upfilesurls.com Open in urlscan Pro
2606:4700:20::681a:88a Public Scan

Go To Rescan
Add Verdict Report

URL:
https://upfilesurls.com/nnclxwN
Submission: On April 24 via manual (April 24th 2023, 2:05:28 pm UTC) — Scanned from DE

Summary HTTP 168 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 42 IPs in 7 countries across 37 domains to perform 168 HTTP transactions. The main IP is 2606:4700:20::681a:88a, located in United States and belongs to CLOUDFLARENET, US. The main domain is upfilesurls.com. The Cisco Umbrella rank of the primary domain is 582666.
TLS certificate: Issued by GTS CA 1P5 on March 29th 2023. Valid for: 3 months.

This is the only time upfilesurls.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 15	2606:4700:20:... 2606:4700:20::681a:88a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3035::ac43:ad6a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.109.87.129 23.109.87.129	7979 (SERVERS-COM) (SERVERS-COM)
5	2600:9000:249... 2600:9000:2491:a00:0:2146:f680:21	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2606:4700::68... 2606:4700::6810:8516	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	139.45.195.253 139.45.195.253	9002 (RETN-AS) (RETN-AS)
4	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	108.138.17.20 108.138.17.20	16509 (AMAZON-02) (AMAZON-02)
4	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4 6	2a00:1450:400... 2a00:1450:4001:809::200d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
4 6	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:2250:e400:a:e047:752:b361	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	65.9.66.68 65.9.66.68	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
20	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	54.247.57.110 54.247.57.110	16509 (AMAZON-02) (AMAZON-02)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
2	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1 6	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1 1	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
2 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1 1	124.146.215.48 124.146.215.48	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
1 1	20.127.253.7 20.127.253.7	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	104.111.217.42 104.111.217.42	16625 (AKAMAI-AS) (AKAMAI-AS)
168	42

15 2606:4700:20::681a:88a (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

upfilesurls.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:ad6a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

upfiles.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.109.87.129 (Netherlands)

ASN7979 (SERVERS-COM, US)

cschyogh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2491:a00:0:2146:f680:21 (United States)

ASN16509 (AMAZON-02, US)

d18kg2zy9x3t96.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

cdntechone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700::6810:8516 (United States)

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.253 (United Kingdom)

ASN9002 (RETN-AS, GB)

datatechone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

pogothere.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 108.138.17.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-20.fra56.r.cloudfront.net

ukmlastityty.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

tunitytostara.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::200d (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

0ea836c9cd6b9ecf1e198f34628116aa.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:e400:a:e047:752:b361 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-68.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.247.57.110 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-247-57-110.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.23.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.75.86.98 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.215.48 (Japan) 1 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.127.253.7 (Tappahannock, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

sync.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.217.42 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 0ea836c9cd6b9ecf1e198f34628116aa.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 177	95 KB
24	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 cm.g.doubleclick.net — Cisco Umbrella Rank: 313	260 KB
20	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 322	436 KB
15	upfilesurls.com 3 redirects upfilesurls.com — Cisco Umbrella Rank: 582666	388 KB
14	google.com 8 redirects accounts.google.com — Cisco Umbrella Rank: 92 adservice.google.com — Cisco Umbrella Rank: 130 www.google.com — Cisco Umbrella Rank: 16	5 KB
14	demand.supply live.demand.supply — Cisco Umbrella Rank: 32910	34 KB
12	gstatic.com fonts.gstatic.com www.gstatic.com	380 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119	7 KB
5	ukmlastityty.info ukmlastityty.info	6 KB
5	cloudfront.net d18kg2zy9x3t96.cloudfront.net	229 KB
4	tunitytostara.info tunitytostara.info	1 KB
4	pogothere.xyz pogothere.xyz — Cisco Umbrella Rank: 16041	202 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 442 mug.criteo.com — Cisco Umbrella Rank: 1686	7 KB
3	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1319 id5-sync.com — Cisco Umbrella Rank: 612	19 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1703	460 B
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 535	956 B
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 4649	316 B
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1550 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1323	12 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 5261	696 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 91	20 KB
1	inmobi.com 1 redirects sync.inmobi.com — Cisco Umbrella Rank: 2351	710 B
1	socdm.com 1 redirects tg.socdm.com — Cisco Umbrella Rank: 1266	1 KB
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 1124	336 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1886	350 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 7904	551 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 238	49 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 4083	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 474	1 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 763	13 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 3991	2 KB
1	recaptcha.net www.recaptcha.net — Cisco Umbrella Rank: 2303	906 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107
1	datatechone.com datatechone.com — Cisco Umbrella Rank: 19949	468 B
1	cdntechone.com cdntechone.com — Cisco Umbrella Rank: 51250	8 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	44 KB
1	cschyogh.com cschyogh.com	1 KB
1	upfiles.com 1 redirects upfiles.com — Cisco Umbrella Rank: 637768	1 KB
168	37

	Domain	Requested by
20	cdn.ampproject.org	securepubads.g.doubleclick.net
16	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com upfilesurls.com 0ea836c9cd6b9ecf1e198f34628116aa.safeframe.googlesyndication.com
15	upfilesurls.com	3 redirects upfilesurls.com
14	live.demand.supply	upfilesurls.com live.demand.supply client
14	securepubads.g.doubleclick.net	upfilesurls.com securepubads.g.doubleclick.net
12	pagead2.googlesyndication.com	upfilesurls.com securepubads.g.doubleclick.net tpc.googlesyndication.com 0ea836c9cd6b9ecf1e198f34628116aa.safeframe.googlesyndication.com
8	fonts.gstatic.com	fonts.googleapis.com
7	fonts.googleapis.com	upfilesurls.com securepubads.g.doubleclick.net 0ea836c9cd6b9ecf1e198f34628116aa.safeframe.googlesyndication.com
6	cm.g.doubleclick.net	1 redirects 0ea836c9cd6b9ecf1e198f34628116aa.safeframe.googlesyndication.com
6	www.google.com	4 redirects tpc.googlesyndication.com upfilesurls.com
6	accounts.google.com	4 redirects upfilesurls.com
5	ukmlastityty.info	d18kg2zy9x3t96.cloudfront.net
5	d18kg2zy9x3t96.cloudfront.net	upfilesurls.com ukmlastityty.info
4	googleads.g.doubleclick.net	upfilesurls.com
4	www.gstatic.com	www.recaptcha.net upfilesurls.com 0ea836c9cd6b9ecf1e198f34628116aa.safeframe.googlesyndication.com
4	tunitytostara.info	upfilesurls.com
4	pogothere.xyz	d18kg2zy9x3t96.cloudfront.net
2	sync.teads.tv	1 redirects 0ea836c9cd6b9ecf1e198f34628116aa.safeframe.googlesyndication.com
2	eb2.3lift.com	2 redirects
2	gum.criteo.com	1 redirects static.criteo.net
2	id5-sync.com	cdn.id5-sync.com
2	esp.rtbhouse.com	invstatic101.creativecdn.com
2	0ea836c9cd6b9ecf1e198f34628116aa.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	sync.inmobi.com	1 redirects
1	tg.socdm.com	1 redirects
1	onetag-sys.com	1 redirects
1	rtb.openx.net	0ea836c9cd6b9ecf1e198f34628116aa.safeframe.googlesyndication.com
1	ads.travelaudience.com	1 redirects
1	www.googletagservices.com	upfilesurls.com
1	mug.criteo.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	www.recaptcha.net	upfilesurls.com
1	www.facebook.com	upfilesurls.com
1	datatechone.com	cdntechone.com
1	cdntechone.com	upfilesurls.com
1	www.googletagmanager.com	upfilesurls.com
1	cschyogh.com	upfilesurls.com
1	upfiles.com	1 redirects
168	47

This site contains links to these domains. Also see Links.

Domain
upfiles.com
sulvo.com

Subject Issuer	Validity	Valid
*.upfilesurls.com GTS CA 1P5	`2023-03-29` - `2023-06-27`	3 months	crt.sh
cschyogh.com R3	`2023-03-11` - `2023-06-09`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-01-26` - `2024-01-25`	a year	crt.sh
demand.supply Cloudflare Inc ECC CA-3	`2023-02-19` - `2024-02-19`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
datatechone.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-18` - `2023-12-24`	a year	crt.sh
ukmlastityty.info Amazon RSA 2048 M02	`2023-04-16` - `2024-05-14`	a year	crt.sh
tunitytostara.info GTS CA 1P5	`2023-04-16` - `2023-07-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-31` - `2023-05-01`	3 months	crt.sh
misc.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-02-25` - `2023-05-26`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-02-28` - `2023-05-29`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-03-20` - `2023-06-18`	3 months	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh

This page contains 17 frames:

Primary Page: https://upfilesurls.com/nnclxwN
Frame ID: 1DEEDEA1676F25521F6F21127EA1EBA3
Requests: 81 HTTP requests in this frame

Frame: https://ukmlastityty.info/QjRWbnQjVjUDSyMJNEgBMFhrS0YEEWQoEHMMPQlGOE1vFkc2DWBAFy5bIwoSMFs4GlosUSJLRgRnGwQYE2U4AiYUXmIFJiluByA8e3UUPzIqUGYBIRdNGxoycn0TJTcufQ47QCh6FDs3JFw1DCxybhIgPHt+ECghOngUWiQKTgMdMyUMHwodD1ADLyYpbhdfNxReIktGBHEQPCMMTiUgLAdTOiIYe3wBKUQ0cj0GJRJ3YjcyNUcBCkUhdx4pPjthAzglEl0POSYXRGcNMS5XAjYiNWcHIz4kWhwNNRpAZw0xLnIDKkFyYAQNPwdZMiI1KXI7ChgDbBVcWQNeFTs+FHoCOxcXch9bOi5DFwhGFEwCBgMJbjsKOANcE1k/JQUwOCwUQxkGFw5tFVolFWIuXxcHWAA2MA9EEAYHIW04JxUVXyVLRgR4LhksAUwMFCcDdQ43Mzp5FC8cLlYTCTUBfAAZJxdyDyAdD3gBFgwrdhMZNgZaYxYgOmYbDCwPEjwdGyxEaxYfc1shHQIuBBEpLQ
Frame ID: DBAFB9C7551EACB7E26F8AF6D98EEE01
Requests: 2 HTTP requests in this frame

Frame: https://ukmlastityty.info/QVZEc0QgNCceeyBrJlUxMzp5VnYHc3Y1IHBuLxR2Oy99C3c1b3JdJy05MRciMzkqB2ovMzBWdgcDEUIgEAEQNjMOEnBWdgcSLRBhcxQKNBUIDAM9KSAhEkIUEht2Kz0PJwsEPAgYFTYSCAAJIAIFHGFBAhMFLwkmFj0cIz4Yc3YxFCYudT4udWAANA45GxBCECM7CkEIFBN8IwNxIRIJMzYdF0IiCD8NSyJxBz0SLnFkFwkrdgYAFBEYBAIfIDYQdikTAy4WGSt0GAApAwgeDholF24qECkLJgU0CnQPDAQHBA4OGiUUD3I8ExsiAjQFFzITAAYKZAIYJwMELCk+bBM0IhB5Lw4JPBUZAEcvJxcJJR0sGDE7dgM+ICQ3AzM+BHANADNWdgc1KTolBxECHRQFFCU9Kgs/JSUdcxgAAHYGHh4fHQUmHjoQJm8UMRYpExM1KwBldR0iLCEMKikLc3YxJQAYLRApCyYVGQ05GxcHHSU7ESQmABwvFhMPIAIKHjAPFVUuMjkqA3kqAz0VEgQuJjIHIw
Frame ID: 58558D8FB10D475EECC15FF59459668E
Requests: 2 HTTP requests in this frame

Frame: https://ukmlastityty.info/eHBubUQZEg0AexlNDEsxChxTSHY+VVwrIElIBQp2AglXFXcMSVhDJxQfGwkiCh8AGWoWFRpIdj4FNF4CCxE6BgEwFyc9BhA9Ny4CKTE2XRIbJxlYBj8IVioSABQjLBI6Eio+Nw0yKBoWNxsBCRUPPiM1AUEmLAV8NCYsVQcwB1c4Bz01Py4FCzU7XCciMy88DzAYNywSKQM/PhIMVVwrERRJDTkFDCg5Pzc5JhkgIT8IAQ4SLTUtJRYAJj87dSI2XwkRIAkdDhItNQwsAhwiPDgoGRVeJwAgMis9EUkYJDozEzcvPzM+KCwsETwXJDwBSSILITMAJTwGaTIRKl0OPCgrKxc8BzsvBioIOCAvFBItPDchMhkaJy4lKyEAPh8jJS8uPS1cJysyLBkTOxg8JxNLSTk8Ak04LTgoPScCCgkrJSwIEzoIODwWQDk2Gh08MjsaCDElPAscEBQ7P3QXEywrHV4aHQIqCE0DVCYSKiwAIQ47
Frame ID: 19BBBB59255CBA395BE4EC3A49E5F80A
Requests: 2 HTTP requests in this frame

Frame: https://upfilesurls.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/078c83c1/invisible.js
Frame ID: 252861D87201A7195775611B13F7B892
Requests: 3 HTTP requests in this frame

Frame: https://0ea836c9cd6b9ecf1e198f34628116aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 154A766B8D8CA950DF9B588461B6B769
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: ED48FF5C4580C4290F59480E9E7D8F77
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 32FD365CE1D7C7EB0FA4331725DC9FF3
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012304062309000/amp4ads-v0.mjs
Frame ID: 8EA9B5F28AB8E2AD187CC85F6CB611B9
Requests: 14 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=upfilesurls.com
Frame ID: 6A8494276B39F069F6BE4BA5AA2C9372
Requests: 2 HTTP requests in this frame

Frame: https://0ea836c9cd6b9ecf1e198f34628116aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BA394D349B847EF5CDC94B1A030A2EF2
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: B1AF69C4F6DA3E13AF63301D65342561
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8237F3E34C86EE56D0FFF61AE845C4C5
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js
Frame ID: B9609E8814CE8400C13CFBAD8DF60C38
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012304062309000/amp4ads-v0.mjs
Frame ID: 371BA3E8E6CE920BE5AE46B40166FBB9
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012304062309000/amp4ads-v0.mjs
Frame ID: 83FA0F0DE6D72F0374CB1114D477798B
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012304062309000/amp4ads-v0.mjs
Frame ID: B378AB868242B113B991FCC6A9F47EB6
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

prof boy.mp4

Page URL History Show full URLs

https://upfilesurls.com/nnclxwN HTTP 302
https://upfiles.com/authenticate/nnclxwN HTTP 302
https://upfilesurls.com/nnclxwN?auth=eyJpdiI6ImFBRC9NTG1jdTY4MUF2Qkp4WWJRVXc9PSIsInZhbHVlIjoiZlFUczY... HTTP 302
https://upfilesurls.com/nnclxwN Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

168
Requests

92 %
HTTPS

60 %
IPv6

37
Domains

47
Subdomains

42
IPs

7
Countries

2216 kB
Transfer

6202 kB
Size

30
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://upfiles.com/

Search URL Search Domain Scan URL

URL: https://upfiles.com/page/payment-proof
Title: Payment Proof

Search URL Search Domain Scan URL

URL: https://upfiles.com/page/payout-rates
Title: Payout Rates

Search URL Search Domain Scan URL

URL: https://upfiles.com/login
Title: Login

Search URL Search Domain Scan URL

URL: https://upfiles.com/register
Title: Sign Up

Search URL Search Domain Scan URL

URL: https://upfiles.com/contact
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://upfiles.com/page/faq
Title: FAQ

Search URL Search Domain Scan URL

URL: https://upfiles.com/page/terms
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://upfiles.com/page/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://upfiles.com/page/dmca
Title: DMCA

Search URL Search Domain Scan URL

URL: https://sulvo.com/?utm_source=https://upfilesurls.com/nnclxwN&utm_adtype=sticky_display&utm_medium=sulvo

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://upfilesurls.com/nnclxwN HTTP 302
https://upfiles.com/authenticate/nnclxwN HTTP 302
https://upfilesurls.com/nnclxwN?auth=eyJpdiI6ImFBRC9NTG1jdTY4MUF2Qkp4WWJRVXc9PSIsInZhbHVlIjoiZlFUczYzQ2V2QVdZYkdLWmU1UWgyZz09IiwibWFjIjoiZjY0NmRhMTgzM2JlYmNhYzUzYzZlMDE3MTcxMzM5ZTViNjliNzMyMjQ3ZjE2YWNmZmY2NDkxYTRjZTc4NDdjNCIsInRhZyI6IiJ9 HTTP 302
https://upfilesurls.com/nnclxwN Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AQMjQ7T8sqLkbskU5sMQSvgilsZFNCGiueHd0v_eEnbeICdQZ-JucYbSAElRuJRh5J7DDG-y0ni0 HTTP 302
https://accounts.google.com/v3/signin/identifier?dsh=S-938555786%3A1682345122364217&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7Ta7IzoH5_u_9LQkdpVLN1F7kipOPHOHr51j_OPXWP6IOnjYTTbMDWe6KLUeqLhiU5O2NVX5w&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin

Request Chain 30

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AQMjQ7Te7lef4nv5ysyO9bEWC_edekmVyv8VxDbapkQpEYJMcvVlPaMaYVcantW7m9Ak9pla8ndp HTTP 302
https://accounts.google.com/v3/signin/identifier?dsh=S-872287748%3A1682345122358073&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7RQoc8-Yx4fYz9he20l1rBVWa2O-R1c4QN563H4atSAh9ZoUixW4O2N3s2j044sNFQ5umTrmQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin

Request Chain 46

https://upfilesurls.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://upfilesurls.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/078c83c1/invisible.js

Request Chain 106

https://gum.criteo.com/sid/json?origin=publishertagids&domain=upfilesurls.com&sn=ChromeSyncframe&so=0&topUrl=upfilesurls.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=kuy5GXxnQ0VyL3hjTlI4STJzelMvWTZkckNzWXYxb3l2ejJHZXc0YzcrNWpyUkNMTWJ2eDNFanFUNXlRa04wNVA0b3hXcGtqWTl5Ymo5Qm1UeVlCcHJDTkY1M1dYYzkwMnUvSVowaVFxQmV1YTJqK0pOV2tlcHpNNjg0Z21SSUtaTEpvTzZTN2Z1anZUYTFuZnNXSDdtQjY0Um1Yc3pESzd5eTBORVpHc2xJVVNKeFd4ak1ydEpYaFg5UVB6KzFOcHU0b1dGRHhmTTR5S00yWHk5V0lIQTNGdUJ3YTh3RWNqRDNFd1U5UVVRUG9uM1dKVC9xZVVBOEY2NVVRWFg3RTQ0SEpQdFdSZVY4bWJTeGFOSmFlUW5OS1R0QT09fA&cppv=2

Request Chain 107

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 124

https://ads.travelaudience.com/google_pixel?google_gid=CAESEFSJwIWSLgSTGRWPbHzOlog&google_cver=1&google_push=Aer7DvLp40lZ5tr_Msk1F5LAw0nVoFcmFbLu-U2MIS67roBOhMYQpRyP0U_KEaRVrRNV4v7H16EylgyP7hd36Haxqrv3R3IjXpg HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=wchhlePFTIeeJv0LCTkkQQ2&google_push=Aer7DvLp40lZ5tr_Msk1F5LAw0nVoFcmFbLu-U2MIS67roBOhMYQpRyP0U_KEaRVrRNV4v7H16EylgyP7hd36Haxqrv3R3IjXpg

Request Chain 126

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAGYGHtwAnPHvrfo4q22tkc&google_cver=1&google_push=Aer7DvIgurMN6CpkSG1CQ4Ex2JfvzbnRKy1Andz9lWVoBBqqBQZPfs4wC94uYxdpZ_BylsJiCAUUIK2Z1bcx5wonU9sac93beQ24 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvIgurMN6CpkSG1CQ4Ex2JfvzbnRKy1Andz9lWVoBBqqBQZPfs4wC94uYxdpZ_BylsJiCAUUIK2Z1bcx5wonU9sac93beQ24

Request Chain 127

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESENt6pjUrXJlc3MYsHPyiMAU&google_cver=1&google_push=Aer7DvLYIBrv4icTVfxnJmBwYIr6V7utFWcoodW8f7kXExE8SeFUsINC3GhIHDilTqskyIV0UPAbY50xQY-wrE9dYSIVayIzzq3L HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aer7DvLYIBrv4icTVfxnJmBwYIr6V7utFWcoodW8f7kXExE8SeFUsINC3GhIHDilTqskyIV0UPAbY50xQY-wrE9dYSIVayIzzq3L&google_gid=CAESENt6pjUrXJlc3MYsHPyiMAU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI1NTk5MTgyNTI0ODkzNzI4ODg1Mg%3D%3D&google_push=Aer7DvLYIBrv4icTVfxnJmBwYIr6V7utFWcoodW8f7kXExE8SeFUsINC3GhIHDilTqskyIV0UPAbY50xQY-wrE9dYSIVayIzzq3L

Request Chain 128

https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEKYhdSMoUbYhKUBeKdqn7Ng&google_cver=1&google_push=Aer7DvJFoAOn43z3a78vZICTyGizFh5FBFruClP4D303Hk3PU1MCRZELkaMATJEsXF2XKyj6WcR3qOaZAlXx5cJBYMSycj8PHmzP HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=Aer7DvJFoAOn43z3a78vZICTyGizFh5FBFruClP4D303Hk3PU1MCRZELkaMATJEsXF2XKyj6WcR3qOaZAlXx5cJBYMSycj8PHmzP&google_hm=WkVhTXBNQ284WGtBQURidkdlc0FBQUFB

Request Chain 129

https://sync.inmobi.com/gob?google_gid=CAESEIXsrUdCGmnW99QthP9qhAU&google_cver=1&google_push=Aer7DvLZoFSHXz1D3cmWSrVOxv5tfmzDrNbk7UC6LXpzV9_ENhh7sPBiXAUEezliRJsoEJazHy6Bo9NSq-t3atfl7Ttyh9x-MKR6lA HTTP 302
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAer7DvLZoFSHXz1D3cmWSrVOxv5tfmzDrNbk7UC6LXpzV9_ENhh7sPBiXAUEezliRJsoEJazHy6Bo9NSq-t3atfl7Ttyh9x-MKR6lA

Request Chain 130

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEBasNDpnRlilvXoh-kqUwYs&google_cver=1&google_push=Aer7DvJmBxDj9blzHlEhMwiA1xODTPRfundUwuK-uMBkSy3701fw5TxVP-9wEHFHg81YzShyUUAcvZHeSuvxoh0vE-KT1hOq7V3y8w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aer7DvJmBxDj9blzHlEhMwiA1xODTPRfundUwuK-uMBkSy3701fw5TxVP-9wEHFHg81YzShyUUAcvZHeSuvxoh0vE-KT1hOq7V3y8w HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 144

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 158

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 172

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

168 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request nnclxwN Show response
upfilesurls.com/
Redirect Chain

https://upfilesurls.com/nnclxwN
https://upfiles.com/authenticate/nnclxwN
https://upfilesurls.com/nnclxwN?auth=eyJpdiI6ImFBRC9NTG1jdTY4MUF2Qkp4WWJRVXc9PSIsInZhbHVlIjoiZlFUczYzQ2V2QVdZYkdLWmU1UWgyZz09IiwibWFjIjoiZjY0NmRhMTgzM2JlYmNhYzUzYzZlMDE3MTcxMzM5ZTViNjliNzMyMjQ3ZjE2...
https://upfilesurls.com/nnclxwN

91 KB
38 KB

253ms
253ms

Document
text/html

2606:4700:20::681a:88a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://upfilesurls.com/nnclxwN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:88a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49f86648fe980257af70e72fe77536eafb2e52a736ac055325586dc80bd6390f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7bcee690fa8337ce-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 24 Apr 2023 14:05:21 GMT
expires: -1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0LtdEEoqEVo2PZhGj4bB7WMZKu5GkrpW8%2B5HvfzqNvwZL%2Fncre%2BOARIdTsHj0ZctB4wCv%2BGxwh%2FDvCdCYHpUmFWOeZ%2B66oan9sbm9LTVn3MK%2BBMRKJ%2BCn84tHkoMPO0RXgsGN6XtVl9aA%2Bw8ag%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

cache-control: private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7bcee69089ad37ce-FRA
content-type: text/html; charset=UTF-8
date: Mon, 24 Apr 2023 14:05:21 GMT
expires: -1
location: https://upfilesurls.com/nnclxwN
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gbfup6T2lJMMfRl4FeHayXb%2BLwqx4KBKmlo%2FO0XA5OCDFigEgMQ6xUbHCjSIO5lOAc7pHkenylY1PiG8G1IgYjd9hZCxKIxO46FA8mTxP77JhMJSQx%2FGIFX8aR1dUBEFVByoS3Hj7Lf1xAeiJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 frontend.css
upfilesurls.com/css/ 255 KB
47 KB 21ms
20ms Stylesheet
text/css 2606:4700:20::681a:88a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://upfilesurls.com/css/frontend.css?id=2396ffb76e738e465b53

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/nnclxwN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:88a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e51161fcc5b2c4b90c3381e517152eb275d52a6c288954e502479d7421386240

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/nnclxwN
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:05:21 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 21 Dec 2022 18:47:00 GMT
server: cloudflare
age: 7122750
etag: W/"63a354a4-3f918"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uOa8h9Pmb%2FbfMFWu3q7GX03mZ7JESs%2FUSe0Zh2n3F6gCQPu4CW%2BygrFFbBZUOC%2FrlYGcqwkUiBUgYCfpR6mLcodHb4RLVIxl75CsfflBzv%2BNYCkp%2Box4CpzxPSKoa%2FVseXli0Xeevrzsns%2BjvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 7bcee6929ce237ce-FRA

GET
H2 200 logo.svg
upfilesurls.com/img/ 22 KB
6 KB 17ms
17ms Image
image/svg+xml 2606:4700:20::681a:88a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upfilesurls.com/img/logo.svg

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/nnclxwN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:88a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d526da1f4d4af45cefd2a0d140abec2beddc3150d13c47d3de893eaa278a369d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/nnclxwN
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:05:21 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 08 Apr 2022 10:55:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1938317
etag: W/"625014b1-56e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GNzX8paMhXlZ7crb1sW%2By1t%2BrNUOBMzQ4M2c6pvGKizZOnxxivw0SARl8rE66vehzM6HKoOXNfaUVRMBxlLzOz4q09fqAk%2FSthXrkkJm7E%2FfsrzJ0ALtKTE59sMKICefgY9n8ExbgI%2FVo7RvEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=2592000
cf-ray: 7bcee6929ce737ce-FRA

GET
H2 200 menu.svg
upfilesurls.com/img/ 2 KB
744 B 17ms
17ms Image
image/svg+xml 2606:4700:20::681a:88a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upfilesurls.com/img/menu.svg

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/nnclxwN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:88a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d3e6705b468cecdd78fb9a1ee6688d60e1d2c1caa0db7baa88db460315dccea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/nnclxwN
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:05:21 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2023 16:39:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1938316
etag: W/"63d009ce-72e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uaYsRhsnKCtS5kcFQVkaRxoUqmRmyUxOulSFl4S0MmWfbu%2FzRZshlYkTdHNar6Rb1PeowkVUtj43%2FAolYex%2FPKR2PfGZ%2FMWKMpZcSF%2Bpbx5IgLQPCfghT9fQ7MZuqgUKV4onbJPnaYkhKG85qg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=2592000
cf-ray: 7bcee692bd1837ce-FRA

GET
H/1.1 200
OK 34742 Show response
cschyogh.com/1clkn/ 6 B
1 KB 194ms
22ms Script
application/javascript 23.109.87.129
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://cschyogh.com/1clkn/34742

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/nnclxwN

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

23.109.87.129 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 14:05:22 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=1
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Keep-Alive: timeout=20

GET
H2 200 / Show response
d18kg2zy9x3t96.cloudfront.net/ 349 KB
113 KB 209ms
170ms Script
text/plain 2600:9000:2491:a00:0:2146:f680:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d18kg2zy9x3t96.cloudfront.net/?yzgkd=978153
Requested by: Host: upfilesurls.com
URL: https://upfilesurls.com/nnclxwN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:a00:0:2146:f680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4305968d401a058b6695f260f04b69cb6ae4fadf6fd1a0c5078a67f9d2dbd86e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 14:05:21 GMT
content-encoding: gzip
via: 1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 115499
x-amz-cf-id: QzXm_DNx-brmmt6ykoapwj1IAVq5AmQM0aO2JZbxLILbX9oCVNCAjw==

GET
H2 200 css2
fonts.googleapis.com/ 18 KB
1 KB 131ms
48ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/css/frontend.css?id=2396ffb76e738e465b53

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

122b045d95227f20b88e28c6fb8336f022295044d74694904ddaa04d4022ac45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 24 Apr 2023 14:05:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 14:05:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 24 Apr 2023 14:05:21 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 74 KB
25 KB 216ms
103ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/nnclxwN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11caa94312d47d8d21f6fd1c27b073d4485600c5bd2795b6d9c5e21eaf90f9f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:05:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25087
x-xss-protection: 0
server: cafe
etag: 872 / 19471 / 31074054 / config-hash: 15625217941778994661
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 14:05:22 GMT

GET
H2 200 faqs-image.svg
upfilesurls.com/img/ 37 KB
13 KB 18ms
17ms Image
image/svg+xml 2606:4700:20::681a:88a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upfilesurls.com/img/faqs-image.svg

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/nnclxwN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:88a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a717285429d468fadc4d25179fc6feb49e6335f3af1675fb6be1cb50e7e8322

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/nnclxwN
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:05:21 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Jan 2023 13:29:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1938313
etag: W/"63c15cbf-95fb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BAhjrTeqWfrBeAoIOf%2BcT9EOQ8elSgT9Tq%2FDm0M6PqSS%2B%2BOSxiyBzx3wTnvK2djyCfrJ1EBbFbMJnkndtlO2rHITU94DMkEoJIJfmFTUlNiJdVsd18vvKbT2VzAkNntNjrd9XiOhGPNFVE%2BgaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=2592000
cf-ray: 7bcee6939e4a37ce-FRA

GET
H2 200 plane.svg
upfilesurls.com/img/ 684 B
738 B 14ms
13ms Image
image/svg+xml 2606:4700:20::681a:88a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upfilesurls.com/img/plane.svg

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/nnclxwN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:88a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d454583aa343d4c8aa4e42c0876b20e60c20c0b89284e4ef0c662d0426c18254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/nnclxwN
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:05:21 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Jan 2023 13:29:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1938313
etag: W/"63c15cbf-2ac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=czbpn%2B7INmAurb8fm%2BOqJW8ilt2L5m3ktwWCUIIA7wBPkx2lK00vMWC0AzmpAPK6GQ%2BOHbv09W21cftYSNLFVgeqo4BNjXj4I9eoEQ87fsNdnpmMY2NgoiWXjCzjw7xtK%2B5EHrPcAX9s5n36gQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=2592000
cf-ray: 7bcee6939e4c37ce-FRA

GET
H2 200 ads.js Show response
upfilesurls.com/js/ 2 KB
1018 B 19ms
19ms Script
application/javascript 2606:4700:20::681a:88a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://upfilesurls.com/js/ads.js

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/nnclxwN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:88a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba4689299e8a29627b02f9dd8bb5ecec1ca32122dab181724dee2313627d9d85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/nnclxwN
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:05:21 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sun, 08 Jan 2023 11:38:01 GMT
server: cloudflare
age: 7122750
etag: W/"63baab19-608"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nZ48jHsGi23WjnKLP5WJd5Wurl10pIWggPg9oki13sVkSfkDMS25XgGNA%2By9K0CG1CPoEjRpka61%2B3h%2B5zSkZIhYL2w0zd5sV5vXf%2B7kkpScrm4euul5vGxhLHGSVo%2Bgofqj10TwLUk%2FCl%2BHHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 7bcee6939e3e37ce-FRA

GET
H2 200 frontend.js Show response
upfilesurls.com/js/ 958 KB
262 KB 39ms
37ms Script
application/javascript 2606:4700:20::681a:88a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://upfilesurls.com/js/frontend.js?id=88f283c744d8a6e43cfb

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/nnclxwN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:88a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e87e0991dcfaa2c7b015d284d8b5d872363eb52af458b63c8449351b4b24612f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/nnclxwN
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:05:21 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7122749
cf-polished: origSize=980842
cf-bgj: minify
last-modified: Sun, 08 Jan 2023 11:38:01 GMT
server: cloudflare
etag: W/"63baab19-ef76a"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gk1ZkgMnyGF4vJkYhcZaO6EMzSFLMmnMUK5rLh13uNaD2a9H6jPgO0ETqkcTenv79TvFoDkNAdsdjt3Ota%2Bf4ee6Swv3RmW9OeZ%2BOMoSCJ75AI%2BJ9uciSOkLJ8WIxMSSSL8nfqZWK6w6rASP4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 7bcee6939e4737ce-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 113 KB
44 KB 147ms
50ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-197252557-1

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/nnclxwN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

93059e3cfb6b9298f5b8b8cc7dbc3f0df9da6bc28aef9354185493c7c590fd0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:05:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45106
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 24 Apr 2023 14:05:21 GMT

GET
H2 200 stattag.js Show response
cdntechone.com/ 18 KB
8 KB 68ms
25ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdntechone.com/stattag.js
Requested by: Host: upfilesurls.com
URL: https://upfilesurls.com/nnclxwN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d45b2164e7d4b3463daed6795455b3a92c97f008b419ab071c7298d02171144

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:05:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 06 Mar 2023 09:49:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1871
etag: W/"6405b746-4829"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9nEXQFNv4DVNmBjPe7CB3pMAunNpHC92Ki2WlA%2FAqNin8nuWN085m%2B1EqPU%2B%2F4BwDaLhiINsFWVsUVo86aBQ1HVcbhUEXY0eP1E%2F2kChcsJQX6O88HPrOI%2BU7LCx9XBeD5G641wpsbQ9OWpJwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7bcee693db6235f9-FRA
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 up.js Show response
live.demand.supply/ 5 KB
3 KB 136ms
110ms Script
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/up.js
Requested by: Host: upfilesurls.com
URL: https://upfilesurls.com/nnclxwN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84e6d40058418cf5dfb914a0af63be9c0ac7b4b25990b51fd13c5d0861d74812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GYAHT2SN209EXQN5SXM4JVJ5
date: Mon, 24 Apr 2023 14:05:21 GMT
content-encoding: br
cf-cache-status: HIT
age: 748
cf-polished: origSize=4391
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"2bcc750d9f5a6b1343fb85264ffd8b3b-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 7bcee693b8e5924a-FRA
link: <https://live.demand.supply/impl.v16.7.1.js>; rel=preload; as=script,<https://live.demand.supply/p4/v16-2-0/dXBmaWxlc3VybHMuY29tLw==>; rel=preload; as=script
timing-allow-origin: *

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 37 KB
37 KB 167ms
75ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://upfilesurls.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 06:05:37 GMT
x-content-type-options: nosniff
age: 201584
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37924
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 06:05:37 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 128ms
36ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://upfilesurls.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 06:22:44 GMT
x-content-type-options: nosniff
age: 200557
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 06:22:44 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 131ms
45ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://upfilesurls.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 06:10:15 GMT
x-content-type-options: nosniff
age: 201306
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 06:10:15 GMT

POST
H/1.1 200
OK add Show response
datatechone.com/log/ 2 B
468 B 60ms
13ms XHR
text/plain 139.45.195.253
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://datatechone.com/log/add?cid=099bff94-57af-4b2b-a42c-300c65c51697
Requested by: Host: cdntechone.com
URL: https://cdntechone.com/stattag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://upfilesurls.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 24 Apr 2023 14:05:22 GMT
Server: nginx/1.19.10
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://upfilesurls.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 2

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
100 KB 78ms
38ms Fetch
binary/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: d18kg2zy9x3t96.cloudfront.net
URL: https://d18kg2zy9x3t96.cloudfront.net/?yzgkd=978153
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:05:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1868
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 24 Apr 2023 13:34:14 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://upfilesurls.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hu6kpOfjI3eKLMo8gPIPWdnl4q%2FmIZyEVsGgTlA0fVAW83s%2F1LYdB3BbstJwBR9gNMIAj53ncpoYGXX1y8BEOrAY2ODRdh0JnnyouuwwrirtWsMKsV63SRXFUT4Zt7PY"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7bcee694b9799171-FRA
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
pogothere.xyz/ 27 B
370 B 151ms
112ms Fetch
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: d18kg2zy9x3t96.cloudfront.net
URL: https://d18kg2zy9x3t96.cloudfront.net/?yzgkd=978153
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a25d037bdf359c8a0580456aad01e1c64fc75f41b90248b43033943fc13356d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:05:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FvEWMbwpDJtruGtnbzKTmPaw5ohPS61rBFjEqU4bMPNxOkzYRtp0mFC3V3TQpIN6nT0JAJQGcWinUs%2BJugrGUVeuV3NEC0CKhQ%2Bpd4i7nxTVTEiq8FbEY9xJgFC%2BmW2Z"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://upfilesurls.com
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 7bcee694b97c9171-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
ukmlastityty.info/ 0
539 B 126ms
101ms XHR
text/plain 108.138.17.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ukmlastityty.info/utx?cb=0yOoEgH4f9Gb&top=upfilesurls.com&tid=978153
Requested by: Host: d18kg2zy9x3t96.cloudfront.net
URL: https://d18kg2zy9x3t96.cloudfront.net/?yzgkd=978153
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-20.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 14:05:22 GMT
via: 1.1 4dd80d99fd5d0f6baaaf5179cd921f72.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://upfilesurls.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: 4cCLgB3cT7_y5nAFwWfEC2l46tmFNdg6lljXIz1q1zdCVBxBRbfRyw==

GET
H2 200 JQUwOCwUQxkGFw5tFVolFWIuXxcHWAA2MA9EEAYHIW04JxUVXyVLRgR4LhksAUwMFCcDdQ43Mzp5FC8cLlYTCTUBfAAZJxdyDyAdD3gBFgwrdhMZNgZaYxYgOmYbDCwPEjwdGyxEaxYfc1shHQIuBBEpLQ Show response
ukmlastityty.info/QjRWbnQjVjUDSyMJNEgBMFhrS0YEEWQoEHMMPQlGOE1vFkc2DWBAFy5bIwoSMFs4GlosUSJLRgRnGwQYE2U4AiYUXmIFJiluByA8e3UUPzIqUGYBIRdNGxoycn0TJTcufQ47QCh6FDs3JFw1DCxybhIgPHt+ECghOngUWiQKTgMdMyUMHwo... Frame DBAF 3 KB
2 KB 189ms
189ms Document
text/html 108.138.17.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ukmlastityty.info/QjRWbnQjVjUDSyMJNEgBMFhrS0YEEWQoEHMMPQlGOE1vFkc2DWBAFy5bIwoSMFs4GlosUSJLRgRnGwQYE2U4AiYUXmIFJiluByA8e3UUPzIqUGYBIRdNGxoycn0TJTcufQ47QCh6FDs3JFw1DCxybhIgPHt+ECghOngUWiQKTgMdMyUMHwodD1ADLyYpbhdfNxReIktGBHEQPCMMTiUgLAdTOiIYe3wBKUQ0cj0GJRJ3YjcyNUcBCkUhdx4pPjthAzglEl0POSYXRGcNMS5XAjYiNWcHIz4kWhwNNRpAZw0xLnIDKkFyYAQNPwdZMiI1KXI7ChgDbBVcWQNeFTs+FHoCOxcXch9bOi5DFwhGFEwCBgMJbjsKOANcE1k/JQUwOCwUQxkGFw5tFVolFWIuXxcHWAA2MA9EEAYHIW04JxUVXyVLRgR4LhksAUwMFCcDdQ43Mzp5FC8cLlYTCTUBfAAZJxdyDyAdD3gBFgwrdhMZNgZaYxYgOmYbDCwPEjwdGyxEaxYfc1shHQIuBBEpLQ
Requested by: Host: d18kg2zy9x3t96.cloudfront.net
URL: https://d18kg2zy9x3t96.cloudfront.net/?yzgkd=978153
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-20.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: b75c87fd2f5fa87649642dbad66e3eaf75d8202c3fb0532d31bd622bbbe3195a

Request headers

Referer: https://upfilesurls.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1236
content-type: text/html
date: Mon, 24 Apr 2023 14:05:22 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 4dd80d99fd5d0f6baaaf5179cd921f72.cloudfront.net (CloudFront)
x-amz-cf-id: VcDMdf-1WXlpN1732O2LUH90BgxQD18O3LbEhyMBKZKfJf6tXLChlw==
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
101 KB 26ms
22ms Fetch
binary/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: d18kg2zy9x3t96.cloudfront.net
URL: https://d18kg2zy9x3t96.cloudfront.net/?yzgkd=978153
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:05:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1868
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 24 Apr 2023 13:34:14 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://upfilesurls.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qRUL94jTf1A8xAY81G1LQKfaMZGVutZT6JH%2BJxHnMT%2BIYOEcC491rYPrcWfeuWqjcEyUGhAJLt%2FFds45xn0foYvb%2F8zcRtRnH1GfC7Rc%2FCHSFF8dw7Jl4uVR0tv1sERL"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7bcee694b97d9171-FRA
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
pogothere.xyz/ 27 B
349 B 121ms
117ms Fetch
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: d18kg2zy9x3t96.cloudfront.net
URL: https://d18kg2zy9x3t96.cloudfront.net/?yzgkd=978153
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b7cc222b02ddab0cb472ac0121a812bce4e97dd426989835944505c50db11e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:05:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j5%2BX37fiEgpg3XSF4cJg27ReNBbzTxqrJ4S%2BYjxZlicu9c6tFyxDnVX1KDOm7gTeReQLyDVpdbqcjCTq7HxjJGzFSCFIAN1y9kRIUa9NcwK0lvTAVFdWgwqRNhMTU5o4"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://upfilesurls.com
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 7bcee694b97e9171-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
ukmlastityty.info/ 0
537 B 98ms
98ms XHR
text/plain 108.138.17.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ukmlastityty.info/utx?cb=06kMy8ocs3P0&top=upfilesurls.com&tid=974624
Requested by: Host: d18kg2zy9x3t96.cloudfront.net
URL: https://d18kg2zy9x3t96.cloudfront.net/?yzgkd=978153
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-20.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 14:05:22 GMT
via: 1.1 4dd80d99fd5d0f6baaaf5179cd921f72.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://upfilesurls.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: SmbqEXYodClNlyeWgiX050_u9E2KNjpboYe4kZ31y151SgrapFx6GA==

GET
H2 200 JSUdcxgAAHYGHh4fHQUmHjoQJm8UMRYpExM1KwBldR0iLCEMKikLc3YxJQAYLRApCyYVGQ05GxcHHSU7ESQmABwvFhMPIAIKHjAPFVUuMjkqA3kqAz0VEgQuJjIHIw Show response
ukmlastityty.info/QVZEc0QgNCceeyBrJlUxMzp5VnYHc3Y1IHBuLxR2Oy99C3c1b3JdJy05MRciMzkqB2ovMzBWdgcDEUIgEAEQNjMOEnBWdgcSLRBhcxQKNBUIDAM9KSAhEkIUEht2Kz0PJwsEPAgYFTYSCAAJIAIFHGFBAhMFLwkmFj0cIz4Yc3YxFCYudT4... Frame 5855 3 KB
2 KB 195ms
195ms Document
text/html 108.138.17.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ukmlastityty.info/QVZEc0QgNCceeyBrJlUxMzp5VnYHc3Y1IHBuLxR2Oy99C3c1b3JdJy05MRciMzkqB2ovMzBWdgcDEUIgEAEQNjMOEnBWdgcSLRBhcxQKNBUIDAM9KSAhEkIUEht2Kz0PJwsEPAgYFTYSCAAJIAIFHGFBAhMFLwkmFj0cIz4Yc3YxFCYudT4udWAANA45GxBCECM7CkEIFBN8IwNxIRIJMzYdF0IiCD8NSyJxBz0SLnFkFwkrdgYAFBEYBAIfIDYQdikTAy4WGSt0GAApAwgeDholF24qECkLJgU0CnQPDAQHBA4OGiUUD3I8ExsiAjQFFzITAAYKZAIYJwMELCk+bBM0IhB5Lw4JPBUZAEcvJxcJJR0sGDE7dgM+ICQ3AzM+BHANADNWdgc1KTolBxECHRQFFCU9Kgs/JSUdcxgAAHYGHh4fHQUmHjoQJm8UMRYpExM1KwBldR0iLCEMKikLc3YxJQAYLRApCyYVGQ05GxcHHSU7ESQmABwvFhMPIAIKHjAPFVUuMjkqA3kqAz0VEgQuJjIHIw
Requested by: Host: d18kg2zy9x3t96.cloudfront.net
URL: https://d18kg2zy9x3t96.cloudfront.net/?yzgkd=978153
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-20.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 1c91593d00547c9ce11c68e4eaf99a6176a8d3a32c0205e0d68664104888afc2

Request headers

Referer: https://upfilesurls.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1237
content-type: text/html
date: Mon, 24 Apr 2023 14:05:22 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 4dd80d99fd5d0f6baaaf5179cd921f72.cloudfront.net (CloudFront)
x-amz-cf-id: GdoeZOEcJPiX4fFeQCkMtYbqFZqljE0OkBWyTAPn5FXZiJ-pv1bvSw==
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront

GET
H2 200 PhIMVVwrERRJDTkFDCg5Pzc5JhkgIT8IAQ4SLTUtJRYAJj87dSI2XwkRIAkdDhItNQwsAhwiPDgoGRVeJwAgMis9EUkYJDozEzcvPzM+KCwsETwXJDwBSSILITMAJTwGaTIRKl0OPCgrKxc8BzsvBioIOCAvFBItPDchMhkaJy4lKyEAPh8jJS8uPS1cJysyLBkTO... Show response
ukmlastityty.info/eHBubUQZEg0AexlNDEsxChxTSHY+VVwrIElIBQp2AglXFXcMSVhDJxQfGwkiCh8AGWoWFRpIdj4FNF4CCxE6BgEwFyc9BhA9Ny4CKTE2XRIbJxlYBj8IVioSABQjLBI6Eio+Nw0yKBoWNxsBCRUPPiM1AUEmLAV8NCYsVQcwB1c4Bz01Py4... Frame 19BB 3 KB
2 KB 101ms
100ms Document
text/html 108.138.17.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ukmlastityty.info/eHBubUQZEg0AexlNDEsxChxTSHY+VVwrIElIBQp2AglXFXcMSVhDJxQfGwkiCh8AGWoWFRpIdj4FNF4CCxE6BgEwFyc9BhA9Ny4CKTE2XRIbJxlYBj8IVioSABQjLBI6Eio+Nw0yKBoWNxsBCRUPPiM1AUEmLAV8NCYsVQcwB1c4Bz01Py4FCzU7XCciMy88DzAYNywSKQM/PhIMVVwrERRJDTkFDCg5Pzc5JhkgIT8IAQ4SLTUtJRYAJj87dSI2XwkRIAkdDhItNQwsAhwiPDgoGRVeJwAgMis9EUkYJDozEzcvPzM+KCwsETwXJDwBSSILITMAJTwGaTIRKl0OPCgrKxc8BzsvBioIOCAvFBItPDchMhkaJy4lKyEAPh8jJS8uPS1cJysyLBkTOxg8JxNLSTk8Ak04LTgoPScCCgkrJSwIEzoIODwWQDk2Gh08MjsaCDElPAscEBQ7P3QXEywrHV4aHQIqCE0DVCYSKiwAIQ47
Requested by: Host: d18kg2zy9x3t96.cloudfront.net
URL: https://d18kg2zy9x3t96.cloudfront.net/?yzgkd=978153
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-20.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 8f08962a81e435c7fc6a6a6bac22f72525a732c58ea3a3e14c7f8e4a1c3b9f83

Request headers

Referer: https://upfilesurls.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1212
content-type: text/html
date: Mon, 24 Apr 2023 14:05:22 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 4dd80d99fd5d0f6baaaf5179cd921f72.cloudfront.net (CloudFront)
x-amz-cf-id: FAtglLv-HbPcj8sUE42FLt3yxs-DIzBdvZT3tLBNxiFZsMde0OaA5w==
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront

GET
H2 204 RUNPaUtqfCwadgg5KyQfAncOKyU9Zn0rHSIOCQ8DKSAMHnJ0JRkwbTEqK1Rycnt+XHhjMyYNdnRlPB0qMTY8VHpjKiEPJHhlOVR6a3B7R3h3bX1PPnhyaR07JCRyWG01NzsFdnR1d1t4cXZ+W3p8ens
tunitytostara.info/ 0
409 B 131ms
102ms Image
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tunitytostara.info/RUNPaUtqfCwadgg5KyQfAncOKyU9Zn0rHSIOCQ8DKSAMHnJ0JRkwbTEqK1Rycnt+XHhjMyYNdnRlPB0qMTY8VHpjKiEPJHhlOVR6a3B7R3h3bX1PPnhyaR07JCRyWG01NzsFdnR1d1t4cXZ+W3p8ens
Requested by: Host: upfilesurls.com
URL: https://upfilesurls.com/nnclxwN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:05:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KcohpnpvAJzXVtskqE88D9s4cantK2IGoTPb%2FIp%2Bx7HLUSM1dk%2BYtNvO6oh78KXRgtFms9waWn9ILoV1hklp4eADMoLa6vUV8RFpvBuRkL12h079xP3d6tMdqNPeY1sTYVQR1qA%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7bcee6950ec32c5b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 login.php
www.facebook.com/ 0
0 151ms
123ms Image
text/html 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by: Host: upfilesurls.com
URL: https://upfilesurls.com/nnclxwN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AQMjQ7T8sqLkbskU5sMQSvgilsZFNCGiueHd0v_eEnbeICdQZ-JucYbSAElRuJR...
https://accounts.google.com/v3/signin/identifier?dsh=S-938555786%3A1682345122364217&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7Ta7IzoH5_u_9LQkdpVLN1F7kipOPHOHr51j_OPXWP6IO...

0
0

237ms
236ms

Image
text/html

2a00:1450:4001:809::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?dsh=S-938555786%3A1682345122364217&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7Ta7IzoH5_u_9LQkdpVLN1F7kipOPHOHr51j_OPXWP6IOnjYTTbMDWe6KLUeqLhiU5O2NVX5w&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Requested by: Host: upfilesurls.com
URL: https://upfilesurls.com/nnclxwN
Protocol: H3
Server: 2a00:1450:4001:809::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Redirect headers

date: Mon, 24 Apr 2023 14:05:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-z2fwA8FyYxVebbMt81AkDw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 394
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?dsh=S-938555786%3A1682345122364217&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7Ta7IzoH5_u_9LQkdpVLN1F7kipOPHOHr51j_OPXWP6IOnjYTTbMDWe6KLUeqLhiU5O2NVX5w&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AQMjQ7Te7lef4nv5ysyO9bEWC_edekmVyv8VxDbapkQpEYJMcvVlPaMaYVc...
https://accounts.google.com/v3/signin/identifier?dsh=S-872287748%3A1682345122358073&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7RQoc8-Yx4fYz9he20l1rBVWa2O-R1c4QN563H4atSAh...

0
0

78ms
77ms

Image
text/html

2a00:1450:4001:809::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?dsh=S-872287748%3A1682345122358073&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7RQoc8-Yx4fYz9he20l1rBVWa2O-R1c4QN563H4atSAh9ZoUixW4O2N3s2j044sNFQ5umTrmQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Requested by: Host: upfilesurls.com
URL: https://upfilesurls.com/nnclxwN
Protocol: H3
Server: 2a00:1450:4001:809::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Redirect headers

date: Mon, 24 Apr 2023 14:05:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-dDJc_PDC-nsH8-Lm7pXAzQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 397
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?dsh=S-872287748%3A1682345122358073&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7RQoc8-Yx4fYz9he20l1rBVWa2O-R1c4QN563H4atSAh9ZoUixW4O2N3s2j044sNFQ5umTrmQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 b2wKQHpsZQpBfmtt
tunitytostara.info/VDhzTll7BxA9ZAZUMRoXOXJDF2sFfSYWCzNZFBgKMAo5Ih04S1U6MDAFSnltYgpHaCk9XE5/fydMEjosJwVCaDA6XhxzfyIFQmBqYBZAfHdmHgZzaHJMAy8+aQlVPi0gVE5/ 0
257 B 135ms
107ms Image
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tunitytostara.info/VDhzTll7BxA9ZAZUMRoXOXJDF2sFfSYWCzNZFBgKMAo5Ih04S1U6MDAFSnltYgpHaCk9XE5/fydMEjosJwVCaDA6XhxzfyIFQmBqYBZAfHdmHgZzaHJMAy8+aQlVPi0gVE5/b2wKQHpsZQpBfmtt
Requested by: Host: upfilesurls.com
URL: https://upfilesurls.com/nnclxwN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:05:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ozn0OOIUMMIeM%2BJpmH8n08MXJXDPOLddZzPYaW6%2FdW%2FdH%2BJo3ZY6Oh9i1rNI0bZrqzW2zb%2BM5r%2Bn3Tgcl2ZXuG80KV%2FJMd6cgtkweQMtqzGfGWBv8uPBEQFXXdRqmFvrh5E%2Fjoc%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7bcee6950ec52c5b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 YGUFCQ
tunitytostara.info/MTFNUlUeDi4haHxbKSQBWkIIEDkIFH8QMFZ4BQUNBAgMAx9mVxUhc0VYKW9sCQV9YGIXQSQ2aAAJayEhUEU4IWgAFyQ8M14MayRoAB99fGcfAmsnaAAXOSI0Vgx8dCVFRSFvZAcJf2FhBAB/ 0
248 B 135ms
107ms Image
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tunitytostara.info/MTFNUlUeDi4haHxbKSQBWkIIEDkIFH8QMFZ4BQUNBAgMAx9mVxUhc0VYKW9sCQV9YGIXQSQ2aAAJayEhUEU4IWgAFyQ8M14MayRoAB99fGcfAmsnaAAXOSI0Vgx8dCVFRSFvZAcJf2FhBAB/YGUFCQ
Requested by: Host: upfilesurls.com
URL: https://upfilesurls.com/nnclxwN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:05:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R9mXxHFj3djD7vfPz6AO4b4pIF65e2MICoJdTBFyStLZumOyEWTTfr8xAy38fk90eGS15UmO%2F4HBOSPr5jUXo3u3Kcmyxcpg2zefrjVFIOPv%2BuEuGt3ymfmx8FmEISupgzLbFss%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7bcee6950ec72c5b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 impl.v16.7.1.js Show response
live.demand.supply/ 73 KB
24 KB 24ms
23ms Script
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/impl.v16.7.1.js
Requested by: Host: upfilesurls.com
URL: https://upfilesurls.com/nnclxwN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbd979b253f1094192758b903dbf1258373e373ea264905849c30ca44931e1e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GYAHAQ430A5TEKDY09RNW2H8
date: Mon, 24 Apr 2023 14:05:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 511704
cf-polished: origSize=75202
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"af5bcf980a6a31d6010a8947169a5412-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 7bcee6951af4924a-FRA

GET
H2 200 dXBmaWxlc3VybHMuY29tLw== Show response
live.demand.supply/p4/v16-2-0/ 984 B
617 B 98ms
97ms Script
text/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v16-2-0/dXBmaWxlc3VybHMuY29tLw==
Requested by: Host: upfilesurls.com
URL: https://upfilesurls.com/nnclxwN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea710145d18a082f364222c1fc1f5065e7790bb7cb1b3d6572ced0c545256b7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:05:22 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 7bcee6951af0924a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 / Show response
d18kg2zy9x3t96.cloudfront.net/ 349 KB
113 KB 182ms
166ms Fetch 2600:9000:2491:a00:0:2146:f680:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d18kg2zy9x3t96.cloudfront.net/?yzgkd=978153
Requested by: Host: upfilesurls.com
URL: https://upfilesurls.com/nnclxwN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:a00:0:2146:f680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ffb4e8389f6767f7696de22f67bfdfc3d92aae8ca7e50d7b61bdf59be3efafb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 14:05:22 GMT
content-encoding: gzip
via: 1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
access-control-allow-origin: https://upfilesurls.com
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
access-control-allow-credentials: true
content-length: 115497
x-amz-cf-id: 9FkmnxbzJu9FGzWiMeTprtzcGI506UHnKZMeO6oGjY3_2kpyU3R10Q==

GET
H2 200 api.js Show response
www.recaptcha.net/recaptcha/ 921 B
906 B 141ms
48ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/js/frontend.js?id=88f283c744d8a6e43cfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

15ff90bcb7d42029055a96e447cd171c94ecfb0e7f5abd1ac10999d0ccfddb25

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:05:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 586
x-xss-protection: 1; mode=block
expires: Mon, 24 Apr 2023 14:05:22 GMT

GET
H2 200 arrow-down.png
upfilesurls.com/images/ 208 B
603 B 15ms
15ms Image
image/png 2606:4700:20::681a:88a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upfilesurls.com/images/arrow-down.png?c98e5283a69cb508d054d30256af43c6

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/css/frontend.css?id=2396ffb76e738e465b53

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:88a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59b7ad6d6f457b624e25d22959edc7c83af2ac52edba32fd6648c97af0d1780c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/css/frontend.css?id=2396ffb76e738e465b53
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:05:22 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Fri, 08 Apr 2022 10:55:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1938312
etag: "625014b1-d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DRkBnKDjQW3G8DtjMC8f%2BMx8C0tCCSWX7n0SPUBCVNn9sIQ%2F2wQ8JAI%2FLIo4LAqnTtidqGfv06Ad8QfCmhhVjwIXiij2%2FB7rv07d3VV2w1K4J%2FfzUPUYml1hH5kP0fiyc7qEYKuMPXtwMtR5Ow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7bcee695993437ce-FRA
content-length: 208

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 37ms
37ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://upfilesurls.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 18:58:23 GMT
x-content-type-options: nosniff
age: 155219
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 18:58:23 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
535 B 58ms
42ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?e=ll&d=137&cs=c&dsReferer=dXBmaWxlc3VybHMuY29tL25uY2x4d04=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GW214RFFA0C7YFP277RAET73
date: Mon, 24 Apr 2023 14:05:22 GMT
cf-cache-status: HIT
age: 1538795
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7bcee695ca096943-FRA

GET
H3 200 dXBmaWxlc3VybHMuY29tL25uY2x4d04= Show response
live.demand.supply/p4/v16-2-0/ 984 B
717 B 147ms
147ms Script
text/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v16-2-0/dXBmaWxlc3VybHMuY29tL25uY2x4d04=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea710145d18a082f364222c1fc1f5065e7790bb7cb1b3d6572ced0c545256b7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:05:22 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 7bcee695aaa82c6a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 ds.2.html Show response
live.demand.supply/ 413 B
602 B 58ms
43ms XHR
text/html 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GW21D4ZC7MNS01SEGZ2MBEKS
date: Mon, 24 Apr 2023 14:05:22 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 350985
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 7bcee695ca0a6943-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/ 400 KB
124 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c470984efff845d5290f15d3a01552b4bff15c1e40a48c944233a5bc5f69539

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 09:54:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15071
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127052
x-xss-protection: 0
server: cafe
etag: 14196522953641333499
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 23 Apr 2024 09:54:11 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 587 B
326 B 152ms
72ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=upfilesurls.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61f7d9eaabbfde4b1fe0a802ca35b9bc8ce06e6d585a0a10071c155c6bcab518

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:05:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Mon, 24 Apr 2023 14:05:22 GMT

GET
H2 200 Ul9cTAtXWRsAVwMeGxocVUECHRxVQV1ZF1dUXyscVUEbAFdRRUlae0JDXBEPU1hJWwkGARwFXBAUDgJQE1ReLwxURk-JaD0JDXEFSDwUBBRxVMklbCQsYBwwcVUELDFoMHkVMC1cSBBtWChRJW39WQF5HCUlEWlgMSUBeWBxVQR8IXwYDBUwLIURfXhdUR0ocBFY Show response
d18kg2zy9x3t96.cloudfront.net/uZ3FsaTkEHgIPBhMYCFQAX0VcWw5BGx8GVxdMAVBbDSsuBFwROkodQwNMXE9VBh8LVB8CHw9UCEEQCAsEU1cZCAQKHhYAVQsQSVt/ Frame 19BB 194 B
459 B 156ms
154ms Script
text/plain 2600:9000:2491:a00:0:2146:f680:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d18kg2zy9x3t96.cloudfront.net/uZ3FsaTkEHgIPBhMYCFQAX0VcWw5BGx8GVxdMAVBbDSsuBFwROkodQwNMXE9VBh8LVB8CHw9UCEEQCAsEU1cZCAQKHhYAVQsQSVt/Ul9cTAtXWRsAVwMeGxocVUECHRxVQV1ZF1dUXyscVUEbAFdRRUlae0JDXBEPU1hJWwkGARwFXBAUDgJQE1ReLwxURk-JaD0JDXEFSDwUBBRxVMklbCQsYBwwcVUELDFoMHkVMC1cSBBtWChRJW39WQF5HCUlEWlgMSUBeWBxVQR8IXwYDBUwLIURfXhdUR0ocBFY
Requested by: Host: ukmlastityty.info
URL: https://ukmlastityty.info/eHBubUQZEg0AexlNDEsxChxTSHY+VVwrIElIBQp2AglXFXcMSVhDJxQfGwkiCh8AGWoWFRpIdj4FNF4CCxE6BgEwFyc9BhA9Ny4CKTE2XRIbJxlYBj8IVioSABQjLBI6Eio+Nw0yKBoWNxsBCRUPPiM1AUEmLAV8NCYsVQcwB1c4Bz01Py4FCzU7XCciMy88DzAYNywSKQM/PhIMVVwrERRJDTkFDCg5Pzc5JhkgIT8IAQ4SLTUtJRYAJj87dSI2XwkRIAkdDhItNQwsAhwiPDgoGRVeJwAgMis9EUkYJDozEzcvPzM+KCwsETwXJDwBSSILITMAJTwGaTIRKl0OPCgrKxc8BzsvBioIOCAvFBItPDchMhkaJy4lKyEAPh8jJS8uPS1cJysyLBkTOxg8JxNLSTk8Ak04LTgoPScCCgkrJSwIEzoIODwWQDk2Gh08MjsaCDElPAscEBQ7P3QXEywrHV4aHQIqCE0DVCYSKiwAIQ47
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:a00:0:2146:f680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 9854b1d15806947862a36932c0c5a23994e72a05231c3b947be20e65347ad0d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ukmlastityty.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:05:22 GMT
content-encoding: gzip
via: 1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 183
x-amz-cf-id: KAQ80VLanJ6Upjpx6d3QctCCNe4saQsZJ2xKYwwUNBwtgliIaeEj6w==

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 167ms
84ms Fetch
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/js/frontend.js?id=88f283c744d8a6e43cfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:05:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47830
x-xss-protection: 0
server: cafe
etag: 13345438606256248272
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 14:05:22 GMT

GET
H2

200

invisible.js Show response
upfilesurls.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/078c83c1/ Frame 2528
Redirect Chain

https://upfilesurls.com/cdn-cgi/challenge-platform/scripts/invisible.js
https://upfilesurls.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/078c83c1/invisible.js

27 KB
12 KB

13ms
11ms

Script
application/javascript

2606:4700:20::681a:88a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://upfilesurls.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/078c83c1/invisible.js

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/nnclxwN

Protocol

Server

2606:4700:20::681a:88a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4f47094e75ae08c949023398269c7b3e31f3ed73748855beb004e625ad60580

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:05:22 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G9XzKajja6fdCq51oEdKEgQB31YN0PNSBY0fJoN0BBejKTCLHNKjMBEBD6kwqBBn%2BFKFK%2BvA51TT9FCqJK3QzY5gHR%2F4AjBRsas7%2FaBkkO9yAzgFWOs8BmQ3WTaR4h0npzMmMsVRU06ZGc1F3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7bcee6969ac337ce-FRA

Redirect headers

date: Mon, 24 Apr 2023 14:05:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xyqhBBz%2BAxvhqXGZINdicrnu9X4FzN5YAc5tDtjHr52FHperHNWrqlI49FnoMmhM0s0Suxk8QBRazkxMvYFm7%2FHo8932V5BIrgrflAjywYw%2FTd8ijMwMeRAV6eVokiPgrknxhgTtDV3sF2VlDg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/078c83c1/invisible.js
cache-control: max-age=300, public
cf-ray: 7bcee6962a1b37ce-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
500 B 25ms
24ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=fs&dsReferer=dXBmaWxlc3VybHMuY29tL25uY2x4d04=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.7.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GYF979PMJP686XKAJ5KDJFJX
date: Mon, 24 Apr 2023 14:05:22 GMT
cf-cache-status: HIT
age: 351393
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7bcee6964ac86943-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 124ms
37ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-197252557-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 24 Apr 2023 12:27:45 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 5857
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Mon, 24 Apr 2023 14:27:45 GMT

GET
H2 200 LxwXCxZzSAAXYGxMBAhlbEgACHVwSUFYNiMLWxxiBEwBDn5xTxRMbXM Show response
d18kg2zy9x3t96.cloudfront.net/SMjlQQnlRVj4kRkZQNH9ABQFhd0oUUyMtF0IEKClIXU4jNBUCfhcbX0ZDNH9JFFUxLB4PHzUsGg8IdiMdUARkZA1CVjt/EFRWNzsNXEglLl9HWG0vFkhQPC4YFwsWd1cCHGJyUUVQPiYWRUp1cElcTXVwSQMJfnJcAXt1cE... Frame DBAF 828 B
874 B 157ms
155ms Script
text/plain 2600:9000:2491:a00:0:2146:f680:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d18kg2zy9x3t96.cloudfront.net/SMjlQQnlRVj4kRkZQNH9ABQFhd0oUUyMtF0IEKClIXU4jNBUCfhcbX0ZDNH9JFFUxLB4PHzUsGg8IdiMdUARkZA1CVjt/EFRWNzsNXEglLl9HWG0vFkhQPC4YFwsWd1cCHGJyUUVQPiYWRUp1cElcTXVwSQMJfnJcAXt1cElFUD50TRcKEmdLAkFmdlAXC2-AjCUJVNTUcUFI5NlwAf2VxThwKZmdLAhE7Kg1fVXVwOhcLYC4QWVx1cElVXDMpFhscYnIaWks/LxwXCxZzSAAXYGxMBAhlbEgACHVwSUFYNiMLWxxiBEwBDn5xTxRMbXM
Requested by: Host: ukmlastityty.info
URL: https://ukmlastityty.info/QjRWbnQjVjUDSyMJNEgBMFhrS0YEEWQoEHMMPQlGOE1vFkc2DWBAFy5bIwoSMFs4GlosUSJLRgRnGwQYE2U4AiYUXmIFJiluByA8e3UUPzIqUGYBIRdNGxoycn0TJTcufQ47QCh6FDs3JFw1DCxybhIgPHt+ECghOngUWiQKTgMdMyUMHwodD1ADLyYpbhdfNxReIktGBHEQPCMMTiUgLAdTOiIYe3wBKUQ0cj0GJRJ3YjcyNUcBCkUhdx4pPjthAzglEl0POSYXRGcNMS5XAjYiNWcHIz4kWhwNNRpAZw0xLnIDKkFyYAQNPwdZMiI1KXI7ChgDbBVcWQNeFTs+FHoCOxcXch9bOi5DFwhGFEwCBgMJbjsKOANcE1k/JQUwOCwUQxkGFw5tFVolFWIuXxcHWAA2MA9EEAYHIW04JxUVXyVLRgR4LhksAUwMFCcDdQ43Mzp5FC8cLlYTCTUBfAAZJxdyDyAdD3gBFgwrdhMZNgZaYxYgOmYbDCwPEjwdGyxEaxYfc1shHQIuBBEpLQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:a00:0:2146:f680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c324724ca13a7a642052f344a02b01f5c964c09c2d8c190dc67986f3eecc8a2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ukmlastityty.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:05:22 GMT
content-encoding: gzip
via: 1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 597
x-amz-cf-id: 49Mbef0TH3aTKfskWgZmrpbc1jkWaag3GNxjTfKPHYLU8nLMDafXbQ==

GET
H2 200 cmIaFGFnPDBaNnJiaVY2NDs2GHZlYDpZITg9PBRhEWFoA31nfmwHYmJ+aANicmJpQjIxMStYdmUWbAJkeWNvFyZqYQ Show response
d18kg2zy9x3t96.cloudfront.net/UU1dQWTEwOD4/Dic+NGQIZGNmawV1PSM2XyNqOwxINQEVIVMSFDJ/RSkzbWkXPzY+Pgx1Mj46DGJxMT1TbmN2LUE8PG0wVzwwKS1fIiI8f0Qyaj02Szo7PDgUYRFldwF2ZWBxRjo5NDZGIHJiaV8ncmJpAGN5YHwCEXJiaU... Frame 5855 835 B
876 B 156ms
154ms Script
text/plain 2600:9000:2491:a00:0:2146:f680:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d18kg2zy9x3t96.cloudfront.net/UU1dQWTEwOD4/Dic+NGQIZGNmawV1PSM2XyNqOwxINQEVIVMSFDJ/RSkzbWkXPzY+Pgx1Mj46DGJxMT1TbmN2LUE8PG0wVzwwKS1fIiI8f0Qyaj02Szo7PDgUYRFldwF2ZWBxRjo5NDZGIHJiaV8ncmJpAGN5YHwCEXJiaUY6OWZtFGAVdWsBK2FkcBRhZz-EpQT8yJzxTOD4kfAMVYmNuH2BhdWsBezw4LVw/cmIaFGFnPDBaNnJiaVY2NDs2GHZlYDpZITg9PBRhEWFoA31nfmwHYmJ+aANicmJpQjIxMStYdmUWbAJkeWNvFyZqYQ
Requested by: Host: ukmlastityty.info
URL: https://ukmlastityty.info/QVZEc0QgNCceeyBrJlUxMzp5VnYHc3Y1IHBuLxR2Oy99C3c1b3JdJy05MRciMzkqB2ovMzBWdgcDEUIgEAEQNjMOEnBWdgcSLRBhcxQKNBUIDAM9KSAhEkIUEht2Kz0PJwsEPAgYFTYSCAAJIAIFHGFBAhMFLwkmFj0cIz4Yc3YxFCYudT4udWAANA45GxBCECM7CkEIFBN8IwNxIRIJMzYdF0IiCD8NSyJxBz0SLnFkFwkrdgYAFBEYBAIfIDYQdikTAy4WGSt0GAApAwgeDholF24qECkLJgU0CnQPDAQHBA4OGiUUD3I8ExsiAjQFFzITAAYKZAIYJwMELCk+bBM0IhB5Lw4JPBUZAEcvJxcJJR0sGDE7dgM+ICQ3AzM+BHANADNWdgc1KTolBxECHRQFFCU9Kgs/JSUdcxgAAHYGHh4fHQUmHjoQJm8UMRYpExM1KwBldR0iLCEMKikLc3YxJQAYLRApCyYVGQ05GxcHHSU7ESQmABwvFhMPIAIKHjAPFVUuMjkqA3kqAz0VEgQuJjIHIw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:a00:0:2146:f680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7bfc9803af274dd07c482552377fa0fffa2a7f00c23d1e12cf7c24e3a0a555bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ukmlastityty.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:05:22 GMT
content-encoding: gzip
via: 1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 598
x-amz-cf-id: qVidNbLxV7ffS0BlhAlk9Qi68zFGORnVX4Yf-dhNYveZJHCgwrw8pw==

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/ 410 KB
165 KB 124ms
39ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/recaptcha__de.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f1d9b491b08daadc738115c579f9cc1b85b29078fdefe99ad994f9db0f5da22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upfilesurls.com/
Origin: https://upfilesurls.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:33:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1910
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168688
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 01:25:41 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 Apr 2024 13:33:32 GMT

GET
H3 200 upfilesurls.com_auto_728x90_sticky_display_bottom Show response
live.demand.supply/cp/ 29 B
390 B 176ms
175ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/upfilesurls.com_auto_728x90_sticky_display_bottom?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=dXBmaWxlc3VybHMuY29tL25uY2x4d04=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.7.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f85b402b2b546b031f8363f3d34f1b879c05f1d46b23f776e24ccfc293220e6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:05:22 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7bcee696ab516943-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 162ms
47ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=upfilesurls.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:05:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 123ms
44ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=upfilesurls.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:05:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 61 KB
13 KB 1712ms
1712ms Fetch
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2619618513606310&correlator=3220793873518032&eid=31072879%2C31073320%2C31073828%2C31074054&output=ldjh&gdfp_req=1&vrg=202304190101&ptt=17&impl=fifs&iu_parts=339263271%3A22776202201%2CGam_upfilesurls.com_display&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=3273233675&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1682345122434&lmt=1682345122&dlt=1682345121689&idt=676&adxs=400&adys=281&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fupfilesurls.com%2FnnclxwN&frm=20&vis=1&psz=800x250&msz=800x250&fws=0&ohw=0&ga_vid=1517084921.1682345122&ga_sid=1682345122&ga_hid=1046227371&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3040ee711aeec65a99d4cfeeb511ef730c3c58155ed9e8226ba37250e0e28ede

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:05:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13326
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://upfilesurls.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 54 KB
12 KB 1343ms
1343ms Fetch
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2619618513606310&correlator=3220793873518032&eid=31072879%2C31073320%2C31073828%2C31074054&output=ldjh&gdfp_req=1&vrg=202304190101&ptt=17&impl=fifs&iu_parts=339263271%3A22776202201%2CGam_upfilesurls.com_display&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=2&adks=3273233668&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1682345122445&lmt=1682345122&dlt=1682345121689&idt=676&adxs=400&adys=595&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fupfilesurls.com%2FnnclxwN&frm=20&vis=1&psz=800x250&msz=800x250&fws=0&ohw=0&ga_vid=1517084921.1682345122&ga_sid=1682345122&ga_hid=1046227371&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21d10b75bcd878172987d8bc9cf9dee3022158e8319abdcb3c21370151d59a25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:05:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12323
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://upfilesurls.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 63 KB
13 KB 1956ms
1955ms Fetch
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2619618513606310&correlator=3220793873518032&eid=31072879%2C31073320%2C31073828%2C31074054&output=ldjh&gdfp_req=1&vrg=202304190101&ptt=17&impl=fifs&iu_parts=339263271%3A22776202201%2CGam_upfilesurls.com_display&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=3&adks=3273233670&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1682345122449&lmt=1682345122&dlt=1682345121689&idt=676&adxs=400&adys=927&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fupfilesurls.com%2FnnclxwN&frm=20&vis=1&psz=800x250&msz=800x250&fws=0&ohw=0&ga_vid=1517084921.1682345122&ga_sid=1682345122&ga_hid=1046227371&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1781fb1f2ab313d82fe583c0a78c9f28bf3010fea7b9e990b3075ab143387b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:05:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13625
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://upfilesurls.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 2 KB
881 B 362ms
361ms Fetch
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2619618513606310&correlator=1329799159707370&eid=31072879%2C31073320%2C31073828%2C31074054&output=ldjh&gdfp_req=1&vrg=202304190101&ptt=17&impl=fifs&iu_parts=44890869%3A22859910411%2Cca-pub-3831894559014614-tag%2C044293ce-89b1-498a-9bcf-8275878b2c1e&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=4&adks=3902365316&sfv=1-0-40&ists=1&fas=8&prev_scp=ti%3Ddd797c35-54d9-4fc3-9d1f-f3a630b6e5de%26chrand%3Dy%26pof%3D0%26interstitials-bid%3D2%26bid-p%3Dgoogle%26bsc%3D66&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1682345122452&lmt=1682345122&dlt=1682345121689&idt=676&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fupfilesurls.com%2FnnclxwN&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1517084921.1682345122&ga_sid=1682345122&ga_hid=1046227371&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1677619e4aa1eea684cfaa892792e615bf01a8c0e3166c74e510aaab978202db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:05:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 851
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://upfilesurls.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
0ea836c9cd6b9ecf1e198f34628116aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 154A 6 KB
3 KB 164ms
43ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0ea836c9cd6b9ecf1e198f34628116aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upfilesurls.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 24 Apr 2023 14:05:22 GMT
expires: Tue, 23 Apr 2024 14:05:22 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/ 33 KB
12 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl_page_level_ads.js?cb=31074054

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36b51237a514c8362d64d43c17abd3d4fd2e3a586c8a55c32bfde0c0e1c114aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:37:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1648
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11860
x-xss-protection: 0
server: cafe
etag: 7680045872876739953
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 23 Apr 2024 13:37:54 GMT

GET
H2 200 pica.js
upfilesurls.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame 2528 6 KB
3 KB 15ms
15ms Other
application/javascript 2606:4700:20::681a:88a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://upfilesurls.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/nnclxwN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:88a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d97756c4e4c82b4bd47f4c5bee530594937202cbb42a66b54a3383c39728e4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:05:22 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2BVFixBqwOAnElMSV7HQ0IoKah1%2Fz%2BnG3STIEzzFA22IYR8oaDlPc6awS9ym3%2FMva7tyfwH0RR8OEbpd4FkSeFzn5ApzYzA798E95R%2Bis8YVlIvlW%2BGWGfju7qA%2FF0TsZB58fxmLh2x205VIzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7bcee6978c4437ce-FRA

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
206 B 46ms
45ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1046227371&t=pageview&_s=1&dl=https%3A%2F%2Fupfilesurls.com%2FnnclxwN&ul=en-us&de=UTF-8&dt=prof%20boy.mp4&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=60652159&gjid=814325090&cid=1517084921.1682345122&tid=UA-197252557-1&_gid=209511663.1682345122&_r=1&gtm=457e34j0&jsscut=1&z=1858634621

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://upfilesurls.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 14:05:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://upfilesurls.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
499 B 27ms
27ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=upfilesurls.com_auto_728x90_sticky_display_bottom&pdc=0.3869587659835816&ucv=null&e=tcp&dsReferer=dXBmaWxlc3VybHMuY29tL25uY2x4d04=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.7.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GW214RFFA0C7YFP277RAET73
date: Mon, 24 Apr 2023 14:05:22 GMT
cf-cache-status: HIT
age: 1538795
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7bcee697cd736943-FRA

GET
H3 200 sdb.css
live.demand.supply/css/ 4 KB
2 KB 27ms
26ms Stylesheet
text/css 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/css/sdb.css
Requested by: Host: client
URL: about:client
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GTP882AJGXJCM3VNH3JF57QN
date: Mon, 24 Apr 2023 14:05:22 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 1766616
etag: W/"14c5381be186641471a926a081d90c88-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 7bcee697ce122c6a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
496 B 37ms
37ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=bb&r=upfilesurls.com_auto_728x90_sticky_display_bottom&dsReferer=dXBmaWxlc3VybHMuY29tL25uY2x4d04=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.7.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GYF979PMJP686XKAJ5KDJFJX
date: Mon, 24 Apr 2023 14:05:22 GMT
cf-cache-status: HIT
age: 351393
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7bcee697cd7a6943-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 60 KB
13 KB 508ms
507ms Fetch
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2619618513606310&correlator=551675311733674&eid=31072879%2C31073320%2C31073828%2C31074054&output=ldjh&gdfp_req=1&vrg=202304190101&ptt=17&impl=fifs&iu_parts=44890869%3A22859910411%2Cca-pub-3831894559014614-tag%2C09dea4b7-b301-4406-9573-8ca469e4fde9&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=5&adks=1444295116&sfv=1-0-40&prev_scp=ti%3Ddd797c35-54d9-4fc3-9d1f-f3a630b6e5de%26chrand%3Dy%26pof%3D0%26bid%3D0.2%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D66&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1682345122530&lmt=1682345122&dlt=1682345121689&idt=676&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fupfilesurls.com%2FnnclxwN&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=1517084921.1682345122&ga_sid=1682345122&ga_hid=1046227371&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

002c63fb65e6855f34733170412ccadb8143b891dd70ea567064780b32470481

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:05:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12963
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://upfilesurls.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 7bcee690fa8337ce Show response
upfilesurls.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 2528 2 B
523 B 32ms
31ms XHR
text/plain 2606:4700:20::681a:88a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upfilesurls.com/cdn-cgi/challenge-platform/h/b/cv/result/7bcee690fa8337ce
Requested by: Host: upfilesurls.com
URL: https://upfilesurls.com/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:88a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 24 Apr 2023 14:05:22 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7bcee6990e5f37ce-FRA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KKa0j5ILU1K%2FKMkp5ugLxhTFxBsOVDEhnLKdpKu53gAGObXesraaLVL6iHG06%2F2usUHXK%2F7rqzzmjZEEZ1xgYm8Ub4lSlQ%2BZ%2BtXxWmumMYG0E1FOFSL67ngrAhoo1ciYASmR8M%2BpduIYL6ULMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 109ms
109ms Fetch
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/js/frontend.js?id=88f283c744d8a6e43cfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:05:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47263
x-xss-protection: 0
server: cafe
etag: 596392782837401239
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 14:05:22 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 83ms
83ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304190101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

929a170c44fdfdf568552eca967afe6f4d92dbdaee95e6447739dc4106ed3772

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:05:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11201
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
498 B 27ms
27ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=upfilesurls.com_auto_interstitial_desktop&e=nai&dsReferer=dXBmaWxlc3VybHMuY29tL25uY2x4d04=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.7.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GW214RFFA0C7YFP277RAET73
date: Mon, 24 Apr 2023 14:05:22 GMT
cf-cache-status: HIT
age: 1538795
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7bcee699a8086943-FRA

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 50ms
49ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=upfilesurls.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:05:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 44ms
44ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=upfilesurls.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:05:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 147 KB
45 KB 581ms
581ms Fetch
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2619618513606310&correlator=4013588207868724&eid=31072879%2C31073320%2C31073828%2C31074054&output=ldjh&gdfp_req=1&vrg=202304190101&ptt=17&impl=fifs&iu_parts=44890869%3A22859910411%2Cca-pub-3831894559014614-tag%2C8218a573-db51-4303-a715-73cced357d63&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=6&adks=655150013&sfv=1-0-40&ists=1&fas=8&prev_scp=ti%3Ddd797c35-54d9-4fc3-9d1f-f3a630b6e5de%26chrand%3Dy%26pof%3D0%26interstitials-bid%3D0.2%26bid-p%3Dgoogle%26bsc%3D66&eri=1&sc=1&cookie=ID%3D9e1cd42078462709%3AT%3D1682345122%3AS%3DALNI_MbWfrWv3QsB2Y-WslAGGNGWV6TEnQ&gpic=UID%3D00000bef79eb7331%3AT%3D1682345122%3ART%3D1682345122%3AS%3DALNI_MaV2DbTPCyAwPB-bXubBFAyXTBkRA&abxe=1&dt=1682345122826&lmt=1682345122&dlt=1682345121689&idt=676&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=6&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fupfilesurls.com%2FnnclxwN&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1517084921.1682345122&ga_sid=1682345122&ga_hid=1046227371&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b68b1f9fd8ab05554358cf4ab34b4a917c8e5d889cf1ecafbf5591e80d87d088

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:05:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46175
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://upfilesurls.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 147ms
53ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:05:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 24 Apr 2023 14:05:22 GMT

GET
H2 200 popunder.gif
tunitytostara.info/ 35 B
398 B 14ms
13ms Image
image/gif 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tunitytostara.info/popunder.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Mon, 24 Apr 2023 14:05:22 GMT
cf-cache-status: HIT
last-modified: Sun, 23 Apr 2023 11:15:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 96620
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9i3VpMxcnyJhrOwVvGVxdPmvkrU6ENzgzqnU8hF3J5ciuvo70tehBBN1p5icv7cYObsQWv%2FZ0c2VhNm%2BjUYMQ2p8bmeCjqRDPo%2BGLIZ7PrP9MavkkyVbYfFRcHfxPPMLfD7UZlQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
cf-ray: 7bcee699df862c5b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame ED48 13 KB
5 KB 38ms
36ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upfilesurls.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6297
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 24 Apr 2023 12:20:26 GMT
expires: Tue, 23 Apr 2024 12:20:26 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 32FD 783 B
1 KB 127ms
46ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

49b73eff7dc54c9795872b2557f56a2a43b8c1736186b3c34b8f383e611ba19d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pB36PYRW5Rj8Gz6I4L81gA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://upfilesurls.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 516
content-security-policy: script-src 'report-sample' 'nonce-pB36PYRW5Rj8Gz6I4L81gA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 24 Apr 2023 14:05:23 GMT
expires: Mon, 24 Apr 2023 14:05:23 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 74ms
7ms Script
text/javascript 2600:9000:2250:e400:a:e047:752:b361
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:e400:a:e047:752:b361 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 02:50:38 GMT
Via: 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
Last-Modified: Mon, 23 Jan 2023 04:07:36 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 40486
x-amz-server-side-encryption: AES256
ETag: "aded621b17723f487b3c9d0e43cf2f94"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1859
X-Amz-Cf-Id: q79x9ZS0hL9XV7sw4sUV5nq6V-FnljcQV9L1B4CHCI6a3T8KPt84hQ==

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 39 KB
13 KB 75ms
21ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:05:23 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-9c21"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 25 Apr 2023 14:05:23 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 37 KB
11 KB 33ms
7ms Script
text/javascript 65.9.66.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-68.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e9d3165c73a7f6243cdf07498cf37514d3128c1de540fa02d8a6d6c5fdf09db1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 03:48:15 GMT
content-encoding: gzip
via: 1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
last-modified: Wed, 22 Mar 2023 22:36:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 37029
x-amz-server-side-encryption: AES256
etag: W/"4fd6c99ca40fed5d11cbd9e1b76a92f1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: 8aMXh0rWdisBygnqtO1WSQR-PLgJO1-DiW_zhSI81NVHVQFw1gh5zw==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 59 KB
17 KB 69ms
29ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:05:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 06 Apr 2023 12:00:04 GMT
server: cloudflare
x-amz-request-id: WVEVWQFRYGXG0000
age: 2218
etag: W/"110f0c3c343ee36404c8a2300f4755c3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7bcee69b5c96697f-FRA
x-amz-id-2: I0tGbso3F7NZy/1ACoyKVj/S14r7H+6icbah9QXUr90NJ6bGU/gfGhKyBaYndCNrXH/E+K9HzQw=

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 34ms
18ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:05:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 19921
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XbYcC4Y%2B6MoHLY%2BjB3YHImGi3KF%2F%2F%2Bh2%2Fq6dnJYEwByCp2gEORlBCCCLF0LLEvAj2uW9iP%2FnoSqtXf7YfNTtqbyNNhLsif%2BI95s7fG0Ug2ppeSzgVZBONbwkNe%2BPlY%2FOkjs31FqB4w7A1c5tnsc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7bcee69b2ae93a68-FRA

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
2 KB 53ms
14ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 23bc1d893ce2d2f30b68e549aa3cb991c2a7b7dd87e3df67d9fbb6a8dd113bf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:21:50 GMT
via: 1.1 google
age: 2613
x-guploader-uploadid: ADPycdsN3t4D6eN0xiFwPxQrHnYG7xbf4fNMEEh67IUyrtJkUh-d7VWO39sJHWZA0fzEHAigwqepm4iTSI9xXfrDKPiv
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1258
last-modified: Fri, 29 Jul 2022 16:55:09 GMT
server: UploadServer
etag: "f5bc066f146e3dbb049aa6c86c7012e6"
x-goog-generation: 1659113709880056
x-goog-hash: crc32c=6QojvA==, md5=9bwGbxRuPbsEmqbIbHAS5g==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 1258
accept-ranges: bytes
expires: Mon, 24 Apr 2023 14:21:50 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012304062309000/ Frame 8EA9 222 KB
61 KB 147ms
38ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304062309000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60d19fcc26403308bd021dd6ce6588cca81c6a42a34472277186bad9a4155022

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 22 Apr 2023 23:33:30 GMT
age: 138713
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61901
x-xss-protection: 0
server: sffe
etag: "8572ebb49fe3e70f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 21 Apr 2024 23:33:30 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012304062309000/v0/ Frame 8EA9 15 KB
5 KB 226ms
117ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304062309000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a80bc624f7ab3177dcab36c63396d6b7b3f18c41fd09c7a3e5b54792d566904a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 22 Apr 2023 19:41:53 GMT
age: 152610
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "ad2d0ddcea45401f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 21 Apr 2024 19:41:53 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012304062309000/v0/ Frame 8EA9 94 KB
28 KB 209ms
100ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304062309000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a767e3a4a89fd5d5747f2e60656de81560b8d24575c7be5df0d541906cb86ce

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 22 Apr 2023 14:39:29 GMT
age: 170754
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28974
x-xss-protection: 0
server: sffe
etag: "441c199a95baae2a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 21 Apr 2024 14:39:29 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012304062309000/v0/ Frame 8EA9 5 KB
2 KB 228ms
119ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304062309000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d96e062d7e164a34e2a7773fab8c722f36ea442d2b944ce5cb359c8b78fa01

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 20 Apr 2023 12:16:47 GMT
age: 352116
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1904
x-xss-protection: 0
server: sffe
etag: "60fdf036b4edbfa8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 19 Apr 2024 12:16:47 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012304062309000/v0/ Frame 8EA9 40 KB
13 KB 229ms
121ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304062309000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a7522d02dbbc03101dfe3d8cfb3b0ff1c974af884931a79477056345c306648

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 22 Apr 2023 16:28:46 GMT
age: 164197
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12949
x-xss-protection: 0
server: sffe
etag: "53b4f6addb6819c0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 21 Apr 2024 16:28:46 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8EA9 9 KB
1017 B 69ms
69ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 24 Apr 2023 14:05:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 12:05:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 24 Apr 2023 14:05:23 GMT

GET
H2 200 en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8EA9 2 KB
3 KB 36ms
35ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/nnclxwN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 18:11:23 GMT
x-content-type-options: nosniff
server: cafe
age: 71640
etag: 11660698925711390587
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2471
x-xss-protection: 0
expires: Mon, 24 Apr 2023 18:11:23 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8EA9 295 B
399 B 38ms
37ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/nnclxwN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 21:21:48 GMT
x-content-type-options: nosniff
server: cafe
age: 60215
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 24 Apr 2023 21:21:48 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8EA9 0
0 81ms
80ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C1pK8ooxGZIfnI4SH9u8P4JKasAW29KPCb-fdhZziEdnZHhABIJWbyiFgleKQgqAHoAHV6LrtA8gBAeACAKgDAcgDCqoE8AFP0F7yERzG57lMq2inlQgms61UdoaSE6ThaTcu5Z50j9QvD3E1MMqdPyXHqq8Equ182TQNwJ7722RaJFK-li2o_vp0p3hTsrgVjeTS2xVuP8lzeQGaddDxWEa2EQtQCp_4pfHIPy_v2ae_t5r9R9J5Tc_8MNRsNRhoa_plGO851iFxYbAn7riG3M6sUG07TqWhoK3e-9h5hmFVtpSDdn6tyVrqHrfNk_3pHDKs3iwT879VG9-dVCpcTdmRVMAfo8_3ZtnXTE_zWL_kSneTo_VR79WV5NJZtZX2UOgLNUCDWxsPrnPczMDPGv2yDadzstLABKSxiojDBOAEAZIFBAgEGAGSBQQIBRgEoAZmgAeTl8USqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQpK8h0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEw3QFQGAFwGyFx4KHAgAEhRwdWItNzUwNzQzOTIzMzg2NTQxNRj9-RM&sigh=OSk4K1u1-ns&uach_m=[UACH]&cid=CAQSLQBygQiDCy72jsqSJ5zZH_oXiLV0H8x2KjWkcPRaicJO6JlAx7_-MDqOyjOg_xgB
Requested by: Host: upfilesurls.com
URL: https://upfilesurls.com/nnclxwN
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ 182 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 834 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
500 B 25ms
24ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.2&b=2&r=upfilesurls.com_auto_728x90_sticky_display_bottom&sy=1b55232e-c641-404e-beb7-4c0f125f3d57&ts=66&cd=2&pud=137&pus=c&pue=877&pid=26&pis=c&pie=1006&ppd=99&pps=a&ppe=1079&pcl=1146&ttc=1230&tti=1957&ttif=0&lca=1079&lcak=ppe&lct=1079&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=upfilesurls.com&mlre=undefined&mlin=0&mlsi=728x90&mlbw=4g&mlcs=NaN&mltp=dd797c35-54d9-4fc3-9d1f-f3a630b6e5de&e=lm&dsReferer=dXBmaWxlc3VybHMuY29tL25uY2x4d04=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.7.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GW214RFFA0C7YFP277RAET73
date: Mon, 24 Apr 2023 14:05:23 GMT
cf-cache-status: HIT
age: 1538796
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7bcee69b3a256943-FRA

GET
DATA 200
OK truncated
/ Frame 8EA9 161 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8EA9 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e6630f347f1e42e90fc6b5ea29ee15b5df4474bd570e126586015f6e0bc0b1b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js Show response
pagead2.googlesyndication.com/bg/ Frame ED48 36 KB
14 KB 117ms
38ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 12:20:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6297
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14264
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 Apr 2024 12:20:26 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
334 B 105ms
31ms XHR
application/json 54.247.57.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.247.57.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-247-57-110.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: fc00b45a2ab2d64ac7fca534f8c11c402e8d97744f326373396a5b2b4fb54b01

Request headers

Referer: https://upfilesurls.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 14:05:23 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://upfilesurls.com
cache-control: no-cache
x-server: 10.45.10.33
access-control-allow-credentials: true
content-length: 60
expires: 0

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 221 B
316 B 33ms
30ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 926cb66f17af3caa1b849954067c5901d62e47a587b3e6aafde6e7d2ff383468

Request headers

Referer: https://upfilesurls.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 24 Apr 2023 14:05:23 GMT
via: 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: a343eab385f9f8f988dbd962f4dccde3
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 221

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 66ms
28ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://upfilesurls.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://upfilesurls.com
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Mon, 24 Apr 2023 14:05:23 GMT
server: Google Frontend
vary: Origin
via: 1.1 google
x-cloud-trace-context: 80d4c01d586ab30defa45b93def6fb37

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
324 B 91ms
27ms XHR
text/plain 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://upfilesurls.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://upfilesurls.com
date: Mon, 24 Apr 2023 14:05:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 6A84 15 KB
6 KB 48ms
15ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=upfilesurls.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://upfilesurls.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 24 Apr 2023 14:05:23 GMT
server: Kestrel
server-processing-duration-in-ticks: 360902
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame 8EA9 29 KB
29 KB 38ms
38ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://upfilesurls.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 22:26:30 GMT
x-content-type-options: nosniff
age: 142733
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 22:26:30 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 32FD 0
0 73ms
73ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304190101&jk=2619618513606310&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2

200

sid Show response
mug.criteo.com/ Frame 6A84
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=upfilesurls.com&sn=ChromeSyncframe&so=0&topUrl=upfilesurls.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=kuy5GXxnQ0VyL3hjTlI4STJzelMvWTZkckNzWXYxb3l2ejJHZXc0YzcrNWpyUkNMTWJ2eDNFanFUNXlRa04wNVA0b3hXcGtqWTl5Ymo5Qm1UeVlCcHJDTkY1M1dYYzkwMnUvSVowaVFxQmV1YTJqK0pOV2tlcHpNNjg0Z2...

449 B
660 B

283ms
18ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=kuy5GXxnQ0VyL3hjTlI4STJzelMvWTZkckNzWXYxb3l2ejJHZXc0YzcrNWpyUkNMTWJ2eDNFanFUNXlRa04wNVA0b3hXcGtqWTl5Ymo5Qm1UeVlCcHJDTkY1M1dYYzkwMnUvSVowaVFxQmV1YTJqK0pOV2tlcHpNNjg0Z21SSUtaTEpvTzZTN2Z1anZUYTFuZnNXSDdtQjY0Um1Yc3pESzd5eTBORVpHc2xJVVNKeFd4ak1ydEpYaFg5UVB6KzFOcHU0b1dGRHhmTTR5S00yWHk5V0lIQTNGdUJ3YTh3RWNqRDNFd1U5UVVRUG9uM1dKVC9xZVVBOEY2NVVRWFg3RTQ0SEpQdFdSZVY4bWJTeGFOSmFlUW5OS1R0QT09fA&cppv=2

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0dd815c6f44572186c92e323353893fc3cd4c2f75d32b2475c0c1cc86ac3cd0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 14:05:22 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3090245
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 24 Apr 2023 14:05:23 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=kuy5GXxnQ0VyL3hjTlI4STJzelMvWTZkckNzWXYxb3l2ejJHZXc0YzcrNWpyUkNMTWJ2eDNFanFUNXlRa04wNVA0b3hXcGtqWTl5Ymo5Qm1UeVlCcHJDTkY1M1dYYzkwMnUvSVowaVFxQmV1YTJqK0pOV2tlcHpNNjg0Z21SSUtaTEpvTzZTN2Z1anZUYTFuZnNXSDdtQjY0Um1Yc3pESzd5eTBORVpHc2xJVVNKeFd4ak1ydEpYaFg5UVB6KzFOcHU0b1dGRHhmTTR5S00yWHk5V0lIQTNGdUJ3YTh3RWNqRDNFd1U5UVVRUG9uM1dKVC9xZVVBOEY2NVVRWFg3RTQ0SEpQdFdSZVY4bWJTeGFOSmFlUW5OS1R0QT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 297719
content-length: 0
expires: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 8EA9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

135ms
50ms

Image
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: upfilesurls.com
URL: https://upfilesurls.com/nnclxwN
Protocol: H2
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Redirect headers

date: Mon, 24 Apr 2023 14:05:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame ED48 0
10 B 36ms
36ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?iCrYBw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:05:23 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 container.html Show response
0ea836c9cd6b9ecf1e198f34628116aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BA39 6 KB
3 KB 36ms
35ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0ea836c9cd6b9ecf1e198f34628116aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upfilesurls.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 24 Apr 2023 14:05:22 GMT
expires: Tue, 23 Apr 2024 14:05:22 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
500 B 22ms
22ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.88&b=2&r=upfilesurls.com_auto_interstitial_desktop&sy=1b55232e-c641-404e-beb7-4c0f125f3d57&ts=66&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=upfilesurls.com&mlre=undefined&mlin=1&mlsi=undefinedxundefined&mlbw=4g&mlcs=NaN&mltp=dd797c35-54d9-4fc3-9d1f-f3a630b6e5de&e=lm&dsReferer=dXBmaWxlc3VybHMuY29tL25uY2x4d04=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.7.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GW214RFFA0C7YFP277RAET73
date: Mon, 24 Apr 2023 14:05:23 GMT
cf-cache-status: HIT
age: 1538796
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7bcee69dae2f6943-FRA

GET
H3 200 css2
fonts.googleapis.com/ Frame BA39 5 KB
659 B 47ms
47ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 0ea836c9cd6b9ecf1e198f34628116aa.safeframe.googlesyndication.com
URL: https://0ea836c9cd6b9ecf1e198f34628116aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

831997ce334905a4fc3c7f0673c30bd34701f9810d87b19335aea228804ae38a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ea836c9cd6b9ecf1e198f34628116aa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 24 Apr 2023 14:05:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 13:57:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 24 Apr 2023 14:05:23 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame B1AF 9 KB
921 B 50ms
50ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/nnclxwN

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ea836c9cd6b9ecf1e198f34628116aa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 24 Apr 2023 14:05:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 13:54:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 24 Apr 2023 14:05:23 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame B1AF 2 KB
765 B 36ms
36ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/nnclxwN

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ea836c9cd6b9ecf1e198f34628116aa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:53:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76292
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 May 2023 16:53:51 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame B1AF 21 KB
8 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite_fy2021.js

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/nnclxwN

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ea836c9cd6b9ecf1e198f34628116aa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:36:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1762
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8535
x-xss-protection: 0
server: cafe
etag: 13968503839060854674
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 May 2023 13:36:01 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame B1AF 3 KB
1 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/nnclxwN

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ea836c9cd6b9ecf1e198f34628116aa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 12:20:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6298
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 May 2023 12:20:25 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame B1AF 19 KB
8 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/nnclxwN

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ea836c9cd6b9ecf1e198f34628116aa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 06:15:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
server: cafe
etag: 11444945707709536616
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 May 2023 06:15:49 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B1AF 0
0 45ms
44ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS0GhyLrXd842AXWt0mPc-9PPkmBZxFbCMkVzO_aw1H9I4A5AQ8fC3EWFQbODsJNBOQub6Y8Z-bFrf0nRySJuEttDLGpQ
Requested by: Host: upfilesurls.com
URL: https://upfilesurls.com/nnclxwN
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ea836c9cd6b9ecf1e198f34628116aa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B1AF 159 KB
49 KB 158ms
56ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/nnclxwN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ea836c9cd6b9ecf1e198f34628116aa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:05:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 24 Apr 2023 14:05:23 GMT

GET
H3 200 f8970ecc2196f374e9d99027c476dd6b.js Show response
www.gstatic.com/mysidia/ Frame B1AF 32 KB
13 KB 116ms
38ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f8970ecc2196f374e9d99027c476dd6b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/nnclxwN

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ea836c9cd6b9ecf1e198f34628116aa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:50:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 202502
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13747
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 02:08:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 21 Jul 2023 05:50:21 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/elements/html/ Frame BA39 19 KB
8 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 0ea836c9cd6b9ecf1e198f34628116aa.safeframe.googlesyndication.com
URL: https://0ea836c9cd6b9ecf1e198f34628116aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5663a1ab2a975aedc88dbbf644d92980a966b614286321a39baac756077b738

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ea836c9cd6b9ecf1e198f34628116aa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 19:24:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67261
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8167
x-xss-protection: 0
server: cafe
etag: 3140062999518874537
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 May 2023 19:24:22 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BA39 205 B
229 B 121ms
49ms Image
image/png 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 0ea836c9cd6b9ecf1e198f34628116aa.safeframe.googlesyndication.com
URL: https://0ea836c9cd6b9ecf1e198f34628116aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ea836c9cd6b9ecf1e198f34628116aa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 12:26:52 GMT
x-content-type-options: nosniff
age: 5911
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 23 Apr 2024 12:26:52 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BA39 604 B
628 B 113ms
41ms Image
image/png 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 0ea836c9cd6b9ecf1e198f34628116aa.safeframe.googlesyndication.com
URL: https://0ea836c9cd6b9ecf1e198f34628116aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ea836c9cd6b9ecf1e198f34628116aa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 13:06:02 GMT
x-content-type-options: nosniff
age: 3561
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 23 Apr 2024 13:06:02 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8237 1 KB
643 B 40ms
39ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 0ea836c9cd6b9ecf1e198f34628116aa.safeframe.googlesyndication.com
URL: https://0ea836c9cd6b9ecf1e198f34628116aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0ea836c9cd6b9ecf1e198f34628116aa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 64918
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 23 Apr 2023 20:03:25 GMT
etag: 48472445140208031
expires: Mon, 24 Apr 2023 20:03:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8237
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEFSJwIWSLgSTGRWPbHzOlog&google_cver=1&google_push=Aer7DvLp40lZ5tr_Msk1F5LAw0nVoFcmFbLu-U2MIS67roBOhMYQpRyP0U_KEaRVrRNV4v7H16EylgyP7hd36Hax...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=wchhlePFTIeeJv0LCTkkQQ2&google_push=Aer7DvLp40lZ5tr_Msk1F5LAw0nVoFcmFbLu-U2MIS67roBOhMYQpRyP0U_KEaRVrRNV4v7H16EylgyP7hd36Haxqrv3R3IjXpg

170 B
232 B

82ms
52ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=wchhlePFTIeeJv0LCTkkQQ2&google_push=Aer7DvLp40lZ5tr_Msk1F5LAw0nVoFcmFbLu-U2MIS67roBOhMYQpRyP0U_KEaRVrRNV4v7H16EylgyP7hd36Haxqrv3R3IjXpg

Requested by

Host: 0ea836c9cd6b9ecf1e198f34628116aa.safeframe.googlesyndication.com
URL: https://0ea836c9cd6b9ecf1e198f34628116aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 14:05:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 24 Apr 2023 14:05:23 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=wchhlePFTIeeJv0LCTkkQQ2&google_push=Aer7DvLp40lZ5tr_Msk1F5LAw0nVoFcmFbLu-U2MIS67roBOhMYQpRyP0U_KEaRVrRNV4v7H16EylgyP7hd36Haxqrv3R3IjXpg
x-host: tde-deliveryengine-production-64c8469d98-82h6c
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame 8237 43 B
350 B 75ms
22ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEFaGSFxg4TPy7gBfQHlddoU&google_cver=1&google_push=Aer7DvJNQItFbdgnhfitIpbAhyEapK4WMy7huQ98dNtyo2fTlRbkro7Z5ERKSk-25na_Emkf23E-9wSCYdaUO-ircGj5cEl49kPw
Requested by: Host: 0ea836c9cd6b9ecf1e198f34628116aa.safeframe.googlesyndication.com
URL: https://0ea836c9cd6b9ecf1e198f34628116aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 14:05:23 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 0moe3f80bdo03tvmeskot9avrqd2kfc8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8237
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAGYGHtwAnPHvrfo4q22tkc&google_cver=1&google_push=Aer7DvIgurMN6CpkSG1CQ4Ex2JfvzbnRKy1Andz9lWVoBBqqBQZPfs4wC94uYxdpZ_BylsJiCAUUIK2Z1bcx...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvIgurMN6CpkSG1CQ4Ex2JfvzbnRKy1Andz9lWVoBBqqBQZPfs4wC94uYxdpZ_BylsJiCAUUIK2Z1bcx5wonU9sac93beQ24

170 B
329 B

117ms
51ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvIgurMN6CpkSG1CQ4Ex2JfvzbnRKy1Andz9lWVoBBqqBQZPfs4wC94uYxdpZ_BylsJiCAUUIK2Z1bcx5wonU9sac93beQ24

Requested by

Host: 0ea836c9cd6b9ecf1e198f34628116aa.safeframe.googlesyndication.com
URL: https://0ea836c9cd6b9ecf1e198f34628116aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 14:05:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvIgurMN6CpkSG1CQ4Ex2JfvzbnRKy1Andz9lWVoBBqqBQZPfs4wC94uYxdpZ_BylsJiCAUUIK2Z1bcx5wonU9sac93beQ24
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8237
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESENt6pjUrXJlc3MYsHPyiMAU&google_cver=1&google_push=Aer7DvLYIBrv4icTVfxnJmBwYIr6V7utFWcoodW8f7kXExE8SeFUsINC3GhIHDilTqskyIV0UPAbY50xQY-wrE9dYSIVayIzzq3L
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aer7DvLYIBrv4icTVfxnJmBwYIr6V7utFWcoodW8f7kXExE8SeFUsINC3GhIHDilTqskyIV0UPAbY50xQY-wrE9dYSIVayIzzq3...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI1NTk5MTgyNTI0ODkzNzI4ODg1Mg%3D%3D&google_push=Aer7DvLYIBrv4icTVfxnJmBwYIr6V7utFWcoodW8f7kXExE8SeFUsINC...

170 B
232 B

99ms
53ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI1NTk5MTgyNTI0ODkzNzI4ODg1Mg%3D%3D&google_push=Aer7DvLYIBrv4icTVfxnJmBwYIr6V7utFWcoodW8f7kXExE8SeFUsINC3GhIHDilTqskyIV0UPAbY50xQY-wrE9dYSIVayIzzq3L

Requested by

Host: 0ea836c9cd6b9ecf1e198f34628116aa.safeframe.googlesyndication.com
URL: https://0ea836c9cd6b9ecf1e198f34628116aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 14:05:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI1NTk5MTgyNTI0ODkzNzI4ODg1Mg%3D%3D&google_push=Aer7DvLYIBrv4icTVfxnJmBwYIr6V7utFWcoodW8f7kXExE8SeFUsINC3GhIHDilTqskyIV0UPAbY50xQY-wrE9dYSIVayIzzq3L
date: Mon, 24 Apr 2023 14:05:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8237
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEKYhdSMoUbYhKUBeKdqn7Ng&google_cver=1&google_push=Aer7DvJFoAOn43z3a78vZICTyGizFh5FBFruClP4D303Hk3PU1MCRZELkaMATJEsXF2XKyj6WcR3q...
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=Aer7DvJFoAOn43z3a78vZICTyGizFh5FBFruClP4D303Hk3PU1MCRZELkaMATJEsXF2XKyj6WcR3qOaZAlXx5cJBYMSycj8PHmzP&google_hm=WkVhTXBNQ28...

170 B
232 B

49ms
49ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=Aer7DvJFoAOn43z3a78vZICTyGizFh5FBFruClP4D303Hk3PU1MCRZELkaMATJEsXF2XKyj6WcR3qOaZAlXx5cJBYMSycj8PHmzP&google_hm=WkVhTXBNQ284WGtBQURidkdlc0FBQUFB

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 14:05:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID: 0
Date: Mon, 24 Apr 2023 14:05:24 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync_before?google_cver=1&google_gid=CAESEKYhdSMoUbYhKUBeKdqn7Ng&google_push=Aer7DvJFoAOn43z3a78vZICTyGizFh5FBFruClP4D303Hk3PU1MCRZELkaMATJEsXF2XKyj6WcR3qOaZAlXx5cJBYMSycj8PHmzP&proto=google_ebda","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZEaMpMCo8XkAADbvGesAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40201"}
X-SO-Key: ZEaMpMCo8XkAADbvGesAAAAA
Server: nginx
X-SO-Upstream-ID: a-ad40201
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=Aer7DvJFoAOn43z3a78vZICTyGizFh5FBFruClP4D303Hk3PU1MCRZELkaMATJEsXF2XKyj6WcR3qOaZAlXx5cJBYMSycj8PHmzP&google_hm=WkVhTXBNQ284WGtBQURidkdlc0FBQUFB
Cache-Control: private
X-SO-HostName: a-ad40201.dc2p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 3
Content-Length: 0
X-SO-LB-Hostname: m-tgng21.dc4p.scaleout.jp
X-SO-IP: 185.213.155.171

GET
H/1.1

200

0.gif
id5-sync.com/i/495/ Frame 8237
Redirect Chain

https://sync.inmobi.com/gob?google_gid=CAESEIXsrUdCGmnW99QthP9qhAU&google_cver=1&google_push=Aer7DvLZoFSHXz1D3cmWSrVOxv5tfmzDrNbk7UC6LXpzV9_ENhh7sPBiXAUEezliRJsoEJazHy6Bo9NSq-t3atfl7Ttyh9x-MKR6lA
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAer7DvLZoFSHXz1D3cmWSrVOxv5tfmzDrNbk7UC6LXpzV9_E...

43 B
1 KB

22ms
8ms

Image
image/gif

141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAer7DvLZoFSHXz1D3cmWSrVOxv5tfmzDrNbk7UC6LXpzV9_ENhh7sPBiXAUEezliRJsoEJazHy6Bo9NSq-t3atfl7Ttyh9x-MKR6lA

Protocol

HTTP/1.1

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Mon, 24 Apr 2023 14:05:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

Redirect headers

date: Mon, 24 Apr 2023 14:05:23 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
expect-ct: max-age=0
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
location: https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAer7DvLZoFSHXz1D3cmWSrVOxv5tfmzDrNbk7UC6LXpzV9_ENhh7sPBiXAUEezliRJsoEJazHy6Bo9NSq-t3atfl7Ttyh9x-MKR6lA
x-download-options: noopen
vary: Accept
content-length: 273
x-xss-protection: 0

GET
H2

200

report
sync.teads.tv/um/ Frame 8237
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEBasNDpnRlilvXoh-kqUwYs&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aer7DvJmBxDj9blzHlEhMwiA1xODTPRfundUwuK-uMBkSy3701fw5TxVP-9wEHFHg81YzShyUUAcvZHeSuvxoh0vE-KT1hOq7V3y8w
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

33ms
33ms

Image
image/gif

104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: 0ea836c9cd6b9ecf1e198f34628116aa.safeframe.googlesyndication.com
URL: https://0ea836c9cd6b9ecf1e198f34628116aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires: Mon, 24 Apr 2023 14:05:23 GMT
pragma: no-cache
date: Mon, 24 Apr 2023 14:05:23 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 24 Apr 2023 14:05:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 8237 0
130 B 148ms
48ms Image
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IdfgmtmfImCyd-f02iRU6Bzc28Zsk5fWzBJyJZwhO_pY9hG_UM-LBl8jqyWiqwMqM3LYBPlcM

Requested by

Host: 0ea836c9cd6b9ecf1e198f34628116aa.safeframe.googlesyndication.com
URL: https://0ea836c9cd6b9ecf1e198f34628116aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:05:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js Show response
pagead2.googlesyndication.com/bg/ Frame B960 36 KB
14 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/nnclxwN

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ea836c9cd6b9ecf1e198f34628116aa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 12:20:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6297
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14264
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 Apr 2024 12:20:26 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012304062309000/ Frame 371B 222 KB
61 KB 38ms
36ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304062309000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60d19fcc26403308bd021dd6ce6588cca81c6a42a34472277186bad9a4155022

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 22 Apr 2023 23:33:30 GMT
age: 138713
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61901
x-xss-protection: 0
server: sffe
etag: "8572ebb49fe3e70f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 21 Apr 2024 23:33:30 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012304062309000/v0/ Frame 371B 15 KB
5 KB 52ms
50ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304062309000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a80bc624f7ab3177dcab36c63396d6b7b3f18c41fd09c7a3e5b54792d566904a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 22 Apr 2023 19:41:53 GMT
age: 152610
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "ad2d0ddcea45401f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 21 Apr 2024 19:41:53 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012304062309000/v0/ Frame 371B 94 KB
28 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304062309000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a767e3a4a89fd5d5747f2e60656de81560b8d24575c7be5df0d541906cb86ce

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 22 Apr 2023 14:39:29 GMT
age: 170754
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28974
x-xss-protection: 0
server: sffe
etag: "441c199a95baae2a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 21 Apr 2024 14:39:29 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012304062309000/v0/ Frame 371B 5 KB
2 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304062309000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d96e062d7e164a34e2a7773fab8c722f36ea442d2b944ce5cb359c8b78fa01

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 20 Apr 2023 12:16:47 GMT
age: 352116
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1904
x-xss-protection: 0
server: sffe
etag: "60fdf036b4edbfa8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 19 Apr 2024 12:16:47 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012304062309000/v0/ Frame 371B 40 KB
13 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304062309000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a7522d02dbbc03101dfe3d8cfb3b0ff1c974af884931a79477056345c306648

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 22 Apr 2023 16:28:46 GMT
age: 164197
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12949
x-xss-protection: 0
server: sffe
etag: "53b4f6addb6819c0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 21 Apr 2024 16:28:46 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 371B 9 KB
921 B 49ms
48ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 24 Apr 2023 14:05:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 13:24:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 24 Apr 2023 14:05:23 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 371B 295 B
319 B 36ms
35ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 21:21:48 GMT
x-content-type-options: nosniff
server: cafe
age: 60215
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 24 Apr 2023 21:21:48 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 371B 2 KB
2 KB 36ms
35ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/nnclxwN

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 22:44:13 GMT
x-content-type-options: nosniff
server: cafe
age: 55270
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Mon, 24 Apr 2023 22:44:13 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 371B 0
0 85ms
85ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CAoIKooxGZPusHuCT7_UP3c--oAOG1LL4b6S9zdGPDc-kq9_wDBABIP--7ixgleKQgqAHoAGZmK3bA8gBBuACAKgDAaoE9AFP0M9tFBQ0-bsaDx095Eg0-tUWav0Somfe5swaBjjm8YMxII9cwtskFLQj1iXdq3h8zxjJG84aXPJZfyh0lUkIFCkXP2VV9KcnD-Eu8EBD6CV_mZcsOn_Vql81y8mjDiWLhKb-VxLqyct9jrqS1kmbGkfEPQqQtWIpNdtPZdDjpVRkK9LhN1LNOx2-7mMI5GqMgnZnRvE3PVNEWiNR5UJJYF_EosSNZl2bGWKHLQPfaeh5fBB_kiruWHDs9z4BuBp2NlWjYwQ0CD4BD4tCC64CQ41Z9067SJqAB7GhMOu7hgWyXWFBrS_HdD7qPHdqCt-67DzlwASrov6aqwHgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAYAHz-fSJKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEKfYGtIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsB2BMMiBQG0BUBgBcBshceChwIABIUcHViLTE5NDYzNzc2OTUzNjcwMzcY__kd&sigh=orLPfWDTfvU&uach_m=[UACH]&cid=CAQSTABygQiD06vcGlw0kjGnVrsInCipnHXEcD-_D8Y6wBmO2kfED36vD1FE-X9B5wWpbfhHwPhWWKmVPtxZ5RxdFoTFW4RTCw2zeM37xqAYAQ&template_id=492
Requested by: Host: upfilesurls.com
URL: https://upfilesurls.com/nnclxwN
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 371B 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8be2d63127314be82c931bd7080227b6dabe051966008ae6eed81ce4f178376d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame 371B 29 KB
29 KB 40ms
40ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://upfilesurls.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 22:26:30 GMT
x-content-type-options: nosniff
age: 142733
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 22:26:30 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 371B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

50ms
49ms

Image
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: upfilesurls.com
URL: https://upfilesurls.com/nnclxwN
Protocol: H2
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Redirect headers

date: Mon, 24 Apr 2023 14:05:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 76ms
76ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304190101&jk=2619618513606310&bg=!uLulu-_NAAYfNdXmPzU7ADkAdvg8WgT_-MyoSgmo2OrgJlrlme_WCcnBwNpQwy6Mq7HwFRLnN389MINllYFuivwm2jMFmVR0lO8CAAAA71IAAAACaAEHmQLjDHl2TilSk08gjgb2iGmNzDxsGZSMR6r2HxO1Ylm3-rXXlrnhOs5aFYapIcl8l7M5j5s4Oyu8W_r_ZE6u3Mh58zu4vJlnTOyJm3Bdx0is0jBTW7BOz5PncbYQOuwmNeTbFgNS3UsIuqu58UXiLaAop7HsM8mhXnz0oJDbra-1uRZeRXngqbCl7oqXHSAgAQXhD1h9wOJPmaTi85eeYZNnkazyvA6yZicZA6FFXkZo2dgXCl-CjAPmF9V-hsA2imO308mSD667dPyWcRv0271AtD8EwhyBZmyz150hMNxxc3SsayTiiaD0nLCYEhNQKgrePJwSOFSjPlaFtJJJURZRMJwMagHHuX2jl0H-MnfYzSlp8oPAzpe2-QKk_3x4n9Gy2ZDHo5VmQ9XHO-TvKiDHMqqYFuXIwYCVvBlCz21lUnVyD-ZrJYRvEE-qWmVROVPmCdS_ma04KlR56u0AlWNKaDNhjclGBdhHddkbuZzK4TTw3H5VciGlnzjHLbxKi9mpoMRTpWeTC5ako8hX1ayJO1ZROko3ph1mOGWVmC486kSk7OHez7m-ZoZwrK0NNxvCTyIgie2G9BEv7nN70T_RVJqskkf53rvkPDusGn8syo28BA7NcrO3KduxyEFmASQLfewS2Ur9I-zV1R7KpZCYIe5ifnq0m2GsdDoEAizbSxCzPlAV9ODmvmikT6dDRMRQwncaUa6J5xWMMrXG427qyArCOATDoel-cIjTk0Mlg6D-Zo5w1smC3jKgl0dmVC-LJ-cP7xd8Y7YKxLMlUhx2-sUQZ7DWdu5utOxZnDFquhXiXky6CGFZEjwOC-mR8WhvN2YZMjmd-Qw3BCHJGkXDiSpXuMoICyMxB65NFRDaQFJOpSaxNn2YokCiO2y-zJ0B1a0zwGISCi7QLFs3f_Vrccpw056YLUePbXPBtV4AIEj8qp3_HXaEN-pt3GF8KzTB6O9VKsFfE_FdjecQOF4sZrUwlA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012304062309000/ Frame 83FA 222 KB
60 KB 49ms
45ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304062309000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60d19fcc26403308bd021dd6ce6588cca81c6a42a34472277186bad9a4155022

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 22 Apr 2023 23:33:30 GMT
age: 138714
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61901
x-xss-protection: 0
server: sffe
etag: "8572ebb49fe3e70f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 21 Apr 2024 23:33:30 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012304062309000/v0/ Frame 83FA 15 KB
5 KB 112ms
108ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304062309000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a80bc624f7ab3177dcab36c63396d6b7b3f18c41fd09c7a3e5b54792d566904a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 22 Apr 2023 19:41:53 GMT
age: 152611
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "ad2d0ddcea45401f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 21 Apr 2024 19:41:53 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012304062309000/v0/ Frame 83FA 94 KB
28 KB 44ms
40ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304062309000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a767e3a4a89fd5d5747f2e60656de81560b8d24575c7be5df0d541906cb86ce

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 22 Apr 2023 14:39:29 GMT
age: 170755
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28974
x-xss-protection: 0
server: sffe
etag: "441c199a95baae2a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 21 Apr 2024 14:39:29 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012304062309000/v0/ Frame 83FA 5 KB
2 KB 110ms
106ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304062309000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d96e062d7e164a34e2a7773fab8c722f36ea442d2b944ce5cb359c8b78fa01

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 20 Apr 2023 12:16:47 GMT
age: 352117
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1904
x-xss-protection: 0
server: sffe
etag: "60fdf036b4edbfa8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 19 Apr 2024 12:16:47 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012304062309000/v0/ Frame 83FA 40 KB
13 KB 103ms
99ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304062309000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a7522d02dbbc03101dfe3d8cfb3b0ff1c974af884931a79477056345c306648

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 22 Apr 2023 16:28:46 GMT
age: 164198
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12949
x-xss-protection: 0
server: sffe
etag: "53b4f6addb6819c0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 21 Apr 2024 16:28:46 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 83FA 9 KB
920 B 51ms
47ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b91df307e2ac53ed84741590130631492c7a2a7b1877727c9a97349efbeca43b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 24 Apr 2023 14:05:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 13:58:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 24 Apr 2023 14:05:24 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 83FA 2 KB
2 KB 39ms
35ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 22:44:13 GMT
x-content-type-options: nosniff
server: cafe
age: 55271
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Mon, 24 Apr 2023 22:44:13 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 83FA 295 B
319 B 39ms
36ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 21:21:48 GMT
x-content-type-options: nosniff
server: cafe
age: 60216
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 24 Apr 2023 21:21:48 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 83FA 0
0 82ms
80ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Ctvyio4xGZN38LMaL7_UPta2hyAG75rfDbqCE4su8ELmH58vDFhABIP--7ixgleKQgqAHoAHIsanNA8gBBuACAKgDAaoE9gFP0PJ5BkKijv20ru9EIfg4Z_0P6kB3kAjLnhTOolxFH9bu85gDpbnqMgnEA0Ua0HRDdpZYyxDTr5GTnYtdBqjZ29-igk031vw1Zhns3E7Nv-NK6GYZInIXgoTWMAuZaPVDpBgYYxMWKTwc1d7gw0w8rUrayYcnopJW0J8ywTxmGsEKN2CNuWTK91LiBJ3jFM8oPz96r9WO9umwMhMw3tF9rX5hn0W5wK-tsNZ4YNy6-vM_2AQJtCTbwYHkxpOKEf3w-YTvBRJyPl4WnQJyu7Q9ViF9RnWvKvgPZpW2npkqvk42ByesQjN-kTDAyi9PTeAlGnqGR5nABIPxwKn-A-AEAZIFBAgEGAGSBQQIBRgEgAfk6uI1qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQwsFD0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEwyIFAXQFQGAFwGyFx4KHAgAEhRwdWItMTk0NjM3NzY5NTM2NzAzNxj_-R0&sigh=qemZh6zACaE&uach_m=[UACH]&cid=CAQSSwBygQiDwFua3jaBPsMQkamCCwbf6aA4ub_FRPEbBXDF0J7rpw-Pexq27LdkgxeBkHAnTFRbdL_Yr9et-m7l-MnAJuynGsAFXHUWMhgB&template_id=5020
Requested by: Host: upfilesurls.com
URL: https://upfilesurls.com/nnclxwN
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 83FA 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 83FA 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81fb146f4f4b9f1027f45619ded443b0aa454602ccf7e56b063c0105334db917

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame 83FA 29 KB
29 KB 38ms
38ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://upfilesurls.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 22:26:30 GMT
x-content-type-options: nosniff
age: 142734
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 22:26:30 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 83FA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

48ms
48ms

Image
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: upfilesurls.com
URL: https://upfilesurls.com/nnclxwN
Protocol: H3
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Redirect headers

date: Mon, 24 Apr 2023 14:05:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 8EA9 42 B
64 B 76ms
76ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv2lIGhR5Al1M3q_ydNoFV_fHFnXmexQvd1gfxCkW4Dq7-8lHPdarM7JImK6p6OaipLcG-D4ng8gSDyx_TkUT_SSGXF0PJnbUfVZl3ch_aefzUk8ikdkRK5iuyWmDkf38AKgZEl7Q&sai=AMfl-YT6vr7OuBnIbR-PsKZkGIMTYl-vSiUdqYK9OW_-jvTApOMFdCCrHEZ262LBSTZW8EY_e9jGVW82QYTSLDAHx8cFtb6OJ8APzYlfJOjn&sig=Cg0ArKJSzIv90cjv1urMEAE&cid=CAQSLQBygQiDCy72jsqSJ5zZH_oXiLV0H8x2KjWkcPRaicJO6JlAx7_-MDqOyjOg_xgB&id=ampim&o=436,1110&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=350&tls=1350&g=100&h=100&tt=1350&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 14:05:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012304062309000/ Frame B378 222 KB
60 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304062309000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60d19fcc26403308bd021dd6ce6588cca81c6a42a34472277186bad9a4155022

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 22 Apr 2023 23:33:30 GMT
age: 138714
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61901
x-xss-protection: 0
server: sffe
etag: "8572ebb49fe3e70f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 21 Apr 2024 23:33:30 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012304062309000/v0/ Frame B378 15 KB
5 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304062309000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a80bc624f7ab3177dcab36c63396d6b7b3f18c41fd09c7a3e5b54792d566904a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 22 Apr 2023 19:41:53 GMT
age: 152611
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "ad2d0ddcea45401f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 21 Apr 2024 19:41:53 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012304062309000/v0/ Frame B378 94 KB
28 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304062309000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a767e3a4a89fd5d5747f2e60656de81560b8d24575c7be5df0d541906cb86ce

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 22 Apr 2023 14:39:29 GMT
age: 170755
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28974
x-xss-protection: 0
server: sffe
etag: "441c199a95baae2a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 21 Apr 2024 14:39:29 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012304062309000/v0/ Frame B378 5 KB
2 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304062309000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d96e062d7e164a34e2a7773fab8c722f36ea442d2b944ce5cb359c8b78fa01

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 20 Apr 2023 12:16:47 GMT
age: 352117
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1904
x-xss-protection: 0
server: sffe
etag: "60fdf036b4edbfa8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 19 Apr 2024 12:16:47 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012304062309000/v0/ Frame B378 40 KB
13 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304062309000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a7522d02dbbc03101dfe3d8cfb3b0ff1c974af884931a79477056345c306648

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 22 Apr 2023 16:28:46 GMT
age: 164198
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12949
x-xss-protection: 0
server: sffe
etag: "53b4f6addb6819c0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 21 Apr 2024 16:28:46 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame B378 9 KB
920 B 48ms
47ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b91df307e2ac53ed84741590130631492c7a2a7b1877727c9a97349efbeca43b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 24 Apr 2023 14:05:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 12:11:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 24 Apr 2023 14:05:24 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B378 2 KB
2 KB 36ms
35ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 22:44:13 GMT
x-content-type-options: nosniff
server: cafe
age: 55271
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Mon, 24 Apr 2023 22:44:13 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B378 295 B
319 B 38ms
37ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 21:21:48 GMT
x-content-type-options: nosniff
server: cafe
age: 60216
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 24 Apr 2023 21:21:48 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B378 0
0 80ms
80ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CnQdYpIxGZNWOBqKA7_UPt5-gQPORvfZvwpujmqERyv6pwYwwEAEg_77uLGCV4pCCoAegAZPUuOQDyAEG4AIAqAMBqgT1AU_Q-WTGvOvxn-EbgkSo0QJ47QJoZQwJxvYvASTBHMmsBm6i2qUIDZspTPzD7qWw9u6XZZiOaptGgzitYkxHFdMktEdYvdWQiNasWv2y5qApceJG2MEX8g-3ObTCklYXgDBjt2Rju0MaWMbelyKBc2WhREnBZLzFoqV_zwcpHHMfIayQ2pSAkAraXAZP79NC6VeR2dpr0iEvX8Du57Tv-apZH6DD84UeBEMlMI70HK0QluaCA5myv2m6VEr3X-BUpyvUnwOkXHgLPLeSyobAtNqiJFqdW7mxkUoGhY8IXDuFg5E0o63lJV0YiUCnOrVq5soPYt6ewAStsIz-mwTgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAYAH1avHG6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEELeQHdIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsB2BMN0BUBmBYBgBcBshceChwIABIUcHViLTE5NDYzNzc2OTUzNjcwMzcY__kd&sigh=hsK1UD3PotE&uach_m=[UACH]&cid=CAQSSwBygQiDPHzDmMlji9X0wX0LJL8bwXhtpZsUxjKHg0XChv8etAxJeGHHnnqZszBid3Nt2LYOr99K7G3GnAc1rLR6n27q8DxSPHVR7xgB&template_id=5020
Requested by: Host: upfilesurls.com
URL: https://upfilesurls.com/nnclxwN
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame B378 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B378 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a0ae0afac751ea7758ecd1e8d5ddfcb9d9c58faac1c4f8f7c728f51e3afed728

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame B378 29 KB
29 KB 38ms
38ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://upfilesurls.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 22:26:30 GMT
x-content-type-options: nosniff
age: 142734
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 22:26:30 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame B378
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

52ms
52ms

Image
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: upfilesurls.com
URL: https://upfilesurls.com/nnclxwN
Protocol: H3
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Redirect headers

date: Mon, 24 Apr 2023 14:05:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 371B 42 B
64 B 76ms
76ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsszZmP6T6RQMpHbHBjnr7fHpgzwHffAJQqO6a4lik3CcAui-Dl3RIPnuKehoQA6SJvizNboUexM_ha1moWNUAKwXfoK5heAqWx5yjIzv9UFBfuh01ODF6n3srB-7a0BrtbG37AXfA&sai=AMfl-YTtODuz-uzU34EdVRzPhA-6r4CIKd_ITHnX5dpDUpDo_B0V6YZYXJD3cOqWhERLBGOD97fNuKZrLKPbd2FgEdAF_-vZwHrpuP9zqZEZkLUTlgmGjNv6JX9nE4tlpRXRgIRd0xgH3XCKIP-C6A&sig=Cg0ArKJSzNqmrD22ZLejEAE&cid=CAQSTABygQiD06vcGlw0kjGnVrsInCipnHXEcD-_D8Y6wBmO2kfED36vD1FE-X9B5wWpbfhHwPhWWKmVPtxZ5RxdFoTFW4RTCw2zeM37xqAYAQ&id=ampim&o=650,595&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=143&tls=1143&g=100&h=100&tt=1143&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 14:05:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 83FA 42 B
64 B 77ms
77ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst5w_S60FqQ9BoY-AzNWkggQGW_XajyIgI5A8uGrY7PTmLWL28xIrVQqV6EPZhatL90YzXF_5VDfUICxUf-lx1WLP8wtZk__9cZ3YfoalG4DLmoMak753sLVZCfyaUJmxNqT6wRNw&sai=AMfl-YRzbqBiJuHEO5ztmsHVrEg6oXbeP9FS4HyAny-UAjs5nnuQQQOa7zgnWiNX88ChjllVe6h6EruUCvBrhfGAqSmh0qAcqRC4W52_9jOeZHdAzxJCNim-zvFoid3yRCC-JCRSN7Zdl0-udXYf&sig=Cg0ArKJSzIsRXomIlqpOEAE&cid=CAQSSwBygQiDwFua3jaBPsMQkamCCwbf6aA4ub_FRPEbBXDF0J7rpw-Pexq27LdkgxeBkHAnTFRbdL_Yr9et-m7l-MnAJuynGsAFXHUWMhgB&id=ampim&o=650,281&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=161&tls=1161&g=100&h=100&tt=1161&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 14:05:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame B378 42 B
64 B 76ms
75ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsucUefSExBK_C3HJG1_4PHLwqadkMkc-2TX-sztbU2qX7aRONuBTsEg6kZCbK9INV9IqZovp7Urv6PPvigkZZSO4XG4KGp8Z_WNlk4JvYkmTlrI7UqghcQSFrJiEQpUbNdqQaEHv82tKGWRUnWgMmpd0LAaFF1lD-WieQ&sai=AMfl-YQNjhVpwvi6dX5ezyAnBXn3TpcqHGILwrPIXWaZOkKgxXvc6XAUDJa9Shp7ASPJX9dVeFI8bOjLgOV3uchSZJ_khm2GWn0iJFbAD6018vZeQXQtm7CUqzp-2iQMxoX5tZG6mkYuQgMgGxg3&sig=Cg0ArKJSzOEN-Y3axmCwEAE&cid=CAQSSwBygQiDPHzDmMlji9X0wX0LJL8bwXhtpZsUxjKHg0XChv8etAxJeGHHnnqZszBid3Nt2LYOr99K7G3GnAc1rLR6n27q8DxSPHVR7xgB&id=ampim&o=650,927&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=139&tls=1139&g=100&h=100&tt=1139&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 14:05:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

210 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
upfiles.com/	1970-01-20 11:19:12	Name: XSRF-TOKEN Value: eyJpdiI6IkpQd29RRVovYkJyQ3NuYnowUkNIbmc9PSIsInZhbHVlIjoiRU1MaTFaMnN5c0hDdUVFUmZqc29XN3VqUklteFFrb09YQ1hFWEJJMUdrKzFRWnFSb1dnUEJXaHdxSmhqdWRVWjhzbjVLc1RTcllhS1l6cGV6NVFIM0V5YWJmcnU2MjFSQ2x3M2xJd0gxSE5ucTVkVk1CVk10OWhLMGZGYlFobXAiLCJtYWMiOiI2ZmYzMTg3YWM2NDJkMDI0OTgxNjgxNjcyNjRlMzhkNDViODU5N2UzOTFiNDY3ZjJkNzU4MzlhYjU4Zjg5OWJhIiwidGFnIjoiIn0%3D
upfiles.com/	1970-01-20 11:19:12	Name: upfiles_session Value: eyJpdiI6IkhiZ0lwVEhIdkRLbk1FNHBMdHpFTUE9PSIsInZhbHVlIjoib0NkVlVqZnJZY3JtS0pnVHBCQy9Ndkp0NXhHdDVROUlTa0RBNDlna2lYblhWV1l2THRKbDRVV1RzMXJSVzJodTMxclVJOHkzZGdyd1VYQ2hrRlphTTRlSTVCNXRyNGM4WTM4K2xjWHoxMzlmNWZzOEZ5dHZnV1FKNDR6TitTRU4iLCJtYWMiOiI3ZDY3NTFkNzVlNWVkYTMxMjVhMzNmZjljZDRlZTVlYTU4MDNhMjhjMThiOTUyNTQwZmM1Zjc5NGM3NDE3ZWE4IiwidGFnIjoiIn0%3D
upfilesurls.com/	1969-12-31 23:59:59	Name: auth Value: eyJpdiI6ImFBRC9NTG1jdTY4MUF2Qkp4WWJRVXc9PSIsInZhbHVlIjoiZlFUczYzQ2V2QVdZYkdLWmU1UWgyZz09IiwibWFjIjoiZjY0NmRhMTgzM2JlYmNhYzUzYzZlMDE3MTcxMzM5ZTViNjliNzMyMjQ3ZjE2YWNmZmY2NDkxYTRjZTc4NDdjNCIsInRhZyI6IiJ9
upfilesurls.com/	1970-01-20 11:19:12	Name: XSRF-TOKEN Value: eyJpdiI6ImRlRTVDUlhvbjdTR1FFQm1TeVd3Zmc9PSIsInZhbHVlIjoicUxRazQzM0VyM1paaTJKdjR3VnNkQTA3S0RTSWtpbVNLWFk4MGI4d0UwQWdqMlRtQm5KcnlWWFRHdGswMDl2cGdnb01OWkQrUW9tSkd4dDVJdzhsUXNQeXA3K05LQmNDYjdtcHhvNytYQ3dWOFpUOHRWeGtMa3ExbGhrTUdiUEYiLCJtYWMiOiJlMTE5YWQyNmZjMWEzMTQwNDNmYzgyMGM3NmFlMTZmM2E0ZTNmZDM5ZjFlY2MzNzU0MTU5ODQzZTBkYTRkY2RlIiwidGFnIjoiIn0%3D
upfilesurls.com/	1970-01-20 11:19:12	Name: upfiles_session Value: eyJpdiI6InBiK2lzaDBIemZya3hmajkvUS9JcFE9PSIsInZhbHVlIjoiMlEwMkJNNUpQMTZjZXJpUUFCMlpISEU3bmpDYmxXMGxiY3grc3hlMGNvNkNJeFZIdFhKM25DUlBpNXVQRHhHTUFpTlQ4RStGTWIvTEdHOGdHaFZ4SHJMMUNsZUExZmZxanJwdmE2YWIwL21UbVkwaTROZ3BHbzBWS3B6ZStTdTQiLCJtYWMiOiJjMDU4MzIzYjI2ZjQ5Nzc4Y2JkMWZhMWI3NWJjODUyNjBmMjdjM2Q0NjAyZWQwZWFhYjc0NzFjZmRjMzQ0YzA0IiwidGFnIjoiIn0%3D
live.demand.supply/	1970-01-20 20:55:05	Name: demandSupplyTi Value: dd797c35-54d9-4fc3-9d1f-f3a630b6e5de
.demand.supply/	1970-01-20 11:19:06	Name: __cf_bm Value: d9lFdLopaw_iJeQc5D3mp0Ohm6yukNlb2Xaf_Wg_y_8-1682345121-0-AZ4KeobnJYk7tixfpu1/JMkzqGwv8/hwEhydZi9MBT1A6ZvUjdVdYKa2cbF0Kypli9JgsCSHvpFO6uvi+uOpQ2s=
cschyogh.com/	1970-01-20 11:20:31	Name: GL_UI4 Value: eJw9jdtOhDAYhDmz6oJOwgP4CNTloJdmH8JLUugPWxfaTakQ397GRK%2Fmy%2BSbjOd5QfEIf0sihF%2B8xrNoqRpPbcNoqETNXvuRNSPxitXN26mlFndy7SzvZ7IRDuvCje3sFuE4kSIjh27QgjI8OeuvuSq9qwhxb7gSGeLFGXOGtDd6X8kUISLFF0JyvhjtMl74pzYIGXtxLJVjv0Sg1yLM75F%2BSCXcMD8iYGWeJx4ebjO3ozZLJ0XiI54MFwT%2FHYeBW5q0%2BUYqaL1afQP0LLp%2F%2F%2Fc33FmJRNAmB3eu7YXMD0rnTmc%3D
cschyogh.com/	1970-01-20 11:20:31	Name: GL_GI10 Value: eJxljNFKwzAYhbt0ixZl48AeoC9gIZay3arr3I1XPkAI3d8RpEn4kw3r06sbyMC7w3fOd7IsE8s5hA1YqHVTPaq6Uk1TqZVCfiAPsWlx3%2FmjSzxqZwbCzSvxYNwIyXSw3kHsWtxdsu78njDbtA9X7GzNdhQjYdrZNAJbNu6jP3IqzVC%2BGetQ%2FBYXffmj%2Fx%2FkNgagVmpVl%2B%2FEJ9tRLJ%2BeUThKOgaiPYoXz8GzSYT5Hz1%2Fyhy3NurA%2FnOUEyySHejLO9K%2B7yMlKTA5SfEN4WtPyw%3D%3D
pogothere.xyz/	1970-01-20 19:57:29	Name: csu Value: 2027230091671020@1@1682345122
upfilesurls.com/	1969-12-31 23:59:59	Name: ab Value: 2
.upfilesurls.com/	1970-01-20 20:55:05	Name: _ga Value: GA1.2.1517084921.1682345122
.upfilesurls.com/	1970-01-20 11:20:31	Name: _gid Value: GA1.2.209511663.1682345122
.upfilesurls.com/	1970-01-20 11:19:05	Name: _gat_gtag_UA_197252557_1 Value: 1
.upfilesurls.com/	1970-01-20 11:19:06	Name: __cf_bm Value: BPCTS.7FPHVFDudiaXFilvN6lz2FWqjD3H3.kNm.Sks-1682345122-0-Ac/keoi2CgmsiJnTGADmFaEJT370TS5PcSHwERdvsNLlYUJ7kCpwVpf2azEaD1rU0D1gEWZ2FdDMGBbkUCGiaRTLNExEHch1bI37t/P82olf
.criteo.com/	1970-01-20 20:40:41	Name: uid Value: 4fca555e-8b2b-491a-b7c2-662e3047e7c5
.doubleclick.net/	1970-01-20 20:40:41	Name: IDE Value: AHWqTUlRpqxzmJPbwUsLiWgLL7cA2HU2CKyI-ovQq57UAkLhSXljqgYi7yIjrSI0IwA
.doubleclick.net/	1970-01-20 11:19:08	Name: DSID Value: NO_DATA
.upfilesurls.com/	1970-01-20 20:40:41	Name: cto_bundle Value: 67VNsF9hRFVWJTJGVTJQJTJGdzk0V05xcWk3R1FVUnVReVA4JTJCJTJGR0ZCUzRYQjRiZDh2VWI3ODJvVWs5NUFQQ3p6aVlNVE9FMGcwSkxsJTJCOW1lellXelA1ZlFqMDVOJTJGaFE1a29ybCUyRmtlb0MlMkZIYzRkSGdjeWVQZ0tmak50cyUyQkVpUjROcGRaTWxCS0hlZ3RWRzhlYmRqaXlJcGEwdTZWTVElM0QlM0Q
.3lift.com/	1970-01-20 13:28:41	Name: tluid Value: 1255991825248937288852
.travelaudience.com/	1970-01-20 20:49:19	Name: _tracker Value: %7B%22UUID%22%3A%22C1C86195-E3C5-4C87-9E26-FD0B09392441%22%7D
.doubleclick.net/	1970-01-20 11:19:06	Name: test_cookie Value: CheckForPermission
.id5-sync.com/	1970-01-20 11:19:05	Name: cf Value:
.id5-sync.com/	1970-01-20 11:19:05	Name: cip Value:
.id5-sync.com/	1970-01-20 11:19:05	Name: cnac Value:
.id5-sync.com/	1970-01-20 11:19:05	Name: car Value:
.id5-sync.com/	1970-01-20 11:19:05	Name: gdpr Value:
.id5-sync.com/	1970-01-20 11:19:05	Name: callback Value:
.upfilesurls.com/	1970-01-20 20:40:41	Name: __gads Value: ID=2510caf8434586f5:T=1682345122:S=ALNI_MbVqtW5nxnTltba3T5DRK-zrgxD4w
.upfilesurls.com/	1970-01-20 20:40:41	Name: __gpi Value: UID=00000bef7a043295:T=1682345122:RT=1682345122:S=ALNI_MaWV4NCuUIV8u4kGR7z7Lie74FUVg

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://accounts.google.com/v3/signin/identifier?dsh=S-872287748%3A1682345122358073&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7RQoc8-Yx4fYz9he20l1rBVWa2O-R1c4QN563H4atSAh9ZoUixW4O2N3s2j044sNFQ5umTrmQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://accounts.google.com/v3/signin/identifier?dsh=S-938555786%3A1682345122364217&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7Ta7IzoH5_u_9LQkdpVLN1F7kipOPHOHr51j_OPXWP6IOnjYTTbMDWe6KLUeqLhiU5O2NVX5w&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin Message: Failed to load resource: the server responded with a status of 403 ()
javascript	warning	URL: https://upfilesurls.com/nnclxwN Message: The resource https://live.demand.supply/p4/v16-2-0/dXBmaWxlc3VybHMuY29tLw== was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0ea836c9cd6b9ecf1e198f34628116aa.safeframe.googlesyndication.com
accounts.google.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
bcp.crwdcntrl.net
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdntechone.com
cm.g.doubleclick.net
cschyogh.com
d18kg2zy9x3t96.cloudfront.net
datatechone.com
eb2.3lift.com
esp.rtbhouse.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
id5-sync.com
invstatic101.creativecdn.com
live.demand.supply
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
pogothere.xyz
rtb.openx.net
securepubads.g.doubleclick.net
static.criteo.net
sync.inmobi.com
sync.teads.tv
tags.crwdcntrl.net
tg.socdm.com
tpc.googlesyndication.com
tunitytostara.info
ukmlastityty.info
upfiles.com
upfilesurls.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.recaptcha.net
104.111.217.42
108.138.17.20
124.146.215.48
13.248.245.213
139.45.195.253
141.95.98.65
172.217.23.98
178.250.1.11
188.114.96.3
188.114.97.3
20.127.253.7
23.109.87.129
2600:9000:2250:e400:a:e047:752:b361
2600:9000:2491:a00:0:2146:f680:21
2606:4700:10::ac43:266a
2606:4700:20::681a:88a
2606:4700:3035::ac43:ad6a
2606:4700::6810:5514
2606:4700::6810:8516
2a00:1450:4001:800::2002
2a00:1450:4001:801::2001
2a00:1450:4001:803::2002
2a00:1450:4001:808::2003
2a00:1450:4001:809::2001
2a00:1450:4001:809::200d
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2008
2a00:1450:4001:812::200a
2a00:1450:4001:827::2004
2a00:1450:4001:828::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2003
2a02:2638:3::c
2a02:2638:d::2
2a03:2880:f177:83:face:b00c:0:25de
2a06:98c1:3121::3
34.96.70.87
35.186.253.211
35.190.0.66
35.190.39.111
51.75.86.98
54.247.57.110
65.9.66.68
002c63fb65e6855f34733170412ccadb8143b891dd70ea567064780b32470481
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dd815c6f44572186c92e323353893fc3cd4c2f75d32b2475c0c1cc86ac3cd0d
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528
11caa94312d47d8d21f6fd1c27b073d4485600c5bd2795b6d9c5e21eaf90f9f6
122b045d95227f20b88e28c6fb8336f022295044d74694904ddaa04d4022ac45
15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3
15ff90bcb7d42029055a96e447cd171c94ecfb0e7f5abd1ac10999d0ccfddb25
1677619e4aa1eea684cfaa892792e615bf01a8c0e3166c74e510aaab978202db
19d96e062d7e164a34e2a7773fab8c722f36ea442d2b944ce5cb359c8b78fa01
1c91593d00547c9ce11c68e4eaf99a6176a8d3a32c0205e0d68664104888afc2
1e6630f347f1e42e90fc6b5ea29ee15b5df4474bd570e126586015f6e0bc0b1b
21d10b75bcd878172987d8bc9cf9dee3022158e8319abdcb3c21370151d59a25
23bc1d893ce2d2f30b68e549aa3cb991c2a7b7dd87e3df67d9fbb6a8dd113bf8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9
2c470984efff845d5290f15d3a01552b4bff15c1e40a48c944233a5bc5f69539
2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc
2f1d9b491b08daadc738115c579f9cc1b85b29078fdefe99ad994f9db0f5da22
3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff
3040ee711aeec65a99d4cfeeb511ef730c3c58155ed9e8226ba37250e0e28ede
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36b51237a514c8362d64d43c17abd3d4fd2e3a586c8a55c32bfde0c0e1c114aa
3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d
3a7522d02dbbc03101dfe3d8cfb3b0ff1c974af884931a79477056345c306648
3d3e6705b468cecdd78fb9a1ee6688d60e1d2c1caa0db7baa88db460315dccea
3d45b2164e7d4b3463daed6795455b3a92c97f008b419ab071c7298d02171144
400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02
4305968d401a058b6695f260f04b69cb6ae4fadf6fd1a0c5078a67f9d2dbd86e
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb
49b73eff7dc54c9795872b2557f56a2a43b8c1736186b3c34b8f383e611ba19d
49f86648fe980257af70e72fe77536eafb2e52a736ac055325586dc80bd6390f
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d97756c4e4c82b4bd47f4c5bee530594937202cbb42a66b54a3383c39728e4c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59b7ad6d6f457b624e25d22959edc7c83af2ac52edba32fd6648c97af0d1780c
5a767e3a4a89fd5d5747f2e60656de81560b8d24575c7be5df0d541906cb86ce
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
60d19fcc26403308bd021dd6ce6588cca81c6a42a34472277186bad9a4155022
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61f7d9eaabbfde4b1fe0a802ca35b9bc8ce06e6d585a0a10071c155c6bcab518
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde
7bfc9803af274dd07c482552377fa0fffa2a7f00c23d1e12cf7c24e3a0a555bf
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
81fb146f4f4b9f1027f45619ded443b0aa454602ccf7e56b063c0105334db917
831997ce334905a4fc3c7f0673c30bd34701f9810d87b19335aea228804ae38a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e6d40058418cf5dfb914a0af63be9c0ac7b4b25990b51fd13c5d0861d74812
85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233
8b7cc222b02ddab0cb472ac0121a812bce4e97dd426989835944505c50db11e6
8be2d63127314be82c931bd7080227b6dabe051966008ae6eed81ce4f178376d
8f08962a81e435c7fc6a6a6bac22f72525a732c58ea3a3e14c7f8e4a1c3b9f83
926cb66f17af3caa1b849954067c5901d62e47a587b3e6aafde6e7d2ff383468
929a170c44fdfdf568552eca967afe6f4d92dbdaee95e6447739dc4106ed3772
93059e3cfb6b9298f5b8b8cc7dbc3f0df9da6bc28aef9354185493c7c590fd0b
9854b1d15806947862a36932c0c5a23994e72a05231c3b947be20e65347ad0d0
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
9a717285429d468fadc4d25179fc6feb49e6335f3af1675fb6be1cb50e7e8322
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0ae0afac751ea7758ecd1e8d5ddfcb9d9c58faac1c4f8f7c728f51e3afed728
a25d037bdf359c8a0580456aad01e1c64fc75f41b90248b43033943fc13356d2
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a80bc624f7ab3177dcab36c63396d6b7b3f18c41fd09c7a3e5b54792d566904a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1781fb1f2ab313d82fe583c0a78c9f28bf3010fea7b9e990b3075ab143387b9
b4f47094e75ae08c949023398269c7b3e31f3ed73748855beb004e625ad60580
b68b1f9fd8ab05554358cf4ab34b4a917c8e5d889cf1ecafbf5591e80d87d088
b75c87fd2f5fa87649642dbad66e3eaf75d8202c3fb0532d31bd622bbbe3195a
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
b91df307e2ac53ed84741590130631492c7a2a7b1877727c9a97349efbeca43b
ba4689299e8a29627b02f9dd8bb5ecec1ca32122dab181724dee2313627d9d85
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
c324724ca13a7a642052f344a02b01f5c964c09c2d8c190dc67986f3eecc8a2a
c5663a1ab2a975aedc88dbbf644d92980a966b614286321a39baac756077b738
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
cbd979b253f1094192758b903dbf1258373e373ea264905849c30ca44931e1e1
d454583aa343d4c8aa4e42c0876b20e60c20c0b89284e4ef0c662d0426c18254
d526da1f4d4af45cefd2a0d140abec2beddc3150d13c47d3de893eaa278a369d
d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51161fcc5b2c4b90c3381e517152eb275d52a6c288954e502479d7421386240
e87e0991dcfaa2c7b015d284d8b5d872363eb52af458b63c8449351b4b24612f
e9d3165c73a7f6243cdf07498cf37514d3128c1de540fa02d8a6d6c5fdf09db1
ea710145d18a082f364222c1fc1f5065e7790bb7cb1b3d6572ced0c545256b7e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f85b402b2b546b031f8363f3d34f1b879c05f1d46b23f776e24ccfc293220e6e
fc00b45a2ab2d64ac7fca534f8c11c402e8d97744f326373396a5b2b4fb54b01
ffb4e8389f6767f7696de22f67bfdfc3d92aae8ca7e50d7b61bdf59be3efafb4

upfilesurls.com Open in urlscan Pro 2606:4700:20::681a:88a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

168 Requests

92 %HTTPS

60 %IPv6

37 Domains

47 Subdomains

42 IPs

7 Countries

2216 kBTransfer

6202 kBSize

30 Cookies

11 Outgoing links

Page URL History

Redirected requests

168 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

upfilesurls.com Open in urlscan Pro
2606:4700:20::681a:88a Public Scan

Screenshot
Live screenshot

Full Image

168
Requests

92 %
HTTPS

60 %
IPv6

37
Domains

47
Subdomains

42
IPs

7
Countries

2216 kB
Transfer

6202 kB
Size

30
Cookies

168 HTTP transactions
9 data transactions