urlscan.io logo urlscan.io
SecurityTrails logo

upimg.com Open in urlscan Pro
188.114.96.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://upimg.com/
Effective URL: https://upimg.com/
Submission: On October 08 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 6 domains to perform 23 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is upimg.com.
TLS certificate: Issued by WE1 on August 28th 2024. Valid for: 3 months.
This is the only time upimg.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

6    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
upimg.com
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
pagead2.googlesyndication.com
1    142.250.185.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f3.1e100.net
fonts.gstatic.com
2    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Apex Domain
Subdomains		 Transfer
10 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
tpc.googlesyndication.com — Cisco Umbrella Rank: 163
207 KB
6 upimg.com
upimg.com
157 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
region1.google-analytics.com — Cisco Umbrella Rank: 3643
22 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
95 KB
1 gstatic.com
fonts.gstatic.com
18 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
1 KB
23 6
Domain Requested by
8 pagead2.googlesyndication.com upimg.com
pagead2.googlesyndication.com
6 upimg.com upimg.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 www.google-analytics.com upimg.com
www.google-analytics.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com www.google-analytics.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com upimg.com
23 8

This site contains no links.

Subject Issuer Validity Valid
upimg.com
WE1		 2024-08-28 -
2024-11-26		 3 months crt.sh
upload.video.google.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
*.gstatic.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
*.google-analytics.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://upimg.com/
Frame ID: 4981BBCF04E791A9F8B71BDD2CFA06CA
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20241007/r20190131/zrt_lookup_fy2021.html
Frame ID: 5C9375FDF6B9C436EEC0DE4AAC3546E4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-4410301629861410&output=html&h=200&slotname=7448953990&adk=893211949&adf=2635886784&pi=t.ma~as.7448953990&w=1200&abgtt=3&fwrn=4&lmt=1522709780&rafmt=11&format=1200x200&url=https%3A%2F%2Fupimg.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1728430447355&bpp=5&bdt=258&idt=96&shv=r20241007&mjsv=m202410030101&ptt=9&saldr=aa&abxe=1&eoidce=1&correlator=4171842185502&frm=20&pv=2&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=72&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95342016%2C95343328%2C95343455%2C95344188%2C31087854%2C95337196&oid=2&pvsid=2502606830738411&tmod=2074371962&uas=0&nvt=1&fc=896&brdim=80%2C80%2C80%2C80%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=120
Frame ID: C23F66D1438C6F9F10CA5DC5C042B5CD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-4410301629861410&output=html&h=200&slotname=7448953990&adk=940942437&adf=691491806&pi=t.ma~as.7448953990&w=1200&abgtt=3&fwrn=4&lmt=1522709780&rafmt=11&format=1200x200&url=https%3A%2F%2Fupimg.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1728430447360&bpp=1&bdt=263&idt=136&shv=r20241007&mjsv=m202410030101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=1200x200&correlator=4171842185502&frm=20&pv=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=616&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95342016%2C95343328%2C95343455%2C95344188%2C31087854%2C95337196&oid=2&pvsid=2502606830738411&tmod=2074371962&uas=0&nvt=1&fc=896&brdim=80%2C80%2C80%2C80%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=2&uci=a!2&fsb=1&dtd=144
Frame ID: F46CCC5F04AB7E175E0DE6FF17A96A46
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-4410301629861410&output=html&adk=1812271804&adf=3025194257&abgtt=3&lmt=1522709780&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fupimg.com%2F&pra=7&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&itsi=-1&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1728430447363&bpp=2&bdt=266&idt=155&shv=r20241007&mjsv=m202410030101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=1200x200%2C1200x200&nras=1&correlator=4171842185502&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95342016%2C95343328%2C95343455%2C95344188%2C31087854%2C95337196&oid=2&pvsid=2502606830738411&tmod=2074371962&uas=0&nvt=1&fsapi=1&fc=896&brdim=80%2C80%2C80%2C80%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=3&uci=a!3&fsb=1&dtd=166
Frame ID: 56EA528311A71AC89EC4006A455C78CF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html
Frame ID: 64E0B44B49E683F51E21D6AC8B97B2CB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Images Cloud

Page URL History Show full URLs

  1. http://upimg.com/ HTTP 307
    https://upimg.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

23
Requests

96 %
HTTPS

63 %
IPv6

6
Domains

8
Subdomains

9
IPs

3
Countries

500 kB
Transfer

1496 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://upimg.com/ HTTP 307
    https://upimg.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
upimg.com/
Redirect Chain
  • http://upimg.com/
  • https://upimg.com/
22 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://upimg.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24a068a7f5fdbd4945ad607a3226d09562bba094b0c7a2bf47ccf7bdece51522

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age
31031
cf-cache-status
DYNAMIC
cf-ray
8cf9f095a8aa6680-AMS
content-encoding
br
content-type
text/html
date
Tue, 08 Oct 2024 23:34:07 GMT
last-modified
Mon, 02 Apr 2018 22:56:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aRKDLoJ4BLbD3VlywVLWgHFbukekWww06PVYZlxeqkiGiuHW8JhfdKgUKS5%2FZpsqkxuk%2Fc5WXTih%2F3OQl3oeoH3IGBG4tuug2G8vy7XMXLANH3og6DsweeMKRqQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
via
1.1 e2415f0dddb9778029172ab73eec1388.cloudfront.net (CloudFront)
x-amz-cf-id
d9P5saoJJyuHCX4E3J4OXUM_asTwRp8Psf_IPtVorcvq-l28SfNp8A==
x-amz-cf-pop
AMS58-P4
x-cache
Hit from cloudfront

Redirect headers

Location
https://upimg.com/
Non-Authoritative-Reason
HttpsUpgrades
speculation
upimg.com/cdn-cgi/ 		128 B
526 B 		Other
General
Check archive.org
Download Go to
Full URL
https://upimg.com/cdn-cgi/speculation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://upimg.com
Referer
https://upimg.com/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mX9giUyDhJvD28AwM8jPuIrqeqHBCe7U0Rbt6bNCZELWzOtjMzGbFUub6bFujLFYTNAcav8zZ8qOIAaluq7vFChSOWOOOMPhGgCETSa7Hstj99DoXXkVxVH9GoM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cf9f09669a66680-AMS
access-control-allow-origin
https://upimg.com
content-length
128
date
Tue, 08 Oct 2024 23:34:07 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
index.js
upimg.com/_next/ac15eb75-0a45-48bb-acc9-66f59d640157/page/ 		347 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://upimg.com/_next/ac15eb75-0a45-48bb-acc9-66f59d640157/page/index.js
Requested by
Host: upimg.com
URL: https://upimg.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f35ac51474c8d86fbea961b7fa3acfefa059407ff114dc185cb8682060b677e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://upimg.com/

Response headers

content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"6c1493df65f73ba8eca30e78e4795969"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rlICn4onTwgxVeIRWi0bKRXJ0ckC9cv3nsB9hNNV7m473vdw7eIxe28rebtbWJgndqVGmytGgX65p9f0lJ9bvLar4n8iBHIoGFWl83yOVtW%2FqAAGStJrZiLS6L0%3D"}],"group":"cf-nel","max_age":604800}
x-cache
Miss from cloudfront
x-amz-cf-id
6OY1P7uf6eu8BPFX5yJ2ZbuECDZYd1nfhnAefrl7rTXtEx6VZqVgEg==
date
Tue, 08 Oct 2024 23:34:07 GMT
content-type
application/javascript
last-modified
Mon, 02 Apr 2018 22:56:20 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 983a038711eb4948a85355a04c2ba67c.cloudfront.net (CloudFront)
cf-ray
8cf9f09669a76680-AMS
x-amz-cf-pop
AMS58-P4
server
cloudflare
_error.js
upimg.com/_next/ac15eb75-0a45-48bb-acc9-66f59d640157/page/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://upimg.com/_next/ac15eb75-0a45-48bb-acc9-66f59d640157/page/_error.js
Requested by
Host: upimg.com
URL: https://upimg.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35e5a047096b60ecd3932146ec6d6123db03561c7b39324630b43d6dfc301303

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://upimg.com/

Response headers

content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"c16051f3e26989f934e568eb4c1fa90f"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KZJs5Ec1jex9Z6i92%2FDMiWPP4YG6oZv7fKZiHphu9RBdUZSWPVBE4aBdQXoyQxwlWy3Pk71ASVSvaYe0YwA%2FBmimjwI02t6AnDFf8h60NwrrnPWd6PQDZE%2Fr6iA%3D"}],"group":"cf-nel","max_age":604800}
x-cache
Miss from cloudfront
x-amz-cf-id
0xY5tgVHjmV_JpWpav3Ccu7Ker_qY4T4YaWX57WAvpCGIRQNBeiAiQ==
date
Tue, 08 Oct 2024 23:34:07 GMT
content-type
application/javascript
last-modified
Mon, 02 Apr 2018 22:56:20 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 0f98b23785e0aac311e2d09ea5460eb8.cloudfront.net (CloudFront)
cf-ray
8cf9f09669a86680-AMS
x-amz-cf-pop
AMS58-P4
server
cloudflare
app.js
upimg.com/_next/66519faebf66002a90acaa895894cf99/ 		179 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://upimg.com/_next/66519faebf66002a90acaa895894cf99/app.js
Requested by
Host: upimg.com
URL: https://upimg.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
737614bb7572050e51543b6ff0fc39643776b5c61faadc0e9ab5a35807ef04fa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://upimg.com/

Response headers

content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"66519faebf66002a90acaa895894cf99"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K%2FNZNBMdvjGsKh4g3pmBkO%2F%2B9csc%2Fd1fkE4mIOA7mlRYDcn%2BiJuGvgg9bD%2FUSzeliY7ppNS9kS3twzUqYX%2BP6iffPj88vV8JPC8brSFBCZPLg6n7IVcAwJO2yS8%3D"}],"group":"cf-nel","max_age":604800}
x-cache
Miss from cloudfront
x-amz-cf-id
Ku36f7E_I4a3tIReNRsEgu-cX4V9AotoirqaJM4094QZ0zG9u1v-ZQ==
date
Tue, 08 Oct 2024 23:34:07 GMT
content-type
application/javascript
last-modified
Mon, 02 Apr 2018 22:56:20 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 e2415f0dddb9778029172ab73eec1388.cloudfront.net (CloudFront)
cf-ray
8cf9f09669a96680-AMS
x-amz-cf-pop
AMS58-P4
server
cloudflare
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500
Requested by
Host: upimg.com
URL: https://upimg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1d54b3be3b60db5c05b4699f9849d0ec974d10b48845b0749cabf4b5a045b7d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://upimg.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 08 Oct 2024 23:34:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 23:34:07 GMT
content-type
text/css; charset=utf-8
last-modified
Tue, 08 Oct 2024 21:39:57 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		153 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: upimg.com
URL: https://upimg.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
1c66da10995988034fc6f224dfc91a537fe2d72522682346be2409e6410bd590
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://upimg.com/

Response headers

content-encoding
br
etag
18178804826074533436
x-content-type-options
nosniff
expires
Tue, 08 Oct 2024 23:34:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 08 Oct 2024 23:34:07 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
52799
x-xss-protection
0
server
cafe
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f3.1e100.net
Software
sffe /
Resource Hash
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://upimg.com
Referer
https://fonts.googleapis.com/

Response headers

age
54797
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 08 Oct 2025 08:20:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 08:20:50 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18588
x-xss-protection
0
server
sffe
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410030101/ 		409 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4410301629861410&plah=upimg.com&bust=31087854
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
13320780a440d4ffa17961cd1d522b12e15895e99e2e6a75656190dabe81934c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://upimg.com/

Response headers

content-encoding
br
etag
12453267576282624740
x-content-type-options
nosniff
expires
Tue, 08 Oct 2024 23:34:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 08 Oct 2024 23:34:07 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
139506
x-xss-protection
0
server
cafe
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: upimg.com
URL: https://upimg.com/_next/ac15eb75-0a45-48bb-acc9-66f59d640157/page/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://upimg.com/

Response headers

content-encoding
gzip
age
472
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Wed, 09 Oct 2024 01:26:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 23:26:15 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20241007/r20190131/ Frame 5C93 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/html/r20241007/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4410301629861410&plah=upimg.com&bust=31087854
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://upimg.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age
8291
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 08 Oct 2024 21:15:56 GMT
etag
13108003645644964576
expires
Tue, 22 Oct 2024 21:15:56 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame C23F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-4410301629861410&output=html&h=200&slotname=7448953990&adk=893211949&adf=2635886784&pi=t.ma~as.7448953990&w=1200&abgtt=3&fwrn=4&lmt=1522709780&rafmt=11&format=1200x200&url=https%3A%2F%2Fupimg.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1728430447355&bpp=5&bdt=258&idt=96&shv=r20241007&mjsv=m202410030101&ptt=9&saldr=aa&abxe=1&eoidce=1&correlator=4171842185502&frm=20&pv=2&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=72&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95342016%2C95343328%2C95343455%2C95344188%2C31087854%2C95337196&oid=2&pvsid=2502606830738411&tmod=2074371962&uas=0&nvt=1&fc=896&brdim=80%2C80%2C80%2C80%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=120
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4410301629861410&plah=upimg.com&bust=31087854
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://upimg.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
297
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 08 Oct 2024 23:34:08 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame F46C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-4410301629861410&output=html&h=200&slotname=7448953990&adk=940942437&adf=691491806&pi=t.ma~as.7448953990&w=1200&abgtt=3&fwrn=4&lmt=1522709780&rafmt=11&format=1200x200&url=https%3A%2F%2Fupimg.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1728430447360&bpp=1&bdt=263&idt=136&shv=r20241007&mjsv=m202410030101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=1200x200&correlator=4171842185502&frm=20&pv=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=616&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95342016%2C95343328%2C95343455%2C95344188%2C31087854%2C95337196&oid=2&pvsid=2502606830738411&tmod=2074371962&uas=0&nvt=1&fc=896&brdim=80%2C80%2C80%2C80%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=2&uci=a!2&fsb=1&dtd=144
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4410301629861410&plah=upimg.com&bust=31087854
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://upimg.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
299
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 08 Oct 2024 23:34:07 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&cls=jss25%20jss31%20jss17%20jss18%20jss23%20mui-fixed&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: upimg.com
URL: https://upimg.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://upimg.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Tue, 08 Oct 2024 23:34:07 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
ads
pagead2.googlesyndication.com/pagead/ Frame 56EA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-4410301629861410&output=html&adk=1812271804&adf=3025194257&abgtt=3&lmt=1522709780&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fupimg.com%2F&pra=7&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&itsi=-1&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1728430447363&bpp=2&bdt=266&idt=155&shv=r20241007&mjsv=m202410030101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=1200x200%2C1200x200&nras=1&correlator=4171842185502&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95342016%2C95343328%2C95343455%2C95344188%2C31087854%2C95337196&oid=2&pvsid=2502606830738411&tmod=2074371962&uas=0&nvt=1&fsapi=1&fc=896&brdim=80%2C80%2C80%2C80%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=3&uci=a!3&fsb=1&dtd=166
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4410301629861410&plah=upimg.com&bust=31087854
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://upimg.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 08 Oct 2024 23:34:07 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ 		15 B
430 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=833504866&t=pageview&_s=1&dl=https%3A%2F%2Fupimg.com%2F&dp=%2F&ul=nl-nl&de=UTF-8&dt=Images%20Cloud&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=821279558&gjid=253587484&cid=693187635.1728430448&tid=UA-115060814-1&_gid=671121641.1728430448&_r=1&_slc=1&z=1241257654
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
61b4d167c9160d362a92e27413c1695c9b43d53041bb11352c6e985e89bc7414
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://upimg.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 23:34:07 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://upimg.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
15
server
Golfe2
js
www.googletagmanager.com/gtag/ 		267 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-825N6X52VB&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
77bb4d4795fce3583e639e9a39dc44693e8a89c7b83e51366e67db8e41748b94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://upimg.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 08 Oct 2024 23:34:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 23:34:07 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
96318
x-xss-protection
0
server
Google Tag Manager
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-825N6X52VB&gtm=45je4a20v9124529977za200&_p=1728430447576&gcd=13l3l3l2l2l1&npa=0&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&ul=nl-nl&sr=1600x1200&cid=693187635.1728430448&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fupimg.com%2F&dp=%2F&dt=Images%20Cloud&sid=1728430447&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=978
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-825N6X52VB&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://upimg.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://upimg.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 23:34:07 GMT
content-type
text/plain
server
Golfe2
sodar
pagead2.googlesyndication.com/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20241007&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4410301629861410&plah=upimg.com&bust=31087854
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
71b790ae13fb87fdce277e32611be93735970eed183ba70192897dbaad01ec91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://upimg.com/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
12859
date
Tue, 08 Oct 2024 23:34:08 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
favicon.ico
upimg.com/ 		243 B
724 B 		Other
General
Check archive.org
Download Go to
Full URL
https://upimg.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f23a5e0445a4f9b8df2aa19f63177eb7a41c7741fb49e6ce631c78b9c7a8e429

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://upimg.com/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LgXk%2BWd7mNDUQ%2BEyHMWeY%2FILXjMHESvMUN6BTNqydSo2RtmhioMp3%2BiXFajbS9X7%2FXJfF63MeUmFKA5K0sVtH1q8ADDeRTp4sw996XXNbEzXOte2KFrHknEPYQo%3D"}],"group":"cf-nel","max_age":604800}
via
1.1 b96dc0b769a91a3fe5483b063383b1c8.cloudfront.net (CloudFront)
cf-ray
8cf9f09f684e6680-AMS
x-cache
Error from cloudfront
x-amz-cf-id
6snFsEVbn3Tf0-Iz1hPu4b65abF81aEhAbm4M2bFFN_fSJDz4-EQNg==
date
Tue, 08 Oct 2024 23:34:09 GMT
content-type
application/xml
x-amz-cf-pop
AMS58-P4
vary
Accept-Encoding
server
cloudflare
sodar2.js
tpc.googlesyndication.com/sodar/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4410301629861410&plah=upimg.com&bust=31087854
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://upimg.com/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Tue, 08 Oct 2024 23:34:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 23:34:08 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
runner.html
tpc.googlesyndication.com/sodar/sodar2/232/ Frame 64E0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://upimg.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
857
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 08 Oct 2024 23:19:51 GMT
expires
Wed, 09 Oct 2024 00:09:51 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241007&jk=2502606830738411&bg=!lJell9jNAAax3igvkd47ADQBe5WfODis301r2gGb1glbn3gzihPpBZv3v7S0earwYhp5FiF-M5SK6nPa4n9uvCtfniqUAgAAAE1SAAAABWgBB34ANoP5zl7nPmEBiprjpEImzmlBaqRf-QBEG2OEBJsdjbxwX_b9tht93tap8lZfOJUeLS8HXVGUXgoAFvIbCtv0xpRivAq8luY3Le1_o-b2bxOZApi7GIDsngO7sqFZdy6cEvdPKoiyjczeMH13HEYyoZWpoSaXJx71PgkpG73K0uvM9JUjfsmmvlinqa1uYbWZJB2ZrLgmxRoKRcLlm37hARTHPr4TRrbWXN30Bv3XwWvec7F9AQzEzNNnH8Zil8cob_3UvMVNSsBn-wnERrdhSDPXX3lvDkRlBFnelUTUlCwBOhjVdN3R5LSCjrDo8edUeqBNrP4nOGeV7JP6g4VJVt6CDdRtNbJPdqvg4VbPUgFFLpD4vNKlpTniyXFs4sL_sSmn4gl79jKkS6amZeIkbcC7o_VQY3z2YabwBZzaTFZSIBtCGGQ30hIaDW-K5ZjCm_8CiDKSfHzD2jntOnkAFEqClCckzoJNwshF1DFuo9vKthbyHro7l5688O1bu_ZYZAjSFFOl1O41jxpI3BpN88Lw3dJTr57G7xkWXoUgaFaULJ4bsWHf9w-riePPY_CbvNlmSFk4DKVsVX5Go2-QncvoeU1YAtOHxU3ZfXlOLkgDet36xoiBTREtFkvbisRemrCIpiuM6f9AcXzHAaz94h9ir57NEbDnSU6cEFBhX7_zCwBiIYGy71ve7BGb2fJ5IwmzTi_vmpHQH08tHxLNXDoCwWlkrPzSK6b4P1_9IhtmrTbZljzCfz88Ps5ck_zW8ADicueQBQwSbz3RX2I6V4hghrxBpd92hZftQgat0c2gEiILSl_PTh6WnXxXRKfiPzbWB1GpfFfdewM4UtkGj8t5wCIANSO_P6eYRg1uAxfngRMOq6yheUJp1TyYvRvStHoAsL5UU6IelWCLWnQ07C7lLTC4rDDgjuKxGO4XJqtPMDxgesao8vyLgeLKKMCqsdVQz9RF4zvZmvIiHfw34nsENyaUjyA8LMJv

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| __NEXT_DATA__ object| module function| __NEXT_REGISTER_PAGE function| __NEXT_REGISTER_CHUNK function| webpackJsonp object| __core-js_shared__ object| next object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle string| google_user_agent_client_hint number| 2f1acc6c3a606b082e5eef5e54414ffb object| core object| __NEXT_REDUX_STORE__ object| __INIT_MATERIAL_UI__ object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map string| GoogleAnalyticsObject function| ga boolean| GA_INITIALIZED number| google_rum_task_id_counter function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_image_requests object| gaplugins object| gaGlobal object| gaData object| dataLayer object| google_tag_manager object| GoogleGcLKhOms

5 Cookies

Domain/Path Name / Value
.upimg.com/ Name: _ga
Value: GA1.2.693187635.1728430448
.upimg.com/ Name: _gid
Value: GA1.2.671121641.1728430448
.upimg.com/ Name: _gat
Value: 1
.upimg.com/ Name: _ga_825N6X52VB
Value: GS1.2.1728430447.1.0.1728430447.0.0.0
.upimg.com/ Name: __eoi
Value: ID=1077b7f205afbffd:T=1728430447:RT=1728430447:S=AA-AfjZXJ91_PgSqgpZndZTLOpmX

1 Console Messages

Source Level URL
Text
network error URL: https://upimg.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
pagead2.googlesyndication.com
region1.google-analytics.com
tpc.googlesyndication.com
upimg.com
www.google-analytics.com
www.googletagmanager.com
pagead2.googlesyndication.com
142.250.185.163
142.250.186.162
188.114.96.3
2001:4860:4802:32::36
2a00:1450:4001:806::2008
2a00:1450:4001:810::200a
2a00:1450:4001:828::200e
2a00:1450:4001:830::2001
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
13320780a440d4ffa17961cd1d522b12e15895e99e2e6a75656190dabe81934c
1c66da10995988034fc6f224dfc91a537fe2d72522682346be2409e6410bd590
1d54b3be3b60db5c05b4699f9849d0ec974d10b48845b0749cabf4b5a045b7d5
24a068a7f5fdbd4945ad607a3226d09562bba094b0c7a2bf47ccf7bdece51522
35e5a047096b60ecd3932146ec6d6123db03561c7b39324630b43d6dfc301303
61b4d167c9160d362a92e27413c1695c9b43d53041bb11352c6e985e89bc7414
71b790ae13fb87fdce277e32611be93735970eed183ba70192897dbaad01ec91
737614bb7572050e51543b6ff0fc39643776b5c61faadc0e9ab5a35807ef04fa
77bb4d4795fce3583e639e9a39dc44693e8a89c7b83e51366e67db8e41748b94
9f35ac51474c8d86fbea961b7fa3acfefa059407ff114dc185cb8682060b677e
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f23a5e0445a4f9b8df2aa19f63177eb7a41c7741fb49e6ce631c78b9c7a8e429
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99