urlscan.io logo urlscan.io
SecurityTrails logo

www.xup.in Open in urlscan Pro
2606:4700:3035::6815:d9c  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.xup.in/dl,16488336/wow_unsig(12340).zip/
Effective URL: https://www.xup.in/dl,16488336/wow_unsig%2812340%29.zip/
Submission Tags: falconsandbox
Submission: On January 19 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 5 countries across 9 domains to perform 52 HTTP transactions. The main IP is 2606:4700:3035::6815:d9c, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.xup.in.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 11th 2021. Valid for: a year.
This is the only time www.xup.in was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 18 2606:4700:303... 13335 (CLOUDFLAR...)
4 2a03:2880:f12... 32934 (FACEBOOK)
1 2.21.140.111 16625 (AKAMAI-AS)
1 88.221.18.213 16625 (AKAMAI-AS)
2 17 2606:4700:303... 13335 (CLOUDFLAR...)
1 158.69.54.123 16276 (OVH)
1 2a03:2880:f01... 32934 (FACEBOOK)
10 104.21.77.220 13335 (CLOUDFLAR...)
1 104.18.9.225 13335 (CLOUDFLAR...)
52 10
18    2606:4700:3035::6815:d9c (United States)

ASN13335 (CLOUDFLARENET, US)
www.xup.in
www1.xup.in
4    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2.21.140.111 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-140-111.deploy.static.akamaitechnologies.com
s7.addthis.com
1    88.221.18.213 (London, United Kingdom)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-18-213.deploy.static.akamaitechnologies.com
z.moatads.com
17    2606:4700:3033::ac43:cc1f (United States)

ASN13335 (CLOUDFLARENET, US)
youspacko.com
1    158.69.54.123 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns519222.ip-158-69-54.net
www.fastcounter.de
1    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
static.xx.fbcdn.net
10    104.21.77.220 (None, )

ASN13335 (CLOUDFLARENET, US)
buxflow.com
www.buxflow.com
1    104.18.9.225 (None, )

ASN13335 (CLOUDFLARENET, US)
promo.bwin.de
Apex Domain
Subdomains		 Transfer
18 xup.in
www.xup.in
www1.xup.in
70 KB
17 youspacko.com
youspacko.com
19 KB
10 buxflow.com
buxflow.com
www.buxflow.com
10 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
157 KB
1 bwin.de
promo.bwin.de — Cisco Umbrella Rank: 459218 Failed
1 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 639
5 KB
1 fastcounter.de
www.fastcounter.de — Cisco Umbrella Rank: 407558
886 B
1 moatads.com
z.moatads.com — Cisco Umbrella Rank: 361
1 KB
1 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 1501
114 KB
52 9
Domain Requested by
17 youspacko.com 2 redirects www.xup.in
youspacko.com
16 www.xup.in 1 redirects www.xup.in
8 www.buxflow.com buxflow.com
www.buxflow.com
www.xup.in
4 www.facebook.com www.xup.in
www.facebook.com
2 buxflow.com youspacko.com
buxflow.com
2 www1.xup.in www.xup.in
1 promo.bwin.de www.buxflow.com
1 static.xx.fbcdn.net www.facebook.com
1 www.fastcounter.de www.xup.in
1 z.moatads.com s7.addthis.com
1 s7.addthis.com www.xup.in
52 11

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-11 -
2022-06-10		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-10-28 -
2022-01-26		 3 months crt.sh
odc-addthis-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-04-25 -
2022-04-27		 a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-11-27 -
2022-11-29		 a year crt.sh
www.fastcounter.de
R3		 2021-12-18 -
2022-03-18		 3 months crt.sh
*.bwin.de
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-27 -
2022-08-24		 a year crt.sh

This page contains 19 frames:

Primary Page: https://www.xup.in/dl,16488336/wow_unsig%2812340%29.zip/
Frame ID: BB9485E51D6FCA3D7D7F5F83B85EC39D
Requests: 20 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https://www.facebook.com/xup.hosting&send=false&layout=button_count&width=130&show_faces=false&colorscheme=light&font&height=30
Frame ID: 40C5259D8BF4724BB6F7D596BE15285B
Requests: 3 HTTP requests in this frame

Frame: https://youspacko.com/com/traffic_in.php?bh=300x250&site=4
Frame ID: 48CE310BE20E49A9BF4A5B67180AA461
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?action=recommend&href=https%3A//www.xup.in/dl%2C16488336/wow_unsig%252812340%2529.zip/
Frame ID: D728E3FFF18B47CE3D73A76AA37ADFE2
Requests: 2 HTTP requests in this frame

Frame: https://youspacko.com/com/adf.php?https://youspacko.com/com/rotban.php?bh=300x250&cb=
Frame ID: DEF70A5C5AF38477E661FF16C36601C3
Requests: 1 HTTP requests in this frame

Frame: https://youspacko.com/com/adf.php?https://youspacko.com/com/rotban.php?bh=300x250&cb=&aa0
Frame ID: E0BC167830049DBDE7AB4996025031FA
Requests: 1 HTTP requests in this frame

Frame: https://youspacko.com/com/rotban.php?bh=300x250&cb=
Frame ID: F933CA6C0E35A2536F24670A4A82926E
Requests: 1 HTTP requests in this frame

Frame: https://youspacko.com/cc.html
Frame ID: 2A6A9775C5DC67EDE94964F05F5680D7
Requests: 1 HTTP requests in this frame

Frame: https://youspacko.com/com/pixel.php?site=4
Frame ID: 1CD3C206A955E4FC209ED2906A7608AF
Requests: 2 HTTP requests in this frame

Frame: https://youspacko.com/com/ad_frm.php?//youspacko.com/com/traffic_in.php?site=4&bh=728x90&
Frame ID: C4B13EE86F34BAAC18A5431423F552CC
Requests: 1 HTTP requests in this frame

Frame: https://youspacko.com/empty.html
Frame ID: 725D3A838D4FA95341710AD71CCA280A
Requests: 2 HTTP requests in this frame

Frame: https://youspacko.com/com/traffic_in.php?site=4&bh=728x90&
Frame ID: F161CB500BC43D352093A35D711F6210
Requests: 1 HTTP requests in this frame

Frame: https://youspacko.com/com/adf.php?https://youspacko.com/com/rotban.php?bh=728x90&cb=
Frame ID: 1DDEFEAAAC802128CC93606CAC1BCF4A
Requests: 1 HTTP requests in this frame

Frame: https://youspacko.com/com/adf.php?https://youspacko.com/com/rotban.php?bh=728x90&cb=&aa0
Frame ID: 68058385D6B87389ADE78A9E69C0ACDF
Requests: 1 HTTP requests in this frame

Frame: https://youspacko.com/com/rotban.php?bh=728x90&cb=
Frame ID: 9BC91EA83EAA4E34A4981B9BBE3AD345
Requests: 1 HTTP requests in this frame

Frame: https://youspacko.com/empty.html
Frame ID: 8801A6A30F2CDD3C758E7D107AADB156
Requests: 2 HTTP requests in this frame

Frame: https://buxflow.com/ads/xlayer.php
Frame ID: B053B79AB49030DE43E14FACF33C8D4C
Requests: 1 HTTP requests in this frame

Frame: https://www.buxflow.com/ads/728x90/afbw_728x90.html
Frame ID: BBE35A32118ABCCAA18261F59B60DE4B
Requests: 6 HTTP requests in this frame

Frame: https://promo.bwin.de/de/promo/offers/p/sportsbook?wm=5060652&param=pop&sb=1
Frame ID: 909F550D4AB6D5ECBF406B2BCD646B55
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Download: wow_unsig(12340).zip | www.xup.in

Page URL History Show full URLs

  1. https://www.xup.in/dl,16488336/wow_unsig(12340).zip/ HTTP 301
    https://www.xup.in/dl,16488336/wow_unsig%2812340%29.zip/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • addthis\.com/js/
Overall confidence: 100%
Detected patterns
  • moatads\.com

Page Statistics

52
Requests

98 %
HTTPS

44 %
IPv6

9
Domains

11
Subdomains

10
IPs

5
Countries

375 kB
Transfer

1044 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.xup.in/dl,16488336/wow_unsig(12340).zip/ HTTP 301
    https://www.xup.in/dl,16488336/wow_unsig%2812340%29.zip/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • https://youspacko.com/com/traffic_out.php?id=&bh=300x250&ori=y HTTP 307
  • https://youspacko.com/com/adf.php?https://youspacko.com/com/rotban.php?bh=300x250&cb=
Request Chain 35
  • https://youspacko.com/com/traffic_out.php?id=&bh=728x90&ori=y HTTP 307
  • https://youspacko.com/com/adf.php?https://youspacko.com/com/rotban.php?bh=728x90&cb=

52 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.xup.in/dl,16488336/wow_unsig%2812340%29.zip/
Redirect Chain
  • https://www.xup.in/dl,16488336/wow_unsig(12340).zip/
  • https://www.xup.in/dl,16488336/wow_unsig%2812340%29.zip/
13 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.xup.in/dl,16488336/wow_unsig%2812340%29.zip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:d9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a906cba8d96e2f521e91461fccc0f35a3b52cb0f0ee35cf0abdd8b2df349a4c0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 19 Jan 2022 03:18:29 GMT
content-type
text/html; charset=iso-8859-15
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hvqMaphNL1bxLi26c5hn95atfFPk%2FIY2UwQRxKXNm6Mn9gdpsjJ46PW%2FVWYE03QPc%2B%2B2XKfDhgqTQyxu7dA2%2FOXFST6FQOwE84JnJCVLDEQz0zRrOQaApoV4MV9hrxKXGxeVEmBPIBZv"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6cfcea7ed847374a-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Wed, 19 Jan 2022 03:18:28 GMT
content-type
text/html; charset=iso-8859-15
location
https://www.xup.in/dl,16488336/wow_unsig%2812340%29.zip/
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MGB8enjtjoXOQVryLOE6ZXlXh3PeDnghiJ9oQnqNaCY2wwUDxzhj93laYG0xG492ykvwuEG%2FfQE6fzPZF9iJ6572SvG2xP5g3%2BfzlNlibvnC2U8u5ZJrrsscXCb4PNNipQheVhNnzn6R"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6cfcea7d2f0f374a-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
main.css
www.xup.in/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.xup.in/main.css
Requested by
Host: www.xup.in
URL: https://www.xup.in/dl,16488336/wow_unsig%2812340%29.zip/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:d9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfc354496e02beb2e4f1c003ab57e106f1e84a5654faec4c29128975f5fb31d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xup.in/dl,16488336/wow_unsig%2812340%29.zip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 03:18:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2017 22:14:07 GMT
server
cloudflare
etag
W/"59cd742f-13e4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4jB%2F%2BWrtMTl9RmzPMyWmlXA1PjJ9E6LQpzLdvnVXufDq0veTb%2FPimmR75GWCEnop5EFWq3iRxfbV2wbBfnq7kdwJGXQCNSAcRBaUpH2RQNCsmNE2dLvYIvdP9Sg4x3n9M3YXsaISFscb"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6cfcea7fb81e3747-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
images.js
www.xup.in/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xup.in/js/images.js
Requested by
Host: www.xup.in
URL: https://www.xup.in/dl,16488336/wow_unsig%2812340%29.zip/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:d9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40cb71c543a67d79aaa9f3e4e4fc26c666a6d78d9a59061ebbae725d76d9d219

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xup.in/dl,16488336/wow_unsig%2812340%29.zip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 03:18:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2017 22:14:09 GMT
server
cloudflare
etag
W/"59cd7431-58a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yziixM1DTJI6LW26GxG19R4HMUQTFzYJgejP87yLtl8S0hRgFVEUUPrDWLCDVAg7aFzHPF%2BdeJMnXU1t9TPfrp9ARyncu7k5YrveCjIASNa1%2Bry1P9vYyzVHrztrffU5E01UZguaSk1n"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6cfcea7fb8203747-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
xup_logo.gif
www.xup.in/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xup.in/img/xup_logo.gif
Requested by
Host: www.xup.in
URL: https://www.xup.in/dl,16488336/wow_unsig%2812340%29.zip/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:d9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cee0249c5f9b16ef62ed1988fe8a79a09aed3f5dca11ac2cc8bee77779bce496

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xup.in/dl,16488336/wow_unsig%2812340%29.zip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 03:18:29 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2017 22:14:10 GMT
server
cloudflare
etag
"59cd7432-b92"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bx172OAbiMiF2o2SDzHrdrgGFviJ5KHXMRwbIwXJdOTNj5ODQWm6xDbb9w4VdfoeIpDF1bmufCM0VT130RbnbdaLz%2FUIsS4M3ci5zvc0RnQNst4JVB5qDX%2FZ2XAlAB%2FkYLitINJBdgJM"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6cfcea7fb8223747-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2962
ads-google-728x90.jpg
www.xup.in/com/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xup.in/com/ads-google-728x90.jpg
Requested by
Host: www.xup.in
URL: https://www.xup.in/dl,16488336/wow_unsig%2812340%29.zip/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:d9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
506e0cd8bac817943ec0e63474113e3583944c67af26e4565c1d7dccc682e8f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xup.in/dl,16488336/wow_unsig%2812340%29.zip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 03:18:29 GMT
cf-cache-status
HIT
last-modified
Thu, 16 May 2019 21:08:16 GMT
server
cloudflare
etag
"5cddd140-35b8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mnzpbQ99AfUts0OyXJbHNn9kC4F6N3JwkRtqltWG1myMR%2BiOBkITOBBPk5cqM%2BE0FKaXEzGTmsJ719%2FJ6GcBQVmN%2Fu%2Fi7WMAaCcDteFGRhDOu8I%2B7hIhAszII9Vsfjb0Vh9BngbjEAHt"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6cfcea7fb8243747-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13752
chk.js
www.xup.in/js/ 		880 B
950 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xup.in/js/chk.js?v=x
Requested by
Host: www.xup.in
URL: https://www.xup.in/dl,16488336/wow_unsig%2812340%29.zip/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:d9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ebe7d85949a704c30a6d72dde1d79c04100d4857d95215b88e1d4af1a94b624

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xup.in/dl,16488336/wow_unsig%2812340%29.zip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 03:18:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 18 Oct 2020 20:23:18 GMT
server
cloudflare
etag
W/"5f8ca436-370"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bUiUXb39KloJ4tl8QK8uO9Fvzs4mpacTlqOSPTMblmEPr6REIgM%2B5KLDAGA5%2BtfP%2FaBpinqh9Tv3%2B1OA%2BNN2rWLFScCLOohozpa3tOXitVLWTQekIlFzn0J1%2B0Gbolz9BMEoOsWKA6nW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6cfcea7fb8273747-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
download.gif
www.xup.in/img/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xup.in/img/download.gif
Requested by
Host: www.xup.in
URL: https://www.xup.in/dl,16488336/wow_unsig%2812340%29.zip/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:d9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2515fa27673a2afd74cedd227aa38fc797a4803c8822c01adfe336080d2abc0d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xup.in/dl,16488336/wow_unsig%2812340%29.zip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 03:18:29 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2017 22:14:09 GMT
server
cloudflare
etag
"59cd7431-1599"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eMrV9aCIJPssDV1DQ0WmtiyARrhuMnCi2Mc6v083Yt%2Fpiqv%2FVvMmQqIVP%2FzXSF9LF9C2icOcLUOH0%2B8Fnnhw2PaQDZNYhU1rk8y%2BdPnao2PrqRGZtsTwmpuM2lsPO%2F63m44YiPjIhQVF"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6cfcea7fb8283747-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5529
no_tn.gif
www1.xup.in/tn/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www1.xup.in/tn/no_tn.gif
Requested by
Host: www.xup.in
URL: https://www.xup.in/dl,16488336/wow_unsig%2812340%29.zip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:d9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98509fb4f226d1389eb15592f1fbba11d239b583c9fdaeff428608745bad2de8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xup.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 03:18:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1587
last-modified
Tue, 28 May 2013 10:26:01 GMT
server
cloudflare
etag
"51a48639-633"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tEElvz4JPOv5eIZ%2BYIIi5yvwySqu1t2R%2Btj%2BJmVUs1p1eDTU%2BY%2B2rvReKZFq6kH%2FRVZNqBTm3ZrSAuPAGPZSxlY77QKBzXZb183I07m%2FzAsMiS6faZAivrCLHUx0Ts4A%2BKlE0jnfUEDRFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
6cfcea7fd8ec374a-MXP
expires
Fri, 18 Mar 2022 17:48:40 GMT
images.js
www.xup.in/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xup.in/js/images.js
Requested by
Host: www.xup.in
URL: https://www.xup.in/dl,16488336/wow_unsig%2812340%29.zip/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:d9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40cb71c543a67d79aaa9f3e4e4fc26c666a6d78d9a59061ebbae725d76d9d219

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xup.in/dl,16488336/wow_unsig%2812340%29.zip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 03:18:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2017 22:14:09 GMT
server
cloudflare
age
0
etag
W/"59cd7431-58a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DKEhA0YX5IEwL7hv%2FhT7pguYPPgzuKdGBNUkzALjCcgR1Dk90Eomz%2F%2Bii0T5xrmvKQfZC26TkoqpWrhYmdOFh9CrZZJqTmh%2F7k8kJl8XHPdUcEMRq%2Fzp8m%2FdLoZUgjpEt61DxUX6I%2F32"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6cfcea80387f3747-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
xup_logo.gif
www.xup.in/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xup.in/img/xup_logo.gif
Requested by
Host: www.xup.in
URL: https://www.xup.in/dl,16488336/wow_unsig%2812340%29.zip/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:d9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cee0249c5f9b16ef62ed1988fe8a79a09aed3f5dca11ac2cc8bee77779bce496

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xup.in/dl,16488336/wow_unsig%2812340%29.zip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 03:18:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2962
last-modified
Thu, 28 Sep 2017 22:14:10 GMT
server
cloudflare
etag
"59cd7432-b92"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=30x3ZK3mCfv2UKBxOFETtOmiVT3JkPtcT16Cx3%2B%2BNZMJFBsfMyidkiXPfx1cN%2FHuHexW8YEmS3rCMgsjYcw7hBHzeMMiKXqQiOMaN7%2FTEjflR46Pl26BNR%2B2p4Ozh2lTwc1riYfDWtYO"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
6cfcea8058973747-MXP
ads-google-728x90.jpg
www.xup.in/com/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xup.in/com/ads-google-728x90.jpg
Requested by
Host: www.xup.in
URL: https://www.xup.in/dl,16488336/wow_unsig%2812340%29.zip/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:d9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
506e0cd8bac817943ec0e63474113e3583944c67af26e4565c1d7dccc682e8f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xup.in/dl,16488336/wow_unsig%2812340%29.zip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 03:18:29 GMT
cf-cache-status
HIT
last-modified
Thu, 16 May 2019 21:08:16 GMT
server
cloudflare
etag
"5cddd140-35b8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KFwCvVi%2BU7FqiCbagTReNK1douMrF6Yt3l25Byvq3FAHjO7fSSpWdc%2F8s%2FQzWtEuWSqyJlOcP536QafGJq%2FxS5jeDdTcUnRnaoeus%2Fs7F2f2fy%2F7rGFn3Tp2qYOTfyyh3YrsXeQsABmU"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6cfcea80589b3747-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13752
chk.js
www.xup.in/js/ 		880 B
950 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xup.in/js/chk.js?v=x
Requested by
Host: www.xup.in
URL: https://www.xup.in/dl,16488336/wow_unsig%2812340%29.zip/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:d9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ebe7d85949a704c30a6d72dde1d79c04100d4857d95215b88e1d4af1a94b624

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xup.in/dl,16488336/wow_unsig%2812340%29.zip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 03:18:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 18 Oct 2020 20:23:18 GMT
server
cloudflare
age
0
etag
W/"5f8ca436-370"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n1ygxZD1yaSjaTdbiuPwcFUXD8fbucy4TUZu21I6MWoJZQ2edBXjBcP%2F9uIrgAhS3WVHrE8qBPfVF8LT7Cb1DMONoU7GjGAiuJWMbcZzK5kWGdVv6N9mbcA0m95l2ZwH%2BWD9Gd9%2Fdx%2Bn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6cfcea80589c3747-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
like.php
www.facebook.com/plugins/ Frame 40C5 		31 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?href=https://www.facebook.com/xup.hosting&send=false&layout=button_count&width=130&show_faces=false&colorscheme=light&font&height=30
Requested by
Host: www.xup.in
URL: https://www.xup.in/dl,16488336/wow_unsig%2812340%29.zip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8f4de1471153058896169f3eefbc070e1f325a4fa6aa6f1d398f41f7e3780332
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.xup.in/

Response headers

vary
Accept-Encoding
content-encoding
br
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr
0
document-policy
force-load-at-top
cross-origin-opener-policy
unsafe-none
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
VanxbD4lFp6835JxpwGOMyVdDP92H10BLrW+RFKAeQRUoWMZEIf67XDUreYanG6XBPxn4F5kxsYFKV6Emwl53A==
date
Wed, 19 Jan 2022 03:18:29 GMT
priority
u=3,i
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
addthis_widget.js
s7.addthis.com/js/300/ 		353 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: www.xup.in
URL: https://www.xup.in/dl,16488336/wow_unsig%2812340%29.zip/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.140.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-140-111.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
4cb4dd32f19bebfa656eb732d16c68309b36f86a0eab2827ac74405d360af198
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.xup.in/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
date
Wed, 19 Jan 2022 03:18:29 GMT
x-host
s7.addthis.com
content-length
116406
xup_logo.gif
www.xup.in/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xup.in/img/xup_logo.gif?banner.728x90.ads.png.gif
Requested by
Host: www.xup.in
URL: https://www.xup.in/dl,16488336/wow_unsig%2812340%29.zip/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:d9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cee0249c5f9b16ef62ed1988fe8a79a09aed3f5dca11ac2cc8bee77779bce496

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xup.in/dl,16488336/wow_unsig%2812340%29.zip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 03:18:29 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2017 22:14:10 GMT
server
cloudflare
etag
"59cd7432-b92"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RO4EJ90YJbNdNNxfza2CXPa5f%2FejN8oN6pDo0XuxAdOdgulQhCL46j2eMserhp7nhBsJziwmGRAD2QRGfEueqJrM%2B2LmTkv7XTwfaKcgZx5O24L%2FS0PS7JtSD1m4J8aGlCshGUDYf6Fl"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6cfcea8078b73747-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2962
moatframe.js
z.moatads.com/addthismoatframe568911941483/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.18.213 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-18-213.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xup.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 03:18:29 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
0D84416276E56D7C
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=62825
accept-ranges
bytes
content-length
948
x-amz-id-2
0IIuKwRBFpfjxJa7FwtAkd0tWdDgydbLbF1LhbMFSflncdycNxssuDTQZzgqn7uQW3bUJ4DyYtY=
traffic_in.php
youspacko.com/com/ Frame 48CE 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://youspacko.com/com/traffic_in.php?bh=300x250&site=4
Requested by
Host: www.xup.in
URL: https://www.xup.in/dl,16488336/wow_unsig%2812340%29.zip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:cc1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8af188405122318b87aa4dd730aba4c016714d7b5b8f3b8e648fbb1efb564937

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.xup.in/

Response headers

date
Wed, 19 Jan 2022 03:18:29 GMT
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
expires
-1
cache-control
no-cache
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZbgnbBg9Mxd5v267M6MMiec0m6aG4QOTYq%2BKEr2DyaSefm%2FXIouHJSf3ZnsAH9ucTD5%2FoLJKxr7VdCo4xcgtQiYa3pI4EXsOnugIZ0GbirPLcvh6Y7RCQsGalyCrZADLkO7EQy0R53KuT9YW"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6cfcea818af483be-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
download.gif
www.xup.in/img/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xup.in/img/download.gif
Requested by
Host: www.xup.in
URL: https://www.xup.in/dl,16488336/wow_unsig%2812340%29.zip/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:d9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2515fa27673a2afd74cedd227aa38fc797a4803c8822c01adfe336080d2abc0d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xup.in/dl,16488336/wow_unsig%2812340%29.zip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 03:18:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5529
last-modified
Thu, 28 Sep 2017 22:14:09 GMT
server
cloudflare
etag
"59cd7431-1599"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dbSJT8RmN4Q5jfoO34kpUAcmli1FT6ah7eJLibbOodMT13Br%2B%2BB0yglmqGRzfWZKTjbzah8nfo8fosnXIcxTo69GnZyP8wS6%2FR1m%2BnTPWRGBWRnR2oFTWqZibmzaKrTC7Bf5STowkAFT"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
6cfcea8139443747-MXP
no_tn.gif
www1.xup.in/tn/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www1.xup.in/tn/no_tn.gif
Requested by
Host: www.xup.in
URL: https://www.xup.in/dl,16488336/wow_unsig%2812340%29.zip/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:d9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98509fb4f226d1389eb15592f1fbba11d239b583c9fdaeff428608745bad2de8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xup.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 03:18:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1587
last-modified
Tue, 28 May 2013 10:26:01 GMT
server
cloudflare
etag
"51a48639-633"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ghnxo0AmLQ64yYjyZYSeo%2F8YEqO9k2AUzb3zWDIQY4ShjITdCf5e73aDraOvapWdBOIaxHv8aUAwlTClhf45uoKyFPKk6Po4sbUgHP29xKZOMaAMwAu%2FaehSVA0QexCSrlL73uCmnMpeRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
6cfcea8139463747-MXP
expires
Fri, 18 Mar 2022 17:48:40 GMT
like.php
www.facebook.com/plugins/ Frame D728 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?action=recommend&href=https%3A//www.xup.in/dl%2C16488336/wow_unsig%252812340%2529.zip/
Requested by
Host: www.xup.in
URL: https://www.xup.in/dl,16488336/wow_unsig%2812340%29.zip/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
21760482a0bb96433753e584381b91b20086e98bcd0d5b36ded13c8266184fca
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.xup.in/

Response headers

vary
Accept-Encoding
content-encoding
br
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr
0
document-policy
force-load-at-top
cross-origin-opener-policy
unsafe-none
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
sxvIuLaqI8MrfNJG733YO0Esnws/ozcGK5r3L4e46HB+HFINzVYKPDrtxzjFAm7B8Khvx1en4EMB64eqxW9FLA==
date
Wed, 19 Jan 2022 03:18:29 GMT
priority
u=3,i
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
fcounter.php
www.fastcounter.de/ 		886 B
886 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fastcounter.de/fcounter.php?rnd=1642562309309&id=9073&s=&l=en-US&u=&w=1600&h=1200
Requested by
Host: www.xup.in
URL: https://www.xup.in/dl,16488336/wow_unsig%2812340%29.zip/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.69.54.123 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns519222.ip-158-69-54.net
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xup.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 03:18:29 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.14.2
content-type
text/javascript;charset=UTF-8
content-length
886
expires
Thu, 19 Nov 1981 08:52:00 GMT
bg_black.gif
www.xup.in/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xup.in/img/bg_black.gif
Requested by
Host: www.xup.in
URL: https://www.xup.in/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:d9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae9c8954bbfc64cf291fea95c5674fb9113faa2a00d8e2697fa565957371e146

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xup.in/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 03:18:29 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2017 22:14:09 GMT
server
cloudflare
etag
"59cd7431-5f2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LwJEH%2BhIy%2B%2FKW9XsRjKFN1ZAJuuWHFVe4pfBOzF7%2BWU%2BPwD1s6%2Fz9RHzMbAk2nFBNgJyVHNEPp22vHnFnWXVL6%2BhA2CEJgQ1PiVitPwRIqvuEL4mJxTSy0Eb5wS9IwcVqXTzxiV%2BRz9w"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6cfcea81494f3747-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1522
iclist.gif
www.xup.in/img/ 		325 B
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xup.in/img/iclist.gif
Requested by
Host: www.xup.in
URL: https://www.xup.in/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:d9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3536a3e61b6d9aef57e1418f037cf643a5261d63967d23256acd6afc8862fd24

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.xup.in/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 03:18:29 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2017 22:14:09 GMT
server
cloudflare
etag
"59cd7431-145"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mTIOv%2BzZTH68KGGxMVo3kz3g8b7NpQR3NCkaLGmsqUfIwMwCA9m9b6QH%2BsoAWkFjLvE8oLvtJZIY5oLouAmolNxrrEEJAF%2B9CW3I35SJUZXGcDpvr0NtIkmaH4j5T8JJPQQeTHQnLuyH"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6cfcea8149513747-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
325
OqOE21UvWe3.png
www.facebook.com/rsrc.php/v3/y5/r/ Frame 40C5 		400 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/rsrc.php/v3/y5/r/OqOE21UvWe3.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?href=https://www.facebook.com/xup.hosting&send=false&layout=button_count&width=130&show_faces=false&colorscheme=light&font&height=30
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.facebook.com/plugins/like.php?href=https://www.facebook.com/xup.hosting&send=false&layout=button_count&width=130&show_faces=false&colorscheme=light&font&height=30
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 00:25:51 GMT
x-content-type-options
nosniff
content-md5
uF0RL4E+h23ClLQmPOTTMw==
document-policy
force-load-at-top
content-security-policy-report-only
default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
content-length
400
x-fb-rlafr
0
x-fb-debug
QhUVMw73ZdIgnpwuyW0J3VGXgTRCexykk+AdFrWWktTXT+cx116oXmXIr8iEOVXDFjcMVxaYinc1uT7cHn2c8w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 11 Jan 2023 00:25:51 GMT
1jFFo6R_tol.js
www.facebook.com/rsrc.php/v3iAxA4/y3/l/de_DE/ Frame 40C5 		518 KB
135 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3iAxA4/y3/l/de_DE/1jFFo6R_tol.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?href=https://www.facebook.com/xup.hosting&send=false&layout=button_count&width=130&show_faces=false&colorscheme=light&font&height=30
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4e0d9ec01266aa92d5d9669b9d4bbeaea45846390e6633d73099d9f249b2537d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.facebook.com/plugins/like.php?href=https://www.facebook.com/xup.hosting&send=false&layout=button_count&width=130&show_faces=false&colorscheme=light&font&height=30
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 18:25:23 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
tfpHgOKLTcnjHWqzX6iQ7g==
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
cross-origin-resource-policy
cross-origin
content-length
138622
x-fb-rlafr
0
x-fb-debug
tuCBLDr95v47gHnG+JSjde+PMBWywcu9y8/L+pDGGtZBALMx79CgBVcr8eVO3RckiAflbkEuFnJ3e57zg7mUWA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 18 Jan 2023 18:25:23 GMT
xrYCbZt06JC.css
static.xx.fbcdn.net/rsrc.php/v3/yc/l/0,cross/ Frame D728 		15 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yc/l/0,cross/xrYCbZt06JC.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?action=recommend&href=https%3A//www.xup.in/dl%2C16488336/wow_unsig%252812340%2529.zip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ff662e8c48d09f29ea4008a8af37ad17b1c953851c2b2cf335d83dc1905f1081
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 03:18:29 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
zUOtAQoiVgwpH8X1xg+FSg==
document-policy
force-load-at-top
content-security-policy-report-only
default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
3997
x-fb-rlafr
0
x-fb-debug
4PpHHlFh1Z/Tj4aWcuB/DRwHX6HiZeOSfz/PEzIUnrPgVzHmhsa+ODkLNjTkWa/9Rp88DDeU86vK8ASClsgsDg==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 18 Jan 2023 16:36:01 GMT
adf.php
youspacko.com/com/ Frame DEF7
Redirect Chain
  • https://youspacko.com/com/traffic_out.php?id=&bh=300x250&ori=y
  • https://youspacko.com/com/adf.php?https://youspacko.com/com/rotban.php?bh=300x250&cb=
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://youspacko.com/com/adf.php?https://youspacko.com/com/rotban.php?bh=300x250&cb=
Requested by
Host: youspacko.com
URL: https://youspacko.com/com/traffic_in.php?bh=300x250&site=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:cc1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de75f1e86872b187f45924e459d485986bdffd2ad021111e218a862cd2c48a53

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 19 Jan 2022 03:18:29 GMT
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wUTICZJ%2Fp17COrdhXK3kB6yMM6r5VeUod7ZsTyChSFOOppYuPFNlsqVSGcy3u7JEjTae4tdkEbKO1uq5YMzvZwtbvCzokt3RFi9ZrBUoKMF9PxWRSHLAGWDtAr0TFDqEHCRdt4yv49yCaz8E"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6cfcea82af523762-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Wed, 19 Jan 2022 03:18:29 GMT
content-type
text/html; charset=UTF-8
location
https://youspacko.com/com/adf.php?https://youspacko.com/com/rotban.php?bh=300x250&cb=
expires
Sat, 30 Nov 1985 05:00:00 GMT
cache-control
no-cache
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OV9xeQJC1nebJnEvSGOdhP1UwuEX5Z8ycoRrqOe%2FX2SnJ37CgmnDkeMmMPNmgQmGanToftMR%2FB2bGOPZSPIdwtY1hVlb4NcDKM%2B%2B2W7ZgljDFcG6CVzzbWTUd18czDeEXY2Kbv2zD3%2FaBoGh"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6cfcea822ee63762-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
adf.php
youspacko.com/com/ Frame E0BC 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://youspacko.com/com/adf.php?https://youspacko.com/com/rotban.php?bh=300x250&cb=&aa0
Requested by
Host: youspacko.com
URL: https://youspacko.com/com/adf.php?https://youspacko.com/com/rotban.php?bh=300x250&cb=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:cc1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6b0cc672b3a621aa7b6bb994dc996e69e49d21bb40eaecee045ead36e1e19c4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 19 Jan 2022 03:18:29 GMT
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=spn7wN85iUnRWQflrjIsHZlyu3GWDrZ0RlCaAQyEmZ34F4azLkwuZ73CZuEHfZEBsjreQR85ebxiMO8bbHCY14s89fg65Vz8VjjiFl9eE5NUgebvZP0iHZLX0fupQKI5VrwDwRteamCXrg7A"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6cfcea83c8373762-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rotban.php
youspacko.com/com/ Frame F933 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://youspacko.com/com/rotban.php?bh=300x250&cb=
Requested by
Host: youspacko.com
URL: https://youspacko.com/com/adf.php?https://youspacko.com/com/rotban.php?bh=300x250&cb=&aa0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:cc1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bff524756ffc9d2a3820fa60c95fc26815c41b0385010bc938264b27e28f9c9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 19 Jan 2022 03:18:29 GMT
content-type
text/html; charset=UTF-8
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q3rXj8yblBRdgxLXQD9d%2FrL8wIQfXXVkB7DIjS4Idj%2FY5MIB8mhAXIhv62i%2F6GsuvWgCFFp6lCT5t4mD3NQpSGn0rVoqYbl5yf6ovd858oF4wkQcB%2FjsXQ1jXaEQ1Vlp2bXBxVosizP6%2BQfD"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6cfcea84e9563762-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cc.html
youspacko.com/ Frame 2A6A 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://youspacko.com/cc.html
Requested by
Host: youspacko.com
URL: https://youspacko.com/com/rotban.php?bh=300x250&cb=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:cc1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e8cb2d36a4b4f20480bd20862543aac32f8aa7919849f73a9f4e6bddaf8bc2f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 19 Jan 2022 03:18:29 GMT
content-type
text/html
last-modified
Wed, 14 Apr 2021 07:54:05 GMT
cache-control
max-age=2678400
cf-cache-status
HIT
age
1559
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j8uk2eyRaNi5dWnxks%2BarInyAiPFJQY2ZnBpF5bySHYOfV2fM85e5Av76xoFqm7xfLprCc4G%2FrX0d0i7OEs%2F1by8aYkBX214FxWPlQCbnB0ip8iJg1sycVbY1%2BtTQjH%2Bz0aNY0pNwh749GZi"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6cfcea8569e33762-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pixel.php
youspacko.com/com/ Frame 1CD3 		441 B
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://youspacko.com/com/pixel.php?site=4
Requested by
Host: youspacko.com
URL: https://youspacko.com/com/traffic_in.php?bh=300x250&site=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:cc1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39230870ef6d4872916604b2b0411cef4d831f5d5669e4a7347bd9165774c0e7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 19 Jan 2022 03:18:30 GMT
content-type
text/html; charset=UTF-8
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D3YSpBm%2Bz1ZblQtUWw0sJo8p3WOqnjRk3qh0SrIXrqHHhPGNDgO3yKHOAjVX8Qdl6kR2vka8CjY6%2FgOZvGWqc7Q%2BcybM%2BMB%2BEU64XaqBGxmNMTNiFevVcm%2FH42DqYsUagdp%2F6KpbCVyXIXku"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6cfcea86eb053762-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
xref.php
buxflow.com/ Frame 1CD3 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buxflow.com/xref.php?ref=ok&i=.js
Requested by
Host: youspacko.com
URL: https://youspacko.com/com/pixel.php?site=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.77.220 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b923640399827232ef42271dc6b28c88ff5496d06a875e64baf40686cfa1ad1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 03:18:30 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 19 Jan 2022 03.18:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MEIdL3mdFM7VAOarl2YeAz7jJQ8%2FAQMVIoYYCsOxV%2B36JGVsANmi0TTpVQAFu8LMK3t29Uvl5GTF9apRvDhsUvnaspiWVGqYqhNScWuOGj6E0RdJ0k1cKgsUDXs41w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=iso-8859-15
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6cfcea87df3c5049-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ad_frm.php
youspacko.com/com/ Frame C4B1 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://youspacko.com/com/ad_frm.php?//youspacko.com/com/traffic_in.php?site=4&bh=728x90&
Requested by
Host: www.xup.in
URL: https://www.xup.in/dl,16488336/wow_unsig%2812340%29.zip/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:cc1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb5b424f0629329b17fa0ded54e58764e3eb9f7672cbd290edc0ca7653c52edb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.xup.in/

Response headers

date
Wed, 19 Jan 2022 03:18:30 GMT
content-type
text/html; charset=UTF-8
last-modified
Wed, 19 Jan 2022 03.18:30 GMT
cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dgHsWh9ZDnsSQhhe71zPFTx%2FH%2BaR3FsaSpcszQbve8pb5KxiPBAk%2FuPk4%2B4DJpVKuHUhKVpmstS%2FMBUA1jqXEAj9sdoq8n5A9pmSo1bUcGMxHeXIwNQVz1e99jEKFAm%2BUeffSqSuWGK34QLv"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6cfcea877b9f3762-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cc.html
youspacko.com/ Frame 725D 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://youspacko.com/cc.html
Requested by
Host: youspacko.com
URL: https://youspacko.com/com/pixel.php?site=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:cc1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e8cb2d36a4b4f20480bd20862543aac32f8aa7919849f73a9f4e6bddaf8bc2f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 19 Jan 2022 03:18:30 GMT
content-type
text/html
last-modified
Wed, 14 Apr 2021 07:54:05 GMT
cache-control
max-age=2678400
cf-cache-status
HIT
age
1560
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fN%2FrM8ncx9i060g1rk5%2FZDUlQ3uckOdkuwfFzw9IYaX5RgijBrAXyQRT8TiuEUDSrFxUsFz9EY%2BbD8zYLRZG1f0BmCJvZz0mLuo5wxweHgHvYtCkhcbdhJm6d8Rkhf9eNNpoykxC3rGd818Y"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6cfcea889c833762-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
empty.html
youspacko.com/ Frame 725D 		242 B
672 B 		Document
General
Check archive.org
Download Go to
Full URL
https://youspacko.com/empty.html
Requested by
Host: youspacko.com
URL: https://youspacko.com/cc.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:cc1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b579c6b712a79e62c47310400d0e3a56176ab45a180fc14325d1988b5f78e10

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 19 Jan 2022 03:18:30 GMT
content-type
text/html
last-modified
Wed, 20 Jan 2021 11:06:20 GMT
cache-control
max-age=2678400
cf-cache-status
HIT
age
1514
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yt43dQYzh0lbMiI%2FB6Fi%2FHiUEEki41js4KPG8ONwL2iMNP1IJVuLKbU8pgQFh9dtAYjf0KKnL9JaZAjy1hqplKf85Nh4rUmevr%2F9XFb%2BoNbD8awQFUvbhinzOvj1Z71kj8eYkYIKOAlifeFA"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6cfcea88dcb03762-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
traffic_in.php
youspacko.com/com/ Frame F161 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://youspacko.com/com/traffic_in.php?site=4&bh=728x90&
Requested by
Host: youspacko.com
URL: https://youspacko.com/com/ad_frm.php?//youspacko.com/com/traffic_in.php?site=4&bh=728x90&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:cc1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe9d31d4363f2d7de582e8b86206fbf1e3f16c886f0de92418b8c051f4cf4171

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 19 Jan 2022 03:18:30 GMT
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
expires
-1
cache-control
no-cache
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dcvxq42XRFbt5JODgBjqkyQBZ3RYOvQ76kG8kZ7mTQ869eqM2iMWR0Op%2BOt3Vr5CFy5Cpu9ap5I3VCHbk%2Bq%2FOy6DlviOCUSV8OkSgA7vC2B5ES86zc5ARyPB9x6dFlaUo6myUDWUDO3wP2Qr"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6cfcea89ed7f3762-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
adf.php
youspacko.com/com/ Frame 1DDE
Redirect Chain
  • https://youspacko.com/com/traffic_out.php?id=&bh=728x90&ori=y
  • https://youspacko.com/com/adf.php?https://youspacko.com/com/rotban.php?bh=728x90&cb=
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://youspacko.com/com/adf.php?https://youspacko.com/com/rotban.php?bh=728x90&cb=
Requested by
Host: youspacko.com
URL: https://youspacko.com/com/traffic_in.php?site=4&bh=728x90&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:cc1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba884bf93aefa5b4f98af61afebd836df669191b2f56778580a0ef0b5908cde6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 19 Jan 2022 03:18:30 GMT
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jbp7u8dKAp5Y7a8Nwzsrs7lR4XRVVSPyB%2B0caYB8SUydIuRVd4qFUSUpgnJ7TC1C5LnCGxp6W1CuPK5RyYTqtyziqJicOFnVV4lGzVhLJQf9Z96REzks9SttRano4Xzcd3lI62pyZxEwNplu"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6cfcea8ade2e3762-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Wed, 19 Jan 2022 03:18:30 GMT
content-type
text/html; charset=UTF-8
location
https://youspacko.com/com/adf.php?https://youspacko.com/com/rotban.php?bh=728x90&cb=
expires
Sat, 30 Nov 1985 05:00:00 GMT
cache-control
no-cache
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m2dat%2FJ1kyJk9yrEqXhLDMhZdZSVvLsrX5TvkEOrtAcUUnvp4cUJAfmI6eVJpNGXRiH14jcQ4WP89sa4f%2BxMCEGlLXzUPrTYlrIA2BYaftz%2BsfcM0cMqvUVIGghPkgpz3DfqXg43qWdC9VmF"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6cfcea8a6ddd3762-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
adf.php
youspacko.com/com/ Frame 6805 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://youspacko.com/com/adf.php?https://youspacko.com/com/rotban.php?bh=728x90&cb=&aa0
Requested by
Host: youspacko.com
URL: https://youspacko.com/com/adf.php?https://youspacko.com/com/rotban.php?bh=728x90&cb=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:cc1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb9a665c3fabd2696767b180ee7ab59a386d3fe59e29f3699720600900498a6a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 19 Jan 2022 03:18:31 GMT
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xtxBPlrCXJGgizKWS6bJwIYz%2FZxiIlZY5aIBga%2BZB2QfUQO3myLsLMFE60tRRE5duqy%2BFFGVbImSKWQ2r6XojbCDP7cP7zoT%2BbvsXBxpcDbtjVZxCpn%2BQXL6%2BzKST7XRrC5TQ%2FiUXM%2FbXwy9"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6cfcea8c0efd3762-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rotban.php
youspacko.com/com/ Frame 9BC9 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://youspacko.com/com/rotban.php?bh=728x90&cb=
Requested by
Host: youspacko.com
URL: https://youspacko.com/com/adf.php?https://youspacko.com/com/rotban.php?bh=728x90&cb=&aa0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:cc1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b602190c5b08b156ec5cc3b755218041957bc644ee84099a14220833690b6ca9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 19 Jan 2022 03:18:31 GMT
content-type
text/html; charset=UTF-8
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sGQwCuU3Zsm1v1RH2H%2BivPd%2F8b1WeMZo34teOelb%2BJ3FsMJg2o%2F7mr%2FgtMAkW9Uu8lx4Q9FsYJqagi2QND1zr2qJViFa%2Fobg924LK%2BHCJogxbQfelFMl300V43oeXSJJEeC6KrdEs%2FRAcHlJ"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6cfcea8d3fc53762-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cc.html
youspacko.com/ Frame 8801 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://youspacko.com/cc.html
Requested by
Host: youspacko.com
URL: https://youspacko.com/com/rotban.php?bh=728x90&cb=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:cc1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e8cb2d36a4b4f20480bd20862543aac32f8aa7919849f73a9f4e6bddaf8bc2f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 19 Jan 2022 03:18:31 GMT
content-type
text/html
last-modified
Wed, 14 Apr 2021 07:54:05 GMT
cache-control
max-age=2678400
cf-cache-status
HIT
age
1561
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RS%2BZs1IwiLVfgEJ7H8vmMc6LP7tjyQ2v0JtY32vJKZyzjq%2FglIDmkxh0gHzospjbgcYlYqR6Ja2yRPdAsZetZd7K0JKGG63mSaRAncgoFALRGtl0sjqibsOPrv%2Ffzi9O6Y%2F%2B6GBT5wqIPZ%2FN"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6cfcea8db80c3762-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
empty.html
youspacko.com/ Frame 8801 		242 B
672 B 		Document
General
Check archive.org
Download Go to
Full URL
https://youspacko.com/empty.html
Requested by
Host: youspacko.com
URL: https://youspacko.com/cc.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:cc1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b579c6b712a79e62c47310400d0e3a56176ab45a180fc14325d1988b5f78e10

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 19 Jan 2022 03:18:31 GMT
content-type
text/html
last-modified
Wed, 20 Jan 2021 11:06:20 GMT
cache-control
max-age=2678400
cf-cache-status
HIT
age
1515
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GPXGIEQvPecXsDw%2BWV8dIR%2BlAA5pZeQ5LQQmRU%2BFz32VZxvA4F0x31bUxROp5VqG7AphhNIBbO83ZXevKOYv8iBbrQzseFrpR5v1gmZWXWubxnP8BoaZya8irgA2j9tvTYht7jIV8LLyabVe"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6cfcea8de82b3762-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
xlayer.php
buxflow.com/ads/ Frame B053 		890 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buxflow.com/ads/xlayer.php
Requested by
Host: buxflow.com
URL: https://buxflow.com/xref.php?ref=ok&i=.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.77.220 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3139230264496e7d34fdaa814fa9222cc7c02d8b58ab2f304b36ae9e6b8c079

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 19 Jan 2022 03:18:31 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 19 Jan 2022 03.18:31 GMT
cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J9JH0nMK2crEz8FmVeyAvE4y0004X4r9m%2FN8w4RVsGQ2TlkN80wZMvREcIJBdZexEcZT%2BA9%2BGCFxt2OyeG5j1DxucrtDbGWAPIMjHG99cln0tphPzX9JzBBnGt9wWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6cfcea90ebff5018-WAW
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
afbw_728x90.html
www.buxflow.com/ads/728x90/ Frame BBE3 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.buxflow.com/ads/728x90/afbw_728x90.html
Requested by
Host: buxflow.com
URL: https://buxflow.com/ads/xlayer.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.77.220 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9bf12890106713ebb7efebb73a263a0d5e3c5afbec1a15a01c02b77bb9ca17a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 19 Jan 2022 03:18:31 GMT
content-type
text/html
last-modified
Thu, 15 Oct 2020 14:16:20 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UXX9WHVRuIZiBv5huP0jNHXAdJbwDkNHqVcR6HwXXWgsrS4Pycoey%2Br84TnBGj1Y2J3Gfb5%2FZArfAu5h%2Fqz%2FCv%2B1p%2BugqJUDpeY3VAkH8QSTURAEzFtxEWg2guPQgD8K4Xk%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6cfcea919f155049-WAW
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
base64.js
www.buxflow.com/ads/ Frame BBE3 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.buxflow.com/ads/base64.js
Requested by
Host: www.buxflow.com
URL: https://www.buxflow.com/ads/728x90/afbw_728x90.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.77.220 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7047df55df765a67a20d88f17a40b26fee4cf39b8d628f803abf9e2ce969ee94

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 03:18:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 18 Feb 2015 19:23:43 GMT
server
cloudflare
etag
W/"54e4e6bf-66d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PzpJ2FyS9E1sr2wjt%2BJi2ARSaem%2FqDhXF9yyV6IplLkrHTE5gSOLiwqLI00cv14ayc0oPlf6mn7UND%2FZ84hXZlac9uwPgVrXMXp7HE4kl5WmGe3GPZ3MpnZA61IC%2BzunKYM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6cfcea922ce85018-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rot_ads.js
www.buxflow.com/ads/ Frame BBE3 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.buxflow.com/ads/rot_ads.js
Requested by
Host: www.buxflow.com
URL: https://www.buxflow.com/ads/728x90/afbw_728x90.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.77.220 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40f2ec992b0ac490f161951192d8ad95e4d8cdbde864839ed1e4121be979977c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 03:18:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Fri, 14 Aug 2015 09:23:54 GMT
server
cloudflare
etag
W/"55cdb3aa-12c8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9fZvBIN%2BFy6UGnzrbOSJI5X5IYVA5d4hBFV9%2F4m%2BnSceDR5vLqd66lnsbNPO6qdS3ksvWE97BYpJGYqa3TNAqpixoGiiykfXhRYfJir6hGCYxrljNn3v45rNhKtFDYdCL2c%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6cfcea922cea5018-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
empty.html
www.buxflow.com/ Frame BBE3 		0
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.buxflow.com/empty.html
Requested by
Host: www.xup.in
URL: https://www.xup.in/dl,16488336/wow_unsig%2812340%29.zip/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.77.220 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 03:18:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 10 Jun 2015 11:34:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2FPuJIK9Pe1m7YG2JCWfgxiDoWG0rwJ7aLQGvdU%2FxhWjQDRuoWKmZMbuspSx7it4iNoRU79wSk8AU6hYFPv8DISgpeBg2nituvaRBzFAPk%2BH%2BJZxE7ezedz1VcbLwlf3cg8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cf-ray
6cfcea937def5018-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
empty.html
www.buxflow.com/ Frame BBE3 		0
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.buxflow.com/empty.html
Requested by
Host: www.xup.in
URL: https://www.xup.in/dl,16488336/wow_unsig%2812340%29.zip/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.77.220 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 03:18:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 10 Jun 2015 11:34:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rTeb4lvF4pQNB32yKImOa0OYTM5Up5GoojQyShiaG8pY8uwO5JnmZcbDWoEWv3NLjxkwjZYOYoJ%2BpW5MFBglJXdcAAwjIhXjpm8wmL6qnSmbVHPucnIvAcz4Wx2yoUg0ifM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cf-ray
6cfcea941e6f5018-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
empty.html
www.buxflow.com/ Frame BBE3 		0
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.buxflow.com/empty.html
Requested by
Host: www.xup.in
URL: https://www.xup.in/dl,16488336/wow_unsig%2812340%29.zip/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.77.220 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 03:18:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 10 Jun 2015 11:34:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qy%2F%2BjM9tsbwMkQc5BXAawcYv0Kk%2F829GDUTMhwpTgkoXzzKO%2BzP6aImepFwqFA4989UW4YpjbguXJVj0nLHuIn3QWul3lAluQfVOgPBJAj640iDjv6B4JmWqFpheOWHPzU0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cf-ray
6cfcea94bee75018-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ad.php
www.buxflow.com/ Frame 909F 		930 B
977 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.buxflow.com/ad.php?https://www.buxflow.com/ads/728x90/af14_728x90.html
Requested by
Host: www.xup.in
URL: https://www.xup.in/dl,16488336/wow_unsig%2812340%29.zip/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.77.220 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2081d07967bc16bbdc7089b0a30cdf44b91fe122fe7cbc9e0d6720ea909d0003

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 19 Jan 2022 03:18:34 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
referrer-policy
origin
last-modified
Wed, 19 Jan 2022 03.18:34 GMT
cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2FLKC09Tf5mF4GRzkV77YZXo8CobzjWEHgL%2BynIx7NHQ5WwxNfC6ui1W6%2F%2BJLmIvd92eVKN2obp3DcYfYsWTOz%2FBjjmIEn3jP4SKr4mlipMvxmdtDSw8LW58lUBH6ROVAoM%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6cfcea9effac5018-WAW
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
af14_728x90.html
www.buxflow.com/ads/728x90/ Frame 909F 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.buxflow.com/ads/728x90/af14_728x90.html
Requested by
Host: www.buxflow.com
URL: https://www.buxflow.com/ad.php?https://www.buxflow.com/ads/728x90/af14_728x90.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.77.220 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e8e2410d1492bd4a50af18a6b8a56f79f96dab8a5df776d029e4f6afd64d453

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 19 Jan 2022 03:18:34 GMT
content-type
text/html
last-modified
Thu, 15 Oct 2020 14:16:21 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RV91QXd9FdnfODU2pE%2ByTOdyAgrpBfM4cMhMQuKLv19yOOnwf6GCLSQ9K%2FGIF4XT0rZQ521mT5U828LJntctEE9G7iiZ9JZD%2BUcgntbd6o7C%2FhDAiSpt7OeS6ZHWdX%2FIp%2BM%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6cfcea9f58195018-WAW
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sportsbook
promo.bwin.de/de/promo/offers/p/ Frame 909F 		0
0
sportsbook
promo.bwin.de/de/promo/offers/p/ Frame 909F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://promo.bwin.de/de/promo/offers/p/sportsbook?wm=5060652&param=pop&sb=1
Requested by
Host: www.buxflow.com
URL: https://www.buxflow.com/ads/728x90/af14_728x90.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.9.225 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src *
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 19 Jan 2022 03:18:34 GMT
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
expires
-1
vary
Accept-Encoding
content-security-policy
frame-src *
strict-transport-security
max-age=2592000
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
server-timing
vanilla;dur=118.5487
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6cfceaa04a6535e3-MAN
content-encoding
br

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
promo.bwin.de
URL
https://promo.bwin.de/de/promo/offers/p/sportsbook?wm=5060652&param=pop&sb=1

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 function| bbb string| zdec number| imageMaxWidth number| imageMaxHeight function| chkdl function| resizeImages function| isLinked object| addthis_config function| ReinitializeAddThis number| ab function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto object| d number| b string| altsrc object| se object| pe object| ifx boolean| __@@##MUH

4 Cookies

Domain/Path Name / Value
.youspacko.com/ Name: u
Value: 1642562309
.youspacko.com/ Name: uu
Value: 1642562310
.buxflow.com/ Name: pixel
Value: gx%2C
.bwin.de/ Name: __cf_bm
Value: UQ76O1pBNPfnAzEnkYW5uvziE.y27KqNxe2_HgV5asI-1642562314-0-AZxInBfU4kK43K9OwWaLr3Kvd0wBpxR1jSug4v90u7GAvRUngec0qk6LhzSb4llaxEDhPDOmm26tXhgckFwLv4E=

3 Console Messages

Source Level URL
Text
javascript warning URL: https://www.xup.in/dl,16488336/wow_unsig%2812340%29.zip/
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://s7.addthis.com/js/300/addthis_widget.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.xup.in/dl,16488336/wow_unsig%2812340%29.zip/
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://s7.addthis.com/js/300/addthis_widget.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://promo.bwin.de/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

buxflow.com
promo.bwin.de
s7.addthis.com
static.xx.fbcdn.net
www.buxflow.com
www.facebook.com
www.fastcounter.de
www.xup.in
www1.xup.in
youspacko.com
z.moatads.com
promo.bwin.de
104.18.9.225
104.21.77.220
158.69.54.123
2.21.140.111
2606:4700:3033::ac43:cc1f
2606:4700:3035::6815:d9c
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
88.221.18.213
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0bff524756ffc9d2a3820fa60c95fc26815c41b0385010bc938264b27e28f9c9
2081d07967bc16bbdc7089b0a30cdf44b91fe122fe7cbc9e0d6720ea909d0003
21760482a0bb96433753e584381b91b20086e98bcd0d5b36ded13c8266184fca
2515fa27673a2afd74cedd227aa38fc797a4803c8822c01adfe336080d2abc0d
3536a3e61b6d9aef57e1418f037cf643a5261d63967d23256acd6afc8862fd24
39230870ef6d4872916604b2b0411cef4d831f5d5669e4a7347bd9165774c0e7
40cb71c543a67d79aaa9f3e4e4fc26c666a6d78d9a59061ebbae725d76d9d219
40f2ec992b0ac490f161951192d8ad95e4d8cdbde864839ed1e4121be979977c
4cb4dd32f19bebfa656eb732d16c68309b36f86a0eab2827ac74405d360af198
4e0d9ec01266aa92d5d9669b9d4bbeaea45846390e6633d73099d9f249b2537d
4ebe7d85949a704c30a6d72dde1d79c04100d4857d95215b88e1d4af1a94b624
506e0cd8bac817943ec0e63474113e3583944c67af26e4565c1d7dccc682e8f7
5b579c6b712a79e62c47310400d0e3a56176ab45a180fc14325d1988b5f78e10
5b923640399827232ef42271dc6b28c88ff5496d06a875e64baf40686cfa1ad1
5e8cb2d36a4b4f20480bd20862543aac32f8aa7919849f73a9f4e6bddaf8bc2f
5e8e2410d1492bd4a50af18a6b8a56f79f96dab8a5df776d029e4f6afd64d453
7047df55df765a67a20d88f17a40b26fee4cf39b8d628f803abf9e2ce969ee94
8af188405122318b87aa4dd730aba4c016714d7b5b8f3b8e648fbb1efb564937
8f4de1471153058896169f3eefbc070e1f325a4fa6aa6f1d398f41f7e3780332
98509fb4f226d1389eb15592f1fbba11d239b583c9fdaeff428608745bad2de8
a6b0cc672b3a621aa7b6bb994dc996e69e49d21bb40eaecee045ead36e1e19c4
a906cba8d96e2f521e91461fccc0f35a3b52cb0f0ee35cf0abdd8b2df349a4c0
ae9c8954bbfc64cf291fea95c5674fb9113faa2a00d8e2697fa565957371e146
b602190c5b08b156ec5cc3b755218041957bc644ee84099a14220833690b6ca9
ba884bf93aefa5b4f98af61afebd836df669191b2f56778580a0ef0b5908cde6
bb5b424f0629329b17fa0ded54e58764e3eb9f7672cbd290edc0ca7653c52edb
cee0249c5f9b16ef62ed1988fe8a79a09aed3f5dca11ac2cc8bee77779bce496
cfc354496e02beb2e4f1c003ab57e106f1e84a5654faec4c29128975f5fb31d3
d3139230264496e7d34fdaa814fa9222cc7c02d8b58ab2f304b36ae9e6b8c079
d9bf12890106713ebb7efebb73a263a0d5e3c5afbec1a15a01c02b77bb9ca17a
de75f1e86872b187f45924e459d485986bdffd2ad021111e218a862cd2c48a53
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb9a665c3fabd2696767b180ee7ab59a386d3fe59e29f3699720600900498a6a
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
fe9d31d4363f2d7de582e8b86206fbf1e3f16c886f0de92418b8c051f4cf4171
ff662e8c48d09f29ea4008a8af37ad17b1c953851c2b2cf335d83dc1905f1081