uptobox.com Open in urlscan Pro
172.67.40.210  Public Scan

6 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request zsfy3j8cn7px Show response uptobox.com/	11 KB 4 KB	80ms 53ms	Document text/html	172.67.40.210 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uptobox.com/zsfy3j8cn7px Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.40.210 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8bc3441e4ac6b47f7dcde8062431f1d3aff37d699a226f1c3c59c277f553ae49 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Wed, 02 Mar 2022 02:01:55 GMT content-type text/html; charset=UTF-8 access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range cf-railgun direct (waiting for pending WAN connection) vary Accept-Encoding cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 6e568c175e176967-FRA content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	uptobox.min.css uptobox.com/dist/	192 KB 40 KB	19ms 17ms	Stylesheet text/css	172.67.40.210 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uptobox.com/dist/uptobox.min.css?cacheKiller=1645688572 Requested by Host: uptobox.com URL: https://uptobox.com/zsfy3j8cn7px Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.40.210 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f6d27f4131f8dddb837508c3b274d8011fb309198dd9c539bb3cf6a35cad7fc3 Request headers Accept-Language de-DE,de;q=0.9 Referer https://uptobox.com/zsfy3j8cn7px User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Wed, 02 Mar 2022 02:01:55 GMT content-encoding br cf-cache-status HIT last-modified Mon, 14 Feb 2022 13:26:57 GMT server cloudflare age 225 etag W/"620a58a1-30089" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css cache-control max-age=2678400 cf-ray 6e568c17ce946967-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	fontawesome-all.min.css uptobox.com/assets/font/font-awesome/css/	63 KB 13 KB	21ms 20ms	Stylesheet text/css	172.67.40.210 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uptobox.com/assets/font/font-awesome/css/fontawesome-all.min.css Requested by Host: uptobox.com URL: https://uptobox.com/zsfy3j8cn7px Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.40.210 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 766618d32072335f0a3da8b317bb095e5541de3e20068bcdd31cc638478f0188 Request headers Accept-Language de-DE,de;q=0.9 Referer https://uptobox.com/zsfy3j8cn7px User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Wed, 02 Mar 2022 02:01:55 GMT content-encoding br cf-cache-status HIT last-modified Mon, 10 Feb 2020 14:07:03 GMT server cloudflare age 6319 etag W/"5e416387-fd25" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css cache-control max-age=2678400 cf-ray 6e568c17ce966967-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	asyncjs.php Show response ads2.uptobox.com/www/delivery/	8 KB 3 KB	70ms 20ms	Script text/javascript	163.172.198.13 Online SAS
General Check archive.org Show headers Download Go to Full URL https://ads2.uptobox.com/www/delivery/asyncjs.php Requested by Host: uptobox.com URL: https://uptobox.com/zsfy3j8cn7px Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 163.172.198.13 , France, ASN12876 (Online SAS, FR), Reverse DNS 163-172-198-13.rev.poneytelecom.eu Software nginx / Resource Hash d79f2e6cfdb416619a87014fa4e046a607f1e0eb41a39ad2de6a23f1a3c836de Request headers Accept-Language de-DE,de;q=0.9 Referer https://uptobox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Wed, 02 Mar 2022 02:01:55 GMT Content-Encoding gzip Server nginx Expire Wed, 02 Mar 2022 03:01:55 GMT Vary Accept-Encoding P3P CP="CUR ADM OUR NOR STA NID" Cache-Control private, max-age=3600 Transfer-Encoding chunked Connection close Content-Type text/javascript;charset=UTF-8
GET H/1.1	200 OK	12701 Show response genistawabbler.com/reNKHMiyfFp/	5 B 1 KB	186ms 21ms	Script application/javascript	23.109.87.158 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://genistawabbler.com/reNKHMiyfFp/12701 Requested by Host: uptobox.com URL: https://uptobox.com/zsfy3j8cn7px Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 23.109.87.158 , Netherlands, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://uptobox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Wed, 02 Mar 2022 02:01:55 GMT Content-Encoding gzip Strict-Transport-Security max-age=1 Server nginx Vary Accept-Encoding Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin https://uptobox.com Access-Control-Max-Age 600 Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Credentials true Access-Control-Allow-Headers content-type, megageocheckolololo, x-forwarded-for X-Content-Type-Options nosniff Keep-Alive timeout=20
GET H2	200	plIR.js Show response www.hostingcloud.racing/	116 KB 54 KB	74ms 27ms	Script application/javascript	81.171.8.143 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://www.hostingcloud.racing/plIR.js Requested by Host: uptobox.com URL: https://uptobox.com/zsfy3j8cn7px Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 81.171.8.143 Edegem, Belgium, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software nginx / Resource Hash b760977b22d056435133fab4f9642cfa50c9ef441d7c9ba945836b14ae3f57b9 Request headers Accept-Language de-DE,de;q=0.9 Referer https://uptobox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Wed, 02 Mar 2022 02:01:55 GMT content-encoding gzip last-modified Tue, 01 Mar 2022 16:15:04 GMT server nginx etag W/"621e4688-1d09b" vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=10800 expires Wed, 02 Mar 2022 02:44:33 GMT
GET H2	200	suv4.js Show response acdcdn.com/script/	25 KB 8 KB	44ms 15ms	Script text/javascript	2a06:98c1:3120::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://acdcdn.com/script/suv4.js Requested by Host: uptobox.com URL: https://uptobox.com/zsfy3j8cn7px Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 314f3228df2bf5a810714bc58d112483ae3ff32b68e35f6c235d7f298cce1b85 Request headers Accept-Language de-DE,de;q=0.9 Referer https://uptobox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers x-goog-hash crc32c=0kdGXw==, md5=6JAxf0lTq6f/Ttxj80T/RQ== date Wed, 02 Mar 2022 02:01:55 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 809 x-guploader-uploadid ADPycdv6toZb_zeGg73q1XVEdq0WDcgixx-lsdPdZDlliWZFcsI6ONDUiFMfGI13hmgRgz4KxPioARKL6HGwOQAbX0IQCKcasg x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Mon, 07 Feb 2022 13:32:16 GMT server cloudflare etag W/"e890317f4953aba7ff4edc63f344ff45" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f7PsUuMGekk8GLA5Q84pYKprHkMcKlThzPDQpZ8cLMxPYJ8xYKVE2UgYFxRil62Hj5AB6Dx1EDJiDBKONjx5eKv8ws%2Fz%2Bt3OIFrWFYblT99HLQvHsIzn7nUoFt9EAOCZPBWsixKapxHH"}],"group":"cf-nel","max_age":604800} x-goog-generation 1644240736927994 access-control-allow-origin * content-type text/javascript cache-control public, max-age=14400 x-goog-stored-content-length 25433 cf-ray 6e568c17fe365c2c-FRA expires Wed, 02 Mar 2022 02:21:15 GMT
GET H2	200	uptobox.min.js Show response uptobox.com/dist/	1 MB 292 KB	28ms 27ms	Script application/x-javascript	172.67.40.210 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uptobox.com/dist/uptobox.min.js?cacheKiller=1645688572 Requested by Host: uptobox.com URL: https://uptobox.com/zsfy3j8cn7px Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.40.210 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 705152dfa41cbb272c7120f2b0611a7bc5db0763be9a6c2b7897b85093557942 Request headers Accept-Language de-DE,de;q=0.9 Referer https://uptobox.com/zsfy3j8cn7px User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Wed, 02 Mar 2022 02:01:55 GMT content-encoding br cf-cache-status HIT last-modified Thu, 24 Feb 2022 07:42:52 GMT server cloudflare age 222 etag W/"621736fc-114663" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript cache-control max-age=2678400 cf-ray 6e568c17ce986967-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	u2f.js Show response uptobox.com/assets/js/	9 KB 2 KB	20ms 19ms	Script application/x-javascript	172.67.40.210 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uptobox.com/assets/js/u2f.js Requested by Host: uptobox.com URL: https://uptobox.com/zsfy3j8cn7px Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.40.210 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9fe03ccea5326a1208eae39f4f462679dffb26b601e235122396c5dfde74342e Request headers Accept-Language de-DE,de;q=0.9 Referer https://uptobox.com/zsfy3j8cn7px User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Wed, 02 Mar 2022 02:01:55 GMT content-encoding br cf-cache-status HIT last-modified Mon, 10 Feb 2020 14:07:03 GMT server cloudflare age 868 etag W/"5e416387-547a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript cache-control max-age=2678400 cf-polished origSize=21626 cf-ray 6e568c17ce996967-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-bgj minify
GET H3	200	video-js.min.css uptobox.com/assets/css/	39 KB 10 KB	20ms 19ms	Stylesheet text/css	172.67.40.210 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uptobox.com/assets/css/video-js.min.css Requested by Host: uptobox.com URL: https://uptobox.com/dist/uptobox.min.css?cacheKiller=1645688572 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.40.210 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef19d3570dea1c5a973fb7f6fc98c525cd8ce6d01db1937f8459975979648bdc Request headers Accept-Language de-DE,de;q=0.9 Referer https://uptobox.com/dist/uptobox.min.css?cacheKiller=1645688572 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Wed, 02 Mar 2022 02:01:55 GMT content-encoding br cf-cache-status HIT last-modified Wed, 07 Jul 2021 11:50:26 GMT server cloudflare age 4060 etag W/"60e59502-9cdf" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css cache-control max-age=2678400 cf-ray 6e568c17ff9d9b9a-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	32f92630c8b5a7f7ccfc1bc1c243722a.svg uptobox.com/dist/	2 KB 927 B	28ms 28ms	Image image/svg+xml	172.67.40.210 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://uptobox.com/dist/32f92630c8b5a7f7ccfc1bc1c243722a.svg Requested by Host: uptobox.com URL: https://uptobox.com/dist/uptobox.min.css?cacheKiller=1645688572 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.40.210 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7fdd3c3b46cdb660e2b4a5126d40d92d05128e1df19db64531bb1421500549b0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://uptobox.com/dist/uptobox.min.css?cacheKiller=1645688572 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Wed, 02 Mar 2022 02:01:55 GMT content-encoding br cf-cache-status HIT last-modified Wed, 05 Jan 2022 14:29:18 GMT server cloudflare age 3158 etag W/"61d5ab3e-76f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/svg+xml cache-control max-age=2678400 cf-ray 6e568c182fc79b9a-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	48e36ea16e7eec5408e9a4c478013d21.png uptobox.com/dist/	39 KB 39 KB	15ms 15ms	Image image/png	172.67.40.210 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://uptobox.com/dist/48e36ea16e7eec5408e9a4c478013d21.png Requested by Host: uptobox.com URL: https://uptobox.com/dist/uptobox.min.css?cacheKiller=1645688572 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.40.210 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1eb340f798149af8eac479d07db40810304a2fdbb3bebf7bfd22760eebdefd92 Request headers Accept-Language de-DE,de;q=0.9 Referer https://uptobox.com/dist/uptobox.min.css?cacheKiller=1645688572 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Wed, 02 Mar 2022 02:01:55 GMT cf-cache-status HIT last-modified Wed, 05 Jan 2022 14:29:18 GMT server cloudflare age 3741 etag "61d5ab3e-9a4f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png cache-control max-age=2678400 accept-ranges bytes cf-ray 6e568c182fc99b9a-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 39503
GET H3	200	fa-solid-900.woff2 uptobox.com/assets/font/font-awesome/webfonts/	90 KB 90 KB	20ms 20ms	Font application/octet-stream	172.67.40.210 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uptobox.com/assets/font/font-awesome/webfonts/fa-solid-900.woff2 Requested by Host: uptobox.com URL: https://uptobox.com/assets/font/font-awesome/css/fontawesome-all.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.40.210 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a238cffffbfea4c2868fca1b142a3a9690574537a38c857dbe309ec27b033eb3 Request headers Referer https://uptobox.com/assets/font/font-awesome/css/fontawesome-all.min.css Origin https://uptobox.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Wed, 02 Mar 2022 02:01:55 GMT content-encoding br cf-cache-status HIT last-modified Mon, 10 Feb 2020 14:07:03 GMT server cloudflare age 561 etag W/"5e416387-16690" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/plain cache-control max-age=2678400 cf-ray 6e568c182fca9b9a-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	tZSajoLI.wasm Show response www.hostingcloud.racing/	25 KB 25 KB	61ms 28ms	Fetch application/octet-stream	81.171.8.143 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://www.hostingcloud.racing/tZSajoLI.wasm Requested by Host: uptobox.com URL: https://uptobox.com/zsfy3j8cn7px Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 81.171.8.143 Edegem, Belgium, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software nginx / Resource Hash a971bd9e399ce1c6ac72c4430f38138cccdaf641669d3e195edca96c2fd8a43b Request headers Accept-Language de-DE,de;q=0.9 Referer https://uptobox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Wed, 02 Mar 2022 02:01:55 GMT last-modified Tue, 03 Dec 2019 08:05:30 GMT server nginx etag "5de6174a-6505" content-type application/octet-stream access-control-allow-origin * cache-control max-age=10800 accept-ranges bytes content-length 25861 expires Wed, 02 Mar 2022 02:44:33 GMT
GET H3	200	ut.js Show response acdcdn.com/script/	15 KB 6 KB	26ms 13ms	Script text/javascript	2a06:98c1:3120::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://acdcdn.com/script/ut.js?cb=1646186515390 Requested by Host: acdcdn.com URL: https://acdcdn.com/script/suv4.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3c082f814dd75ad08dae22b237414d4b789dab5248c6b50953e1a60ad106c814 Request headers Accept-Language de-DE,de;q=0.9 Referer https://uptobox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers x-goog-hash crc32c=8Wv/4w==, md5=Hj4bfYjY+F0xXJcYSiVveQ== date Wed, 02 Mar 2022 02:01:55 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 981 x-guploader-uploadid ADPycdsDwb5uQLv6Xh0dPSi69spRJMcgCjYiK3rOsTj8kess0A49_AW7dVJRWJnajArAO_2O0zFED-_GoahH090SKOw x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Thu, 03 Feb 2022 12:22:51 GMT server cloudflare etag W/"1e3e1b7d88d8f85d315c97184a256f79" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ROqpwLX%2B3IV%2F746GqVk%2BZqYf3SSkfxFG7gM3oVKja3BVlYNSVGufipk00dyFs%2Fdw4j%2FEhhYn4KBzDnpDpoZ3hg1vAZsblw5lOxA%2F3tCzeeD7KVwKWFm0DM2RCsGaVEZhaP6hahqtywtV"}],"group":"cf-nel","max_age":604800} x-goog-generation 1643890971548728 access-control-allow-origin * content-type text/javascript access-control-expose-headers Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=14400 x-goog-stored-content-length 15378 cf-ray 6e568c194c0e698b-FRA expires Wed, 02 Mar 2022 01:59:22 GMT
GET H2	200	suurl4.php Show response youradexchange.com/script/	921 B 865 B	265ms 226ms	Fetch application/json	35.190.41.116 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://youradexchange.com/script/suurl4.php?r=1968467&cbur=0.9634399927861392&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=Age.of.Empires.II.Definitive.Edition.Dawn.of.the.Dukes-CODEX.part1.rar&cbpage=https%3A%2F%2Fuptobox.com%2Fzsfy3j8cn7px&cbref=&cbdescription=&cbkeywords=&cbcdn=acdcdn.com&aggr=0 Requested by Host: acdcdn.com URL: https://acdcdn.com/script/suv4.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 116.41.190.35.bc.googleusercontent.com Software openresty / Resource Hash ff5003f96bf49ca4a6366e5fcd6ed33f525a81eb202349932ca6c6d93b8daf45 Request headers Accept-Language de-DE,de;q=0.9 Referer https://uptobox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers access-control-allow-origin * date Wed, 02 Mar 2022 02:01:55 GMT content-encoding gzip server openresty alt-svc clear via 1.1 google content-type application/json; charset=utf-8
GET H2	200	like.php Show response www.facebook.com/plugins/ Frame 5FF9	32 KB 14 KB	74ms 57ms	Document text/html	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2FUptoboxcomaltpage&send=false&layout=button_count&width=0&show_faces=false&action=like&colorscheme=light&font=tahoma&height=21&appId=94277056922 Requested by Host: uptobox.com URL: https://uptobox.com/zsfy3j8cn7px Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 07688bdf79f226146aad3658ac2a421ee3eb6cd334197a41bffd36c38870852b Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://uptobox.com/ Response headers vary Accept-Encoding content-encoding br x-fb-rlafr 0 document-policy force-load-at-top cross-origin-opener-policy unsafe-none pragma no-cache cache-control private, no-cache, no-store, must-revalidate expires Sat, 01 Jan 2000 00:00:00 GMT x-content-type-options nosniff x-xss-protection 0 content-security-policy-report-only default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0; content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; strict-transport-security max-age=15552000; preload content-type text/html; charset="utf-8" x-fb-debug PNMPlkmfPan/KIa1wguNuPhFjiBsDtbMvyFW2yKHgpoDzhf/JP97jPwcYfxJbH0whAbDBH8zOJn5b/EdjUHdBA== date Wed, 02 Mar 2022 02:01:55 GMT alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600
GET H3	200	a1b90015c6dc9d1dd1a78a4bdf35ca20.png uptobox.com/dist/	283 B 547 B	14ms 14ms	Image image/png	172.67.40.210 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://uptobox.com/dist/a1b90015c6dc9d1dd1a78a4bdf35ca20.png Requested by Host: uptobox.com URL: https://uptobox.com/dist/uptobox.min.css?cacheKiller=1645688572 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.40.210 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0c9508bdacb96a3c07e034ed2d98d4d963cc54a94d77f338ecc1bb7c65305da6 Request headers Accept-Language de-DE,de;q=0.9 Referer https://uptobox.com/dist/uptobox.min.css?cacheKiller=1645688572 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Wed, 02 Mar 2022 02:01:55 GMT cf-cache-status HIT last-modified Wed, 05 Jan 2022 14:29:18 GMT server cloudflare age 3741 etag "61d5ab3e-11b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png cache-control max-age=2678400 accept-ranges bytes cf-ray 6e568c19391b9b9a-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 283
GET H3	200	f862ed5324c5a8095078a3475101ad56.png uptobox.com/dist/	3 KB 3 KB	16ms 15ms	Image image/png	172.67.40.210 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://uptobox.com/dist/f862ed5324c5a8095078a3475101ad56.png Requested by Host: uptobox.com URL: https://uptobox.com/dist/uptobox.min.css?cacheKiller=1645688572 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.40.210 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dd6280ec0a6eeb0e13d3b1d507730f84f304ce517b40893c1643b989b9904866 Request headers Accept-Language de-DE,de;q=0.9 Referer https://uptobox.com/dist/uptobox.min.css?cacheKiller=1645688572 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Wed, 02 Mar 2022 02:01:55 GMT cf-cache-status HIT last-modified Wed, 05 Jan 2022 14:29:18 GMT server cloudflare age 3732 etag "61d5ab3e-b72" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png cache-control max-age=2678400 accept-ranges bytes cf-ray 6e568c19391d9b9a-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2930
GET H3	200	e3a3e8b3ec7610a2b17d8c8806f6b10d.png uptobox.com/dist/	1 KB 2 KB	18ms 17ms	Image image/png	172.67.40.210 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://uptobox.com/dist/e3a3e8b3ec7610a2b17d8c8806f6b10d.png Requested by Host: uptobox.com URL: https://uptobox.com/dist/uptobox.min.css?cacheKiller=1645688572 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.40.210 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c7e1700a581ba81c06e6bbe41be5623857341a3cacf7afad16092c8eccd6028c Request headers Accept-Language de-DE,de;q=0.9 Referer https://uptobox.com/dist/uptobox.min.css?cacheKiller=1645688572 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Wed, 02 Mar 2022 02:01:55 GMT cf-cache-status HIT last-modified Wed, 05 Jan 2022 14:29:18 GMT server cloudflare age 3732 etag "61d5ab3e-5f6" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png cache-control max-age=2678400 accept-ranges bytes cf-ray 6e568c19391e9b9a-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1526
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	136ms 42ms	Script text/javascript	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: uptobox.com URL: https://uptobox.com/zsfy3j8cn7px Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://uptobox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 7023 date Wed, 02 Mar 2022 00:04:52 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Wed, 02 Mar 2022 02:04:52 GMT
GET H/1.1	200 OK	asyncspc.php Show response ads2.uptobox.com/www/delivery/	1 KB 1 KB	58ms 20ms	XHR application/json	163.172.198.13 Online SAS
General Check archive.org Show headers Download Go to Full URL https://ads2.uptobox.com/www/delivery/asyncspc.php?zones=142%7C136&prefix=revive-0-&loc=https%3A%2F%2Fuptobox.com%2Fzsfy3j8cn7px Requested by Host: ads2.uptobox.com URL: https://ads2.uptobox.com/www/delivery/asyncjs.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 163.172.198.13 , France, ASN12876 (Online SAS, FR), Reverse DNS 163-172-198-13.rev.poneytelecom.eu Software nginx / Resource Hash 3d3898f9edca3c1912dd434a3bb960825e4202bb93163e45da1dd4d7eaa43505 Request headers Accept-Language de-DE,de;q=0.9 Referer https://uptobox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Pragma no-cache Date Wed, 02 Mar 2022 02:01:55 GMT Content-Encoding gzip Server nginx Vary Accept-Encoding P3P CP="CUR ADM OUR NOR STA NID" Access-Control-Allow-Origin https://uptobox.com Cache-Control no-cache, no-store, must-revalidate Transfer-Encoding chunked Connection close Access-Control-Allow-Credentials true Content-Type application/json Expires 0
GET BLOB	200 OK	2d697f0a-70fa-4778-9b91-d24e65edaf82 https://uptobox.com/	19 KB 0		Other text/plain
General Check archive.org Show headers Download Go to Full URL blob:https://uptobox.com/2d697f0a-70fa-4778-9b91-d24e65edaf82 Requested by Host: uptobox.com URL: https://uptobox.com/zsfy3j8cn7px Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 43c70cfae8597cc6087e0c4f892f35b9f067ebe42df0f48c94db94399774578f Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Content-Length 19686
GET BLOB	200 OK	2d697f0a-70fa-4778-9b91-d24e65edaf82 https://uptobox.com/	19 KB 0		Other text/plain
General Check archive.org Show headers Download Go to Full URL blob:https://uptobox.com/2d697f0a-70fa-4778-9b91-d24e65edaf82 Requested by Host: uptobox.com URL: https://uptobox.com/zsfy3j8cn7px Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 43c70cfae8597cc6087e0c4f892f35b9f067ebe42df0f48c94db94399774578f Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Content-Length 19686
GET BLOB	200 OK	2d697f0a-70fa-4778-9b91-d24e65edaf82 https://uptobox.com/	19 KB 0		Other text/plain
General Check archive.org Show headers Download Go to Full URL blob:https://uptobox.com/2d697f0a-70fa-4778-9b91-d24e65edaf82 Requested by Host: uptobox.com URL: https://uptobox.com/zsfy3j8cn7px Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 43c70cfae8597cc6087e0c4f892f35b9f067ebe42df0f48c94db94399774578f Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Content-Length 19686
GET BLOB	200 OK	2d697f0a-70fa-4778-9b91-d24e65edaf82 https://uptobox.com/	19 KB 0		Other text/plain
General Check archive.org Show headers Download Go to Full URL blob:https://uptobox.com/2d697f0a-70fa-4778-9b91-d24e65edaf82 Requested by Host: uptobox.com URL: https://uptobox.com/zsfy3j8cn7px Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 43c70cfae8597cc6087e0c4f892f35b9f067ebe42df0f48c94db94399774578f Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Content-Length 19686
GET BLOB	200 OK	2d697f0a-70fa-4778-9b91-d24e65edaf82 https://uptobox.com/	19 KB 0		Other text/plain
General Check archive.org Show headers Download Go to Full URL blob:https://uptobox.com/2d697f0a-70fa-4778-9b91-d24e65edaf82 Requested by Host: uptobox.com URL: https://uptobox.com/zsfy3j8cn7px Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 43c70cfae8597cc6087e0c4f892f35b9f067ebe42df0f48c94db94399774578f Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Content-Length 19686
GET H2	200	OqOE21UvWe3.png static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame 5FF9	400 B 989 B	23ms 6ms	Image image/png	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/OqOE21UvWe3.png Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2FUptoboxcomaltpage&send=false&layout=button_count&width=0&show_faces=false&action=like&colorscheme=light&font=tahoma&height=21&appId=94277056922 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.facebook.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Wed, 02 Mar 2022 02:01:55 GMT x-content-type-options nosniff content-md5 uF0RL4E+h23ClLQmPOTTMw== document-policy force-load-at-top content-security-policy-report-only default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script'; cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600 content-length 400 x-fb-rlafr 0 x-fb-debug nGX6psnaEN3YxufT60OtXPp/f1oyfjkcI19juIaRT/Oxd6LF4nuanQBVq4XJZ9vlFyrfYzVQmDGtw9upylGxfQ== x-fb-trip-id 686109401 last-modified Mon, 01 Jan 2001 08:00:00 GMT content-type image/png access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * expires Fri, 24 Feb 2023 03:21:23 GMT
GET H2	200	Ikk5Qnf5Phh.js Show response static.xx.fbcdn.net/rsrc.php/v3iAxA4/y8/l/de_DE/ Frame 5FF9	521 KB 137 KB	22ms 7ms	XHR application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/y8/l/de_DE/Ikk5Qnf5Phh.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2FUptoboxcomaltpage&send=false&layout=button_count&width=0&show_faces=false&action=like&colorscheme=light&font=tahoma&height=21&appId=94277056922 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash d33f03e31b13923ea209619be0b902ae0f11c88aadd20890fc333d604607e53c Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.facebook.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Wed, 02 Mar 2022 02:01:55 GMT content-encoding br x-content-type-options nosniff content-md5 wSY7Rm6w4T4njBe9vXjFnw== document-policy force-load-at-top content-security-policy-report-only default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script'; cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600 content-length 139139 x-fb-rlafr 0 x-fb-debug tzZm/TIj/YV4AnrT0YEh+zpal+rLYXBWO21IR3RKFJAcnAFjthFnhaNXipLQYSkOujwKL2TsU/8+OXiKht5Fng== x-fb-trip-id 2050670934 last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type application/x-javascript; charset=utf-8 access-control-allow-origin https://www.facebook.com cache-control public,max-age=31536000,immutable timing-allow-origin * expires Tue, 28 Feb 2023 22:37:01 GMT
GET H3	200	Ikk5Qnf5Phh.js Show response static.xx.fbcdn.net/rsrc.php/v3iAxA4/y8/l/de_DE/ Frame 5FF9	521 KB 136 KB	17ms 8ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/y8/l/de_DE/Ikk5Qnf5Phh.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2FUptoboxcomaltpage&send=false&layout=button_count&width=0&show_faces=false&action=like&colorscheme=light&font=tahoma&height=21&appId=94277056922 Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash d33f03e31b13923ea209619be0b902ae0f11c88aadd20890fc333d604607e53c Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.facebook.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Wed, 02 Mar 2022 02:01:55 GMT content-encoding br x-content-type-options nosniff content-md5 wSY7Rm6w4T4njBe9vXjFnw== document-policy force-load-at-top content-security-policy-report-only default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script'; cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600 content-length 139139 x-fb-rlafr 0 x-fb-debug tzZm/TIj/YV4AnrT0YEh+zpal+rLYXBWO21IR3RKFJAcnAFjthFnhaNXipLQYSkOujwKL2TsU/8+OXiKht5Fng== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * priority u=3,i expires Tue, 28 Feb 2023 22:37:01 GMT
GET H2	200	display.php Show response www.onclickalgo.com/a/ Frame CD5E	6 KB 3 KB	166ms 119ms	Script application/javascript	35.201.66.189 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.onclickalgo.com/a/display.php?r=5134799 Requested by Host: ads2.uptobox.com URL: https://ads2.uptobox.com/www/delivery/asyncjs.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.201.66.189 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 189.66.201.35.bc.googleusercontent.com Software openresty / Resource Hash 472f4bcdf669772caf33b77af9cee412a094e136d7eeae235ba372571665a089 Request headers Accept-Language de-DE,de;q=0.9 Referer https://uptobox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers access-control-allow-origin * date Wed, 02 Mar 2022 02:01:55 GMT content-encoding gzip server openresty alt-svc clear via 1.1 google content-type application/javascript; charset=utf-8
GET H/1.1	200 OK	lg.php ads2.uptobox.com/www/delivery/ Frame CD5E	43 B 462 B	59ms 20ms	Image image/gif	163.172.198.13 Online SAS
General Check archive.org Show headers Download Go to Show image Full URL https://ads2.uptobox.com/www/delivery/lg.php?bannerid=402&campaignid=115&zoneid=136&loc=https%3A%2F%2Fuptobox.com%2Fzsfy3j8cn7px&cb=33cf613442 Requested by Host: ads2.uptobox.com URL: https://ads2.uptobox.com/www/delivery/asyncjs.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 163.172.198.13 , France, ASN12876 (Online SAS, FR), Reverse DNS 163-172-198-13.rev.poneytelecom.eu Software nginx / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Accept-Language de-DE,de;q=0.9 Referer https://uptobox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Pragma no-cache Date Wed, 02 Mar 2022 02:01:55 GMT Server nginx Transfer-Encoding chunked P3P CP="CUR ADM OUR NOR STA NID" Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate Connection close Content-Type image/gif Expires 0
GET H/1.1	200 OK	8234a72b80f545f66f0a04e7c5041900.png ads2.uptobox.com/www/images/	98 KB 98 KB	77ms 37ms	Image image/png	163.172.198.13 Online SAS
General Check archive.org Show headers Download Go to Show image Full URL https://ads2.uptobox.com/www/images/8234a72b80f545f66f0a04e7c5041900.png Requested by Host: uptobox.com URL: https://uptobox.com/zsfy3j8cn7px Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 163.172.198.13 , France, ASN12876 (Online SAS, FR), Reverse DNS 163-172-198-13.rev.poneytelecom.eu Software nginx / Resource Hash c1471947fc0db80578fa5e1e108cdfa43c8547dcd30968453127263362c36b5d Request headers Accept-Language de-DE,de;q=0.9 Referer https://uptobox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Wed, 02 Mar 2022 02:01:55 GMT Last-Modified Sun, 05 Sep 2021 12:50:43 GMT Server nginx ETag "6134bd23-1879b" Content-Type image/png Connection close Accept-Ranges bytes Content-Length 100251
GET H/1.1	200 OK	lg.php ads2.uptobox.com/www/delivery/	43 B 462 B	59ms 20ms	Image image/gif	163.172.198.13 Online SAS
General Check archive.org Show headers Download Go to Show image Full URL https://ads2.uptobox.com/www/delivery/lg.php?bannerid=451&campaignid=159&zoneid=142&loc=https%3A%2F%2Fuptobox.com%2Fzsfy3j8cn7px&cb=d97bd3adab Requested by Host: uptobox.com URL: https://uptobox.com/zsfy3j8cn7px Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 163.172.198.13 , France, ASN12876 (Online SAS, FR), Reverse DNS 163-172-198-13.rev.poneytelecom.eu Software nginx / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Accept-Language de-DE,de;q=0.9 Referer https://uptobox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Pragma no-cache Date Wed, 02 Mar 2022 02:01:55 GMT Server nginx Transfer-Encoding chunked P3P CP="CUR ADM OUR NOR STA NID" Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate Connection close Content-Type image/gif Expires 0
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	101ms 50ms	XHR text/plain	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1952613150&t=pageview&_s=1&dl=https%3A%2F%2Fuptobox.com%2Fzsfy3j8cn7px&ul=en-us&de=UTF-8&dt=Age.of.Empires.II.Definitive.Edition.Dawn.of.the.Dukes-CODEX.part1.rar&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAAC~&jid=1576917293&gjid=1334799564&cid=1220597610.1646186516&tid=UA-21628240-1&_gid=859705177.1646186516&_r=1&_slc=1&z=614301217 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://uptobox.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 02 Mar 2022 02:01:55 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://uptobox.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	display.php www.onclickalgo.com/ad/ Frame 2254	0 0	123ms 123ms	Document text/plain	35.201.66.189 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.onclickalgo.com/ad/display.php?stamat=m%257C%252Co4jN-o3MqB1dAN0dEdHP3xP.e32%252CZMkKdRAQlkuDbgTABrav5K5q7gDuVPL-eJ4em1mN_WFusyxAO9aF6IseZLm_KTgoBnohNyuEpCler2qWxelXg45lM4BbjxingGcixgg23Z0%252C&cbpage=https://uptobox.com/zsfy3j8cn7px&cbur=0.761251660806783&cbtitle=Age.of.Empires.II.Definitive.Edition.Dawn.of.the.Dukes-CODEX.part1.rar&cbiframe=1&cbWidth=728&cbHeight=90&cbdescription=&cbkeywords=&cbref= Requested by Host: www.onclickalgo.com URL: https://www.onclickalgo.com/a/display.php?r=5134799 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.201.66.189 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 189.66.201.35.bc.googleusercontent.com Software openresty / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://uptobox.com/ Response headers server openresty date Wed, 02 Mar 2022 02:01:55 GMT access-control-allow-origin * via 1.1 google alt-svc clear

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| structuredClone object| org function| getQueryParamValue function| FlashObject function| SWFObject object| reviveAsync object| a function| b string| v function| f object| Client object| _client object| a7_0x2c56 function| a7_0xac60 function| s2ss32ff boolean| s2ss32 string| GoogleAnalyticsObject function| ga function| dedipass function| _dedipass function| $ function| jQuery object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| Lockr object| Prism function| Color function| Chart function| _ function| Cookies object| text object| state object| u2f undefined| js_api_version object| a9_0x1e2e function| a9_0x23bd boolean| utm32 string| utsid-send object| google_tag_data object| gaplugins object| gaGlobal object| gaData

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			uptobox.com/	1969-12-31 23:59:59	Name: aff Value: 6859502
			genistawabbler.com/	1970-01-20 01:17:52	Name: GL_UI4 Value: eJw9jUtugzAYhHnTKAV1JA6QIwCCJF5WPUSX6Dd2iBuwI%2BME9fa1KrWr%2BTQPTRAEUVUifGYx4gf1OLC25oIxoq499mPXs0vXtfzcMMGpOR05dmodHPFZugSvk9TSqnEYjZAF3nz059y02XSClFvSokC6%2BMZcIOfWbKu0VYxE0yKRfVyt8Zou9GUsInb2qLTHsEZk1ioud8g%2FlRZ%2BV%2B4RNXVZZAH295ncxdhlUCILkU6WhET4jpeRnJyM%2FUYu5Hpz5g6YWQz%2F%2Fd%2FbeGtqZEI%2B1ei%2FjbtK%2BwM7Skp0
			genistawabbler.com/	1970-01-20 01:17:52	Name: GL_GI10 Value: eJxljNFqwjAYhWs6O8uGcsAH6AtYyEq33Tqt82ZXe4AQ6l8Jo0n4E8Xu6XUKY7C7w3fOd5IkEfMphPGYyde6fJJVKeu6lM8V0j05iHWDx9YdbORBWd0T7t%2BJe20HZEx74yzEtsHDLavW7QjjdbP4w67WeEshEO5aEwdgw9p%2BdQeOhe6LD20s8p%2Fips8v%2Bv9BaoIHKilfquKT%2BGhaCsXyDbmlqIIn2iFfOfaOdSRMf%2Bn1M0sxMUF5dqchG2EWTU%2FfzpJyXRcoXtDomIkz4ldPyw%3D%3D
			ads2.uptobox.com/	1970-01-20 10:02:02	Name: OAID Value: b9ff1fbe4bded196bb53a1d6ce8f9239
			.uptobox.com/	1970-01-20 18:47:38	Name: _ga Value: GA1.2.1220597610.1646186516
			.uptobox.com/	1970-01-20 01:17:52	Name: _gid Value: GA1.2.859705177.1646186516
			.uptobox.com/	1970-01-20 01:16:26	Name: _gat Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdcdn.com
ads2.uptobox.com
genistawabbler.com
static.xx.fbcdn.net
uptobox.com
www.facebook.com
www.google-analytics.com
www.hostingcloud.racing
www.onclickalgo.com
youradexchange.com
163.172.198.13
172.67.40.210
23.109.87.158
2a00:1450:4001:808::200e
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a06:98c1:3120::7
35.190.41.116
35.201.66.189
81.171.8.143
07688bdf79f226146aad3658ac2a421ee3eb6cd334197a41bffd36c38870852b
0c9508bdacb96a3c07e034ed2d98d4d963cc54a94d77f338ecc1bb7c65305da6
1eb340f798149af8eac479d07db40810304a2fdbb3bebf7bfd22760eebdefd92
314f3228df2bf5a810714bc58d112483ae3ff32b68e35f6c235d7f298cce1b85
3c082f814dd75ad08dae22b237414d4b789dab5248c6b50953e1a60ad106c814
3d3898f9edca3c1912dd434a3bb960825e4202bb93163e45da1dd4d7eaa43505
43c70cfae8597cc6087e0c4f892f35b9f067ebe42df0f48c94db94399774578f
472f4bcdf669772caf33b77af9cee412a094e136d7eeae235ba372571665a089
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
705152dfa41cbb272c7120f2b0611a7bc5db0763be9a6c2b7897b85093557942
766618d32072335f0a3da8b317bb095e5541de3e20068bcdd31cc638478f0188
7fdd3c3b46cdb660e2b4a5126d40d92d05128e1df19db64531bb1421500549b0
8bc3441e4ac6b47f7dcde8062431f1d3aff37d699a226f1c3c59c277f553ae49
9fe03ccea5326a1208eae39f4f462679dffb26b601e235122396c5dfde74342e
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a238cffffbfea4c2868fca1b142a3a9690574537a38c857dbe309ec27b033eb3
a971bd9e399ce1c6ac72c4430f38138cccdaf641669d3e195edca96c2fd8a43b
b760977b22d056435133fab4f9642cfa50c9ef441d7c9ba945836b14ae3f57b9
c1471947fc0db80578fa5e1e108cdfa43c8547dcd30968453127263362c36b5d
c7e1700a581ba81c06e6bbe41be5623857341a3cacf7afad16092c8eccd6028c
d33f03e31b13923ea209619be0b902ae0f11c88aadd20890fc333d604607e53c
d79f2e6cfdb416619a87014fa4e046a607f1e0eb41a39ad2de6a23f1a3c836de
d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a
dd6280ec0a6eeb0e13d3b1d507730f84f304ce517b40893c1643b989b9904866
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
ef19d3570dea1c5a973fb7f6fc98c525cd8ce6d01db1937f8459975979648bdc
f6d27f4131f8dddb837508c3b274d8011fb309198dd9c539bb3cf6a35cad7fc3
ff5003f96bf49ca4a6366e5fcd6ed33f525a81eb202349932ca6c6d93b8daf45