12-14 -
2023-03-14
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.directupload.net/file/d/6813/gakgcgxt_jpg.htm
Frame ID: A7C9B406AB526ABA42B6D027B206BA41
Requests: 13 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fdirectupload.net&width&layout=button_count&action=like&show_faces=false&share=false&height=21&appId=124682694373536
Frame ID: 20496B5DCAA0F4EF598093F556B98A76
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fdirectupload.net&width=200&height=258&colorscheme=dark&show_faces=true&header=false&stream=false&show_border=false&appId=289819391172345
Frame ID: FCC4D4B3DA1E7F0E230030C5B94B6595
Requests: 12 HTTP requests in this frame

Screenshot

Page Title

haxxa.jpg - directupload.net

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

24
Requests

100 %
HTTPS

100 %
IPv6

7
Domains

9
Subdomains

10
IPs

4
Countries

524 kB
Transfer

1406 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request gakgcgxt_jpg.htm
www.directupload.net/file/d/6813/
47 KB
22 KB
Document
General
Full URL
https://www.directupload.net/file/d/6813/gakgcgxt_jpg.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:4f9:4b:1406::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
fd360c9fb4d726519248e8d3cf9ea45782e1a2064a66092b924aa2d8d82d1d51

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 24 Feb 2023 19:42:22 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx/1.18.0
css
fonts.googleapis.com/
5 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600
Requested by
Host: www.directupload.net
URL: https://www.directupload.net/file/d/6813/gakgcgxt_jpg.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0690262903337c5392e015553dd03594040f0c86bfe53f1a3200f619d9e6d499
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.directupload.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 24 Feb 2023 19:42:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 24 Feb 2023 18:31:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 24 Feb 2023 19:42:22 GMT
dc_si_logo.png
www.directupload.net/graphics/
26 KB
26 KB
Image
General
Full URL
https://www.directupload.net/graphics/dc_si_logo.png
Requested by
Host: www.directupload.net
URL: https://www.directupload.net/file/d/6813/gakgcgxt_jpg.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:4f9:4b:1406::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
d31ea2c4cf7927e86f3ac8cf2dbb8497140a0491edb051e57f71fe52dab8e76e

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.directupload.net/file/d/6813/gakgcgxt_jpg.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 19:42:22 GMT
last-modified
Tue, 04 Mar 2014 13:52:18 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"5315da92-683b"
content-length
26683
content-type
image/png
directupload.net.795264.js
jsc.mgid.com/d/i/
0
603 B
Script
General
Full URL
https://jsc.mgid.com/d/i/directupload.net.795264.js
Requested by
Host: www.directupload.net
URL: https://www.directupload.net/file/d/6813/gakgcgxt_jpg.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.directupload.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 19:42:22 GMT
x-amz-version-id
null
cf-cache-status
HIT
x-amz-request-id
TZRJD2GT90GBXXJ5
cf-polished
origSize=3
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-amz-id-2
3L+E/2hFt8CgFAdqGXbEjn6p9B5X3tVEL4e1EgrPgJFfVIe4BxThBmk+NaAyXpGxDjadocuFoP4=
cf-bgj
minify
last-modified
Fri, 25 Feb 2022 17:10:19 GMT
server
cloudflare
etag
"cf64b89236d83f0076d28cfa07bc8d51"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
cf-ray
79eaaf1cba793769-HEL
expires
Fri, 24 Feb 2023 22:42:22 GMT
like.php
www.facebook.com/plugins/ Frame 2049
33 KB
14 KB
Document
General
Full URL
https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fdirectupload.net&width&layout=button_count&action=like&show_faces=false&share=false&height=21&appId=124682694373536
Requested by
Host: www.directupload.net
URL: https://www.directupload.net/file/d/6813/gakgcgxt_jpg.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
374a108ce07e34877a6ea368759e53dc9e44596b452d935dbf8c5d792f4efa88
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.directupload.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Fri, 24 Feb 2023 19:42:22 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
pragma
no-cache
priority
u=3,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
J4Flfih19/qaqvi/lur6znqEl+5yYh8SpbZ4pbUcOk9EoYMeJsxwsXUve5SY9SEiXYJG9HVYhln41SfB0W/u8g==
x-fb-rlafr
0
x-xss-protection
0
likebox.php
www.facebook.com/plugins/ Frame FCC4
41 KB
13 KB
Document
General
Full URL
https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fdirectupload.net&width=200&height=258&colorscheme=dark&show_faces=true&header=false&stream=false&show_border=false&appId=289819391172345
Requested by
Host: www.directupload.net
URL: https://www.directupload.net/file/d/6813/gakgcgxt_jpg.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e682d8e63e5e3746314f0f9abe21dbc648c2eaee2bd879659fec03c0153a8359
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.directupload.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Fri, 24 Feb 2023 19:42:22 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
pragma
no-cache
priority
u=3,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
r7i8JqcmoN+3dFbj6up/iPiOVkPcxC2PyQf0W6l3DEDuF1Mv25QqTQdj+J5ZOJx1sKoQwi4pcNTFgKjexMBp8Q==
x-fb-rlafr
0
x-xss-protection
0
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b93a7aed9a8e1117f7568601ca06f9bd0d4d38f0ae30f4632b822d16b53e6542

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3f1156dabba4a119541b17114524deac58cc74e43548290a6463683277a00a69

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3e06a8f933474d89dfda2618b0190ca212c3f4bf560e7f008661b9ffafa3b213

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d308f6fd13a0c3d0eae95db36d472349c19245e10cf11b0d824999200fdf37ed

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/jpg
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.directupload.net
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:44:24 GMT
x-content-type-options
nosniff
age
158278
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Feb 2024 23:44:24 GMT
gakgcgxt.jpg
s20.directupload.net/images/230201/
89 KB
89 KB
Image
General
Full URL
https://s20.directupload.net/images/230201/gakgcgxt.jpg
Requested by
Host: www.directupload.net
URL: https://www.directupload.net/file/d/6813/gakgcgxt_jpg.htm
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2605:6400:30:eafe:7516:d0ef:b7d6:6c48 Luxembourg, Luxembourg, ASN53667 (PONYNET, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
77b63975b9e9b4767aa9111cae84d1436ff6fe8bc239efdace90b53550ca8822

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.directupload.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 19:42:22 GMT
Last-Modified
Wed, 01 Feb 2023 20:57:43 GMT
Server
nginx/1.18.0
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
90918
ga.js
ssl.google-analytics.com/
45 KB
17 KB
Script
General
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.directupload.net
URL: https://www.directupload.net/file/d/6813/gakgcgxt_jpg.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.directupload.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 24 Feb 2023 19:15:48 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
1594
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Fri, 24 Feb 2023 21:15:48 GMT
gakgcgxt.jpg
s20.directupload.net/images/230201/temp/
4 KB
5 KB
Image
General
Full URL
https://s20.directupload.net/images/230201/temp/gakgcgxt.jpg
Requested by
Host: www.directupload.net
URL: https://www.directupload.net/file/d/6813/gakgcgxt_jpg.htm
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2605:6400:30:eafe:7516:d0ef:b7d6:6c48 Luxembourg, Luxembourg, ASN53667 (PONYNET, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
46982321793488461ea00c2646dcae59b003432259c64b20409cec2d7e7fa6c9

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.directupload.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 19:42:22 GMT
Last-Modified
Wed, 01 Feb 2023 20:57:43 GMT
Server
nginx/1.18.0
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
4402
__utm.gif
ssl.google-analytics.com/r/
35 B
197 B
Image
General
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=981986280&utmhn=www.directupload.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=haxxa.jpg%20-%20directupload.net&utmhid=2071271749&utmr=-&utmp=%2Ffile%2Fd%2F6813%2Fgakgcgxt_jpg.htm&utmht=1677267742578&utmac=UA-2597810-3&utmcc=__utma%3D89936782.1592058370.1677267743.1677267743.1677267743.1%3B%2B__utmz%3D89936782.1677267743.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=903787825&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: www.directupload.net
URL: https://www.directupload.net/file/d/6813/gakgcgxt_jpg.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.directupload.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Feb 2023 19:42:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 2049
299 B
708 B
Image
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fdirectupload.net&width&layout=button_count&action=like&show_faces=false&share=false&height=21&appId=124682694373536
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 19:42:22 GMT
x-content-type-options
nosniff
content-md5
OIlAxCmR79nrM/Ez4ygGlg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
299
x-fb-rlafr
0
x-fb-debug
9rWAudvqFOS7gopETa0cLRqIa25cZLg3zH9on7JrG0+pjYcWLqAdFOe4Er9b4+ultkumpaVSZVnczKxoIQ9RuA==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 14 Feb 2024 17:26:23 GMT
74GfGsPjS6O.js
static.xx.fbcdn.net/rsrc.php/v3ix0U4/yq/l/fi_FI/ Frame 2049
526 KB
135 KB
XHR
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3ix0U4/yq/l/fi_FI/74GfGsPjS6O.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fdirectupload.net&width&layout=button_count&action=like&show_faces=false&share=false&height=21&appId=124682694373536
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
89c620638c977a0f64d4b753ca5e9c0cc7fdec8907c2def0426df51e60518887
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 19:42:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
N80xLJdmdAYMDe35A/kGIQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
138378
x-fb-rlafr
0
x-fb-debug
GerT9BjOxE/eKDYSjbvZmw+9gxDflY6EGRrvfqM0tCwVgxVYvHcRFcQbnYd8SvaFPEmJuwEA9S2Vx/thgkFXmg==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 22 Feb 2024 23:10:37 GMT
yD85BkPbiud.css
static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/ Frame FCC4
19 KB
5 KB
Stylesheet
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/yD85BkPbiud.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fdirectupload.net&width=200&height=258&colorscheme=dark&show_faces=true&header=false&stream=false&show_border=false&appId=289819391172345
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ff956ace412c9771481a0964a93b26b453d9723b8b8560bae8101e62b68df9fa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 19:42:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
WVJzaABcMP+OlODl0GWRBg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4848
x-fb-rlafr
0
x-fb-debug
+w2shj82JLM4a/jHvwumjiyKRUSUQH5wdowGBkbSVfAYb6Ml2KeAE6tQS+xtST3dCdqm9y56SVDgJG8h6Ed7mA==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 23 Feb 2024 19:12:08 GMT
k9frVvgZWTr.css
static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/ Frame FCC4
2 KB
1 KB
Stylesheet
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/k9frVvgZWTr.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fdirectupload.net&width=200&height=258&colorscheme=dark&show_faces=true&header=false&stream=false&show_border=false&appId=289819391172345
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cb5c67ccd076f55e9436fb016a51b3c33f646751187a7e0053908ca5e265108b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 19:42:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
q6bCky1+00PrRbx3auADnQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
833
x-fb-rlafr
0
x-fb-debug
BrF/eC12IN6R5RFk/xR3pkwqJZIXRP5wmydm4B4Gqx2/Gp6JHE1qs3bvROQIA6EumFTHc46GDdBzu5et2xq84Q==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 15 Feb 2024 00:34:56 GMT
TVof1RymRFO.js
static.xx.fbcdn.net/rsrc.php/v3/yY/r/ Frame FCC4
300 KB
80 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/TVof1RymRFO.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fdirectupload.net&width=200&height=258&colorscheme=dark&show_faces=true&header=false&stream=false&show_border=false&appId=289819391172345
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2c52738a74f342f9a279aec70710cf079cff5844231dd4e0e6b54bb6ce3fce1d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 19:42:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
rFSBjMhUyX7wcaiOV61pJw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
81191
x-fb-rlafr
0
x-fb-debug
9QnSiU/PMNOy0717XHsjuHG9yfGIBvHSV5ODD2FBk0/2rOpbBJBVWv20j1+hYQVbBT1H0VFD/ZeyfjD+9Pq/aQ==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 21 Feb 2024 22:37:23 GMT
nMFM52FAyXC.js
static.xx.fbcdn.net/rsrc.php/v3/y1/r/ Frame FCC4
12 KB
4 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y1/r/nMFM52FAyXC.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fdirectupload.net&width=200&height=258&colorscheme=dark&show_faces=true&header=false&stream=false&show_border=false&appId=289819391172345
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9041b3bcc26f2d4a54217036c5ff63eff2aa60ae421b3dafa88e1ced9cd72559
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 19:42:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
2BG/nVnMndffZpRB8niX/Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3891
x-fb-rlafr
0
x-fb-debug
QmZfSsof2XkUsdkYmDgt0VXoa3+I9HkdIOBlMdE5FcHitVzJW21BYPprGrmXKSe/Aohw90Iye5OD98YvP/CEaA==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 15 Feb 2024 00:36:16 GMT
Mw3QR2lNtuN.js
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ Frame FCC4
39 KB
12 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/Mw3QR2lNtuN.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fdirectupload.net&width=200&height=258&colorscheme=dark&show_faces=true&header=false&stream=false&show_border=false&appId=289819391172345
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
87e6cd6f8a53a60700cdf056b445ab7229367ca4a3ed713616cb8f27b4f15a88
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 19:42:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
kaSaFcCmsPdC/Qe5jNiADA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
12532
x-fb-rlafr
0
x-fb-debug
whOo2Eh91WC57l34b3Tt/+ASsOfBa6SSyv/lx60zhN+haC8v0RdaWYtZhGkjRx8m3RWBcD9NjHw1yWXdV9n2sA==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sun, 18 Feb 2024 02:03:18 GMT
sZ5F-OUzwqI.js
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ Frame FCC4
52 KB
16 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/sZ5F-OUzwqI.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fdirectupload.net&width=200&height=258&colorscheme=dark&show_faces=true&header=false&stream=false&show_border=false&appId=289819391172345
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8f5bffc3d2be5367e8f93fdb2856a4ce4658f75d1fdf78d69428aa8be88d99a4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 19:42:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
cqfDbfN12En7EkVA6rzexw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
16335
x-fb-rlafr
0
x-fb-debug
6nOefYS8d0IHp1JaqJySsgLG+gXxenuBNwOt08266ntttUnR/mVGj7qE8AA3jDB1alLi7r/XRTWkOU7aCHVnjg==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sun, 18 Feb 2024 02:03:18 GMT
dCr8nJpupVz.js
static.xx.fbcdn.net/rsrc.php/v3ix0U4/yN/l/fi_FI/ Frame FCC4
83 KB
23 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3ix0U4/yN/l/fi_FI/dCr8nJpupVz.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fdirectupload.net&width=200&height=258&colorscheme=dark&show_faces=true&header=false&stream=false&show_border=false&appId=289819391172345
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
40c2de8317dfc3dfdc111289426c92fa5acc3ea3c2ad322d287aa8e5ca9304e1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 19:42:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
zPxxBKIG4fI969XN/mFuxQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
23189
x-fb-rlafr
0
x-fb-debug
qATxgRYs75eSeqD4+chVVzQbc9exiSG/fEsyycHKiS4SDsHOxlTFE2harCEgAjTscDSVVt88CAAdBYNfaPEPyQ==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 23 Feb 2024 14:11:46 GMT
308513374_640174617677905_2325906459410721211_n.jpg
scontent-hel3-1.xx.fbcdn.net/v/t39.30808-6/ Frame FCC4
4 KB
4 KB
Image
General
Full URL
https://scontent-hel3-1.xx.fbcdn.net/v/t39.30808-6/308513374_640174617677905_2325906459410721211_n.jpg?stp=dst-jpg_p130x130&_nc_cat=100&ccb=1-7&_nc_sid=dd9801&_nc_ohc=kyw29S0j_o0AX8vm-zv&_nc_ht=scontent-hel3-1.xx&edm=AEDRbFQEAAAA&oh=00_AfA72WE0WJMeL5NXLvD7LpH5GUApCw6H3SqQqqJK1xZ04w&oe=63FE2D6D
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fdirectupload.net&width=200&height=258&colorscheme=dark&show_faces=true&header=false&stream=false&show_border=false&appId=289819391172345
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f013:d:face:b00c:0:3 Helsinki, Finland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
25163ca8c58a0d5f81bf3d4a3c6b1dcdd8a6a7ac2da464817b00fa225cb4a62a

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-haystack-needlechecksum
3495890650
date
Fri, 24 Feb 2023 19:42:23 GMT
x-fb-trip-id
1679558926
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
last-modified
Sat, 24 Sep 2022 00:04:59 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=2755666628
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
47852337
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
4192
308679812_640174614344572_283748720751194067_n.jpg
scontent-hel3-1.xx.fbcdn.net/v/t39.30808-1/ Frame FCC4
1 KB
2 KB
Image
General
Full URL
https://scontent-hel3-1.xx.fbcdn.net/v/t39.30808-1/308679812_640174614344572_283748720751194067_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=107&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=wPzs-WPJZZsAX-GWMQz&_nc_ht=scontent-hel3-1.xx&edm=AEDRbFQEAAAA&oh=00_AfACmjBXjuL1rJH1mvHk-Air0sv1dWgv4n9xeBMNvYnb1g&oe=63FE546E
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fdirectupload.net&width=200&height=258&colorscheme=dark&show_faces=true&header=false&stream=false&show_border=false&appId=289819391172345
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f013:d:face:b00c:0:3 Helsinki, Finland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ef63b1d3c4ccd40c63c2ff2761c37644ea82c9fc207f54d06118f314fc548d56

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-haystack-needlechecksum
3048438747
date
Fri, 24 Feb 2023 19:42:23 GMT
x-fb-trip-id
1679558926
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
last-modified
Sat, 24 Sep 2022 00:04:59 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=1747435264
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
2635550484
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
1458
odN6yT5qyq_.png
static.xx.fbcdn.net/rsrc.php/v3/yS/r/ Frame FCC4
1 KB
2 KB
Image
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/odN6yT5qyq_.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/yD85BkPbiud.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3a16bbf4914a49b1afe816e119c7da2d731dead9167c01d07984ef323e26bfa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/yD85BkPbiud.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 19:42:23 GMT
x-content-type-options
nosniff
content-md5
jWtlBZOXpZs9LMNqqzeJoA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1341
x-fb-rlafr
0
x-fb-debug
5o9cjJlPB7XD44TUJs0v01gDl6D2UU7F5w6krDSo8Fgpg/gBT0xvkjY5zGzEy0kCUzcYUxh0ysnkVu1JDIT+yQ==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 15 Feb 2024 09:53:57 GMT
LknN3bY3OG2.js
static.xx.fbcdn.net/rsrc.php/v3/yt/r/ Frame FCC4
21 KB
7 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/LknN3bY3OG2.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/TVof1RymRFO.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5970ba4f88cb09634969327e073e156dd29749a70ca4ac454a30ed0f82e0bea9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 19:42:23 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
guArMA32NFllqig+bkpcsg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7031
x-fb-rlafr
0
x-fb-debug
4VHv9zp9Bi6K5rjFaFPyYx2uZLR+Tu1bdbS8z3opz0TmNJc7SvhabQPAQlB0eAd1TEupLDk86dm+hI1lrDiccw==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 17 Feb 2024 02:31:06 GMT

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless function| shna number| win_h number| win_w function| toggle_infostrip number| img_h number| img_w number| nav_h undefined| ratio function| img_pos object| _gaq object| _gat object| gaGlobal

7 Cookies

Domain/Path Name / Value
www.directupload.net/ Name: PHPSESSID
Value: c7b641325a1528f02a6cb5857afef4b9
.mgid.com/ Name: __cf_bm
Value: tAHSiXrjXqTxSfQXdCmRRcO3J7vR8.9CL4WPqcmlP5E-1677267742-0-ATUZwx1z6zrbAfjsux6Opqanj2a5z11N0dFnNrHe06d6jP5jvDqXfVaRNB8uWgh9qtjQucu8v2qHjKu1w/aPhMY=
.directupload.net/ Name: __utma
Value: 89936782.1592058370.1677267743.1677267743.1677267743.1
.directupload.net/ Name: __utmc
Value: 89936782
.directupload.net/ Name: __utmz
Value: 89936782.1677267743.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.directupload.net/ Name: __utmt
Value: 1
.directupload.net/ Name: __utmb
Value: 89936782.1.10.1677267743

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
jsc.mgid.com
s20.directupload.net
scontent-hel3-1.xx.fbcdn.net
ssl.google-analytics.com
static.xx.fbcdn.net
www.directupload.net
www.facebook.com
2605:6400:30:eafe:7516:d0ef:b7d6:6c48
2606:4700:1::6813:864e
2a00:1450:4001:80e::200a
2a00:1450:4001:811::2008
2a00:1450:4001:82a::2003
2a01:4f9:4b:1406::2
2a03:2880:f013:d:face:b00c:0:3
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
0690262903337c5392e015553dd03594040f0c86bfe53f1a3200f619d9e6d499
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
25163ca8c58a0d5f81bf3d4a3c6b1dcdd8a6a7ac2da464817b00fa225cb4a62a
2c52738a74f342f9a279aec70710cf079cff5844231dd4e0e6b54bb6ce3fce1d
374a108ce07e34877a6ea368759e53dc9e44596b452d935dbf8c5d792f4efa88
3e06a8f933474d89dfda2618b0190ca212c3f4bf560e7f008661b9ffafa3b213
3f1156dabba4a119541b17114524deac58cc74e43548290a6463683277a00a69
40c2de8317dfc3dfdc111289426c92fa5acc3ea3c2ad322d287aa8e5ca9304e1
46982321793488461ea00c2646dcae59b003432259c64b20409cec2d7e7fa6c9
5970ba4f88cb09634969327e073e156dd29749a70ca4ac454a30ed0f82e0bea9
77b63975b9e9b4767aa9111cae84d1436ff6fe8bc239efdace90b53550ca8822
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
87e6cd6f8a53a60700cdf056b445ab7229367ca4a3ed713616cb8f27b4f15a88
89c620638c977a0f64d4b753ca5e9c0cc7fdec8907c2def0426df51e60518887
8f5bffc3d2be5367e8f93fdb2856a4ce4658f75d1fdf78d69428aa8be88d99a4
9041b3bcc26f2d4a54217036c5ff63eff2aa60ae421b3dafa88e1ced9cd72559
b93a7aed9a8e1117f7568601ca06f9bd0d4d38f0ae30f4632b822d16b53e6542
cb5c67ccd076f55e9436fb016a51b3c33f646751187a7e0053908ca5e265108b
d308f6fd13a0c3d0eae95db36d472349c19245e10cf11b0d824999200fdf37ed
d31ea2c4cf7927e86f3ac8cf2dbb8497140a0491edb051e57f71fe52dab8e76e
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
e3a16bbf4914a49b1afe816e119c7da2d731dead9167c01d07984ef323e26bfa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e682d8e63e5e3746314f0f9abe21dbc648c2eaee2bd879659fec03c0153a8359
ef63b1d3c4ccd40c63c2ff2761c37644ea82c9fc207f54d06118f314fc548d56
fd360c9fb4d726519248e8d3cf9ea45782e1a2064a66092b924aa2d8d82d1d51
ff956ace412c9771481a0964a93b26b453d9723b8b8560bae8101e62b68df9fa