www.up-4ever.net Open in urlscan Pro
172.67.216.188 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.up-4ever.net/fcuh2jmegikb
Submission: On October 11 via manual (October 11th 2024, 6:14:10 am UTC) from IN — Scanned from CA

Summary HTTP 81 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 20 IPs in 2 countries across 13 domains to perform 81 HTTP transactions. The main IP is 172.67.216.188, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.up-4ever.net. The Cisco Umbrella rank of the primary domain is 993282.
TLS certificate: Issued by WE1 on August 16th 2024. Valid for: 3 months.

This is the only time www.up-4ever.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
27	172.67.216.188 172.67.216.188	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	209.85.144.154 209.85.144.154	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c03::61	15169 (GOOGLE) (GOOGLE)
1	173.0.146.108 173.0.146.108	7979 (SERVERS-COM) (SERVERS-COM)
1	2600:9000:251... 2600:9000:2514:f200:15:c03c:5ec0:21	16509 (AMAZON-02) (AMAZON-02)
1	172.240.127.234 172.240.127.234	7979 (SERVERS-COM) (SERVERS-COM)
4	104.21.68.94 104.21.68.94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	108.156.107.128 108.156.107.128	16509 (AMAZON-02) (AMAZON-02)
4	104.21.66.110 104.21.66.110	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:38::181	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c0d::9b	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c02::9c	15169 (GOOGLE) (GOOGLE)
1	209.85.232.94 209.85.232.94	15169 (GOOGLE) (GOOGLE)
7	173.194.205.156 173.194.205.156	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:400d:c03::8b	15169 (GOOGLE) (GOOGLE)
10	209.85.201.100 209.85.201.100	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c0d::84	15169 (GOOGLE) (GOOGLE)
1	209.85.232.132 209.85.232.132	15169 (GOOGLE) (GOOGLE)
1	173.194.68.105 173.194.68.105	15169 (GOOGLE) (GOOGLE)
81	20

27 172.67.216.188 (United States)

ASN13335 (CLOUDFLARENET, US)

www.up-4ever.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 209.85.144.154 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: qv-in-f154.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c03::61 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.0.146.108 (United States)

ASN7979 (SERVERS-COM, US)

om.avocetriches.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2514:f200:15:c03c:5ec0:21 (United States)

ASN16509 (AMAZON-02, US)

dof9zd9l290mz.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.240.127.234 (United States)

ASN7979 (SERVERS-COM, US)

mingleassertiveregard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.21.68.94 (None, )

ASN13335 (CLOUDFLARENET, US)

ukankingwithea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.156.107.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-107-128.ord56.r.cloudfront.net

osadooffinegold.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.21.66.110 (None, )

ASN13335 (CLOUDFLARENET, US)

mileesidesukbein.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:38::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c0d::9b (Morganton, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c02::9c (Morganton, United States)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.85.232.94 (United States)

ASN15169 (GOOGLE, US)
PTR: qt-in-f94.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 173.194.205.156 (United States)

ASN15169 (GOOGLE, US)
PTR: qm-in-f156.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c03::8b (Morganton, United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 209.85.201.100 (United States)

ASN15169 (GOOGLE, US)
PTR: qu-in-f100.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c0d::84 (Morganton, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.85.232.132 (United States)

ASN15169 (GOOGLE, US)
PTR: qt-in-f132.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.68.105 (United States)

ASN15169 (GOOGLE, US)
PTR: qr-in-f105.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	up-4ever.net www.up-4ever.net — Cisco Umbrella Rank: 993282	720 KB
14	google.com accounts.google.com — Cisco Umbrella Rank: 18 Failed analytics.google.com — Cisco Umbrella Rank: 147 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 682 www.google.com — Cisco Umbrella Rank: 3	75 KB
12	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116 tpc.googlesyndication.com — Cisco Umbrella Rank: 163	352 KB
9	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 136 td.doubleclick.net — Cisco Umbrella Rank: 192 googleads.g.doubleclick.net — Cisco Umbrella Rank: 42	555 B
4	mileesidesukbein.com mileesidesukbein.com	2 KB
4	ukankingwithea.com ukankingwithea.com — Cisco Umbrella Rank: 28492	202 KB
2	osadooffinegold.com osadooffinegold.com
1	google.ca www.google.ca — Cisco Umbrella Rank: 12143	63 B
1	mingleassertiveregard.com mingleassertiveregard.com
1	cloudfront.net dof9zd9l290mz.cloudfront.net	100 KB
1	avocetriches.com om.avocetriches.com — Cisco Umbrella Rank: 195775	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	100 KB
0	facebook.com Failed www.facebook.com Failed
81	13

	Domain	Requested by
27	www.up-4ever.net	www.up-4ever.net
12	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
10	pagead2.googlesyndication.com	www.up-4ever.net pagead2.googlesyndication.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com
4	mileesidesukbein.com	www.up-4ever.net
4	ukankingwithea.com	dof9zd9l290mz.cloudfront.net
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	osadooffinegold.com	dof9zd9l290mz.cloudfront.net
1	www.google.com	tpc.googlesyndication.com
1	www.google.ca	www.up-4ever.net
1	td.doubleclick.net	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	mingleassertiveregard.com	www.up-4ever.net
1	dof9zd9l290mz.cloudfront.net	www.up-4ever.net
1	om.avocetriches.com	www.up-4ever.net
1	www.googletagmanager.com	www.up-4ever.net
0	accounts.google.com Failed	www.up-4ever.net
0	www.facebook.com Failed	www.up-4ever.net
81	19

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com

Subject Issuer	Validity	Valid
up-4ever.net WE1	`2024-08-16` - `2024-11-14`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.google-analytics.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
om.avocetriches.com R10	`2024-08-30` - `2024-11-28`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
mingleassertiveregard.com R11	`2024-09-16` - `2024-12-15`	3 months	crt.sh
ukankingwithea.com WE1	`2024-09-05` - `2024-12-04`	3 months	crt.sh
osadooffinegold.com Amazon RSA 2048 M02	`2024-08-19` - `2025-09-17`	a year	crt.sh
mileesidesukbein.com WE1	`2024-09-06` - `2024-12-05`	3 months	crt.sh
*.google.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.doubleclick.net WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.google.ca WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://www.up-4ever.net/fcuh2jmegikb
Frame ID: F4298DBAFA69ADCB6296A647EE326EF9
Requests: 69 HTTP requests in this frame

Frame: https://osadooffinegold.com/MHdWcVZRFTUcaVFKNFcjQhtrVGR2UmQ3Ml8RbwsyCRtkSGZdDXgSOl8CMhckXxkiXzhVA3NDEHstAiM4YSBuNgFHHDgkFHYTF0IuVSEHFTBTG2MkE1gULDIxfT0TNQ9pJGY0DlIxJTAHVz4sIAdEJRNDNXYxOgIcfSEfJhdkJjQ7IXYaGiMcejIDRRJWMhwiE1cEMTAHeT0HIgdyNTEdAWoAYjMAXAdnIgR2MhUyJmMxA0EAeyU5MgRyMiMzA341FB8hczQ9RRl8Jhs0E2YiHiY9QzIHHxhWIwMJAVMyJiYyWz0sKSFcExUlB2gmFysOfyEyJTcBWhBABFs2EScvcREQJzFzOTEeHmgAYkAFXBMvJDh6LgUGMmItEEAAeDYhARFHHw8gOH0EBzAMaDsHKBllIhwLDkc9BDMVXzYCMxBmFAcGGGIQMQIVWzYROA5yEw4zJmgVZ0gacjIcCw5ILQAwBXETEjMQZjVnAQFxRzoIAWU5FCY4cVE8AjleB2sCY2MtHhUEeiQ
Frame ID: BF4FDBEA58735828814BE134F1ACAB62
Requests: 1 HTTP requests in this frame

Frame: https://osadooffinegold.com/VFdFUG81NSY9UDVqJ3YaJjt4dV0ScncWCzsxfCoLbTt3aV85LWszAzsiITYdOzkxfgExI2BiKR8FdwUVAD0uOyw4ZyoSBRkaE2MiHTN0ESoxMHwnPmQafQgsEg4XFAMbNhcSKw0gdTkqZQ59FhY/FhdiBwAZBCALBDAUYyxlNDUHBiwPEwNWHREtHi0EFX0qJ2UzPxYnFhMdKVYMHgM3OR9mJjs4FR0qBywZHwE+ADIaPQYMHgYUYycREigELBUBFwMpAA4XEjw3ZhQ/J2U4LAY8DhYEAQgZNhMFODIWKSYnBR1gYikcHxQ+KTogDxsYLDMKYCk9ATJ9ImYWHRVZFg8qATY4NAEcXz9kBgY2YQ8GBSADPSozCwcaAjY+YScTNzkmFHY0IQMUHx4kMzwSNickPhMnIj0CBicuEjkyGiYVFRQaOQ4iFBEpcWUHBwZsDx0TITcOKTReMiAxdV0WBDIeCBcAKQYpOiAPHi4GAQlgHCEGBBUmEB8XAycMZxUJPRUYIydJPiQqPh9pJys0CDc8dzYOJQYzIh0
Frame ID: 07FA0083C6A7128DFDCAED9B72026F97
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-BH3KCF6H24&gacid=1465201339.1728627246&gtm=45je4a90v9132047618za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101529666~101671035~101686685&z=1008846725
Frame ID: 5181403141A8D4E4ABE00FCDD581C488
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241009/r20190131/zrt_lookup_fy2021.html
Frame ID: CF3F391719B095DF6D08D0D44D85730E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6001787570359789&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1728627246&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fwww.up-4ever.net%2Ffcuh2jmegikb&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiict=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1728627246164&bpp=5&bdt=571&idt=253&shv=r20241009&mjsv=m202410090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=1679950235852&frm=20&pv=2&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C42532523%2C44795922%2C95331687%2C95342016%2C95343454%2C95344778%2C31087977&oid=2&pvsid=499346494065092&tmod=1341054876&uas=0&nvt=1&fsapi=1&fc=1920&brdim=110%2C110%2C110%2C110%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=281
Frame ID: 2F8EBA9CD89833D13AA493B29BD10761
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6001787570359789&output=html&h=280&slotname=7333511488&adk=502614684&adf=1758048334&pi=t.ma~as.7333511488&w=1110&abgtt=6&fwrn=4&fwrnh=100&lmt=1728627246&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.up-4ever.net%2Ffcuh2jmegikb&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1728627246169&bpp=2&bdt=576&idt=292&shv=r20241009&mjsv=m202410090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=1679950235852&frm=20&pv=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=197&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C42532523%2C44795922%2C95331687%2C95342016%2C95343454%2C95344778%2C31087977&oid=2&pvsid=499346494065092&tmod=1341054876&uas=0&nvt=1&fc=1920&brdim=110%2C110%2C110%2C110%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=301
Frame ID: A120BDCA3BEB64A90579E61FF3671557
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6001787570359789&output=html&h=280&slotname=7333511488&adk=507415228&adf=3321263041&pi=t.ma~as.7333511488&w=350&abgtt=6&fwrn=4&fwrnh=100&lmt=1728627246&rafmt=1&format=350x280&url=https%3A%2F%2Fwww.up-4ever.net%2Ffcuh2jmegikb&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1728627246171&bpp=1&bdt=578&idt=310&shv=r20241009&mjsv=m202410090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=1679950235852&frm=20&pv=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=746&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C42532523%2C44795922%2C95331687%2C95342016%2C95343454%2C95344778%2C31087977&oid=2&pvsid=499346494065092&tmod=1341054876&uas=0&nvt=1&fc=1920&brdim=110%2C110%2C110%2C110%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&fsb=1&dtd=313
Frame ID: F4D087936F2C1DAD9073B2D63B0572E6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6001787570359789&output=html&h=280&slotname=7333511488&adk=507415228&adf=4259672823&pi=t.ma~as.7333511488&w=350&abgtt=6&fwrn=4&fwrnh=100&lmt=1728627246&rafmt=1&format=350x280&url=https%3A%2F%2Fwww.up-4ever.net%2Ffcuh2jmegikb&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1728627246172&bpp=1&bdt=578&idt=323&shv=r20241009&mjsv=m202410090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C1110x280%2C350x280&nras=1&correlator=1679950235852&frm=20&pv=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=746&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C42532523%2C44795922%2C95331687%2C95342016%2C95343454%2C95344778%2C31087977&oid=2&pvsid=499346494065092&tmod=1341054876&uas=0&nvt=1&fc=1920&brdim=110%2C110%2C110%2C110%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=4&uci=a!4&fsb=1&dtd=327
Frame ID: 4DEA9EA4D0E7B797226F8CB9CC327678
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241009/r20190131/zrt_lookup_fy2021.html
Frame ID: DA68250E483C18931E799A05CC09A20F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241009/r20190131/zrt_lookup_fy2021.html
Frame ID: 63D487A1BAE99D2EDE47194B844466F2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html
Frame ID: 1BD239452BA7C0BF1A3967CC45DF4CA8
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D86D99386DBCF051C990D3AFCEFEFAA0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Download f2f2f2f2f2f22f2f2f2f2f torrent

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

81
Requests

95 %
HTTPS

37 %
IPv6

13
Domains

19
Subdomains

20
IPs

2
Countries

1553 kB
Transfer

3816 kB
Size

52
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/upload4ever

Search URL Search Domain Scan URL

URL: https://twitter.com/ComUp4ever

Search URL Search Domain Scan URL

URL: https://www.instagram.com/up_4ever_/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/up4ever

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ARpgrqd-3vl_q-3APQpoKtZJtGLoOmsDrLWK2Qv6auYyHy1l2es1uOUWwaQArEiEXs-ufu_ikVnc HTTP 302
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ARpgrqczjnjEdM5yI-3hhvwl1l9OnnCYcif8N8ohK2-refIpCAyhmVnf8yzpRG5bBjsnCde-YDM87A&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S521214869%3A1728627246303524&ddm=0

Request Chain 37

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ARpgrqetRLdJE9IQqGwciXfDe9bMRmwWrI_Lcdb9fCqpWRNQpGO_9kzybAdvJqk_De6IKIP59Nhf HTTP 302
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ARpgrqdtTUWQKbpON9B2-hQwbVhf8-TcectVnjT9HYgOVQ5DwY2uPnTcs7WGfVO3EyD59LlDFWZY9A&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S505488728%3A1728627246269012&ddm=0

81 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request fcuh2jmegikb Show response
www.up-4ever.net/ 16 KB
5 KB 343ms
254ms Document
text/html 172.67.216.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.up-4ever.net/fcuh2jmegikb

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.216.188 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

618251f1550c35003cf13548405c31e6ca81c9565ad12251b9465625a7926282

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;includeSubDomains;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8d0cb53b6a0139ea-YYZ
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Fri, 11 Oct 2024 06:14:05 GMT
expires: Thu, 10 Oct 2024 06:14:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yU6Npwmflk9%2FkwSE%2F6o%2FUA778MeZmS3YVDE8CQa92GfHTQHLT6yNu632MXUE9E0kv2gL53gZfoOSCtJEpkmjoOEsEa6gWy26dalnFinSLnPD9Q7qyqWpAW%2F5fKqIwG4xEErA"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
strict-transport-security: max-age=0;includeSubDomains;

GET
H3 200 speculation
www.up-4ever.net/cdn-cgi/ 128 B
557 B 31ms
30ms Other
application/speculationrules+json 172.67.216.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.up-4ever.net/cdn-cgi/speculation
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.up-4ever.net
Referer: https://www.up-4ever.net/fcuh2jmegikb

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q9fZcIWnOnd3PPeKbygCI0BFr3WHApxyy1LBe9qgdM3WdD%2BP7EWllzI0MZQYMc3DKOKo2Ew3gIbhNhveIKZCyU%2F6Nm4alFLKjbFnRW2eTpsf4D%2BztDVSTO1eeHg50ggPzgxA"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d0cb53d0b2539ea-YYZ
access-control-allow-origin: https://www.up-4ever.net
alt-svc: h3=":443"; ma=86400
content-length: 128
date: Fri, 11 Oct 2024 06:14:05 GMT
content-type: application/speculationrules+json
vary: Origin, Accept-Encoding
server: cloudflare

GET
H3 200 all.css
www.up-4ever.net/assets/packages/fontawesome/css/ 63 KB
14 KB 33ms
32ms Stylesheet
text/css 172.67.216.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.up-4ever.net/assets/packages/fontawesome/css/all.css
Requested by: Host: www.up-4ever.net
URL: https://www.up-4ever.net/fcuh2jmegikb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99c53397eb2217df916d67abfb55ed71b9db9d9b80d0ffa7813efe1c932bc91f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-4ever.net/fcuh2jmegikb

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-bgj: minify
cf-cache-status: HIT
age: 2991
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IXrivcdmRFIALGJs0qfakASQxoi1dsiy2yrBPz6jd4ikoAYAD4%2FGU%2BIgkxdi5GBq7Fh9haIoZ8T7A5%2FIoxCmc8pSVHpFXTk48KwQeEdG0sMoFE6pqIE1E4jRVG2PQYkDge0e"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d0cb53d0b2939ea-YYZ
cf-polished: origSize=64831
alt-svc: h3=":443"; ma=86400
date: Fri, 11 Oct 2024 06:14:05 GMT
content-type: text/css
last-modified: Thu, 23 May 2019 00:36:20 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 bootstrap.min.css
www.up-4ever.net/assets/css/ 138 KB
23 KB 56ms
52ms Stylesheet
text/css 172.67.216.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.up-4ever.net/assets/css/bootstrap.min.css?ver=20
Requested by: Host: www.up-4ever.net
URL: https://www.up-4ever.net/fcuh2jmegikb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9adb52c42b2966ed05d4e7eda2695e67285e19546bccfd14eae3c77ad760d5a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-4ever.net/fcuh2jmegikb

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: HIT
age: 2991
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=efgPJuJ0e%2Bc3CoLODmWzlkcdAqDMv%2BJyRVwpk0JL2WRaAMd2RL6UbjspTy6KdcPNaQomviUHPZN1ilbcZc4UgxnP7Hbal3zZkc7Kb%2FCkCxeF%2FsW%2FvjAFvsTgNVGaPNiQzIzq"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d0cb53d1b2e39ea-YYZ
alt-svc: h3=":443"; ma=86400
date: Fri, 11 Oct 2024 06:14:05 GMT
content-type: text/css
last-modified: Thu, 23 May 2019 00:35:58 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 mdb.min.css
www.up-4ever.net/assets/css/ 521 KB
66 KB 55ms
53ms Stylesheet
text/css 172.67.216.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.up-4ever.net/assets/css/mdb.min.css?ver=25
Requested by: Host: www.up-4ever.net
URL: https://www.up-4ever.net/fcuh2jmegikb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d3e15995e3bcde2055bfc93d2523a0160d10386e9bf3a7c7ffc2b278ecb7c91

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-4ever.net/fcuh2jmegikb

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: HIT
age: 2991
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SPohRz21Q74P77bT%2BQn4%2BzxuuH%2Bda8daW0luLtwMgNxkMq6xnlqzhBe8g1XDdchktEID0drzwRMpFcBx5itac%2FtKY7q4eRht5XozO4z3G1ftA%2F2GMr%2B3M0VvD3ZDcXp1ClqI"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d0cb53d1b3039ea-YYZ
alt-svc: h3=":443"; ma=86400
date: Fri, 11 Oct 2024 06:14:05 GMT
content-type: text/css
last-modified: Tue, 23 Jun 2020 07:33:15 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 style.css
www.up-4ever.net/assets/css/ 6 KB
2 KB 55ms
53ms Stylesheet
text/css 172.67.216.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.up-4ever.net/assets/css/style.css?ver=34
Requested by: Host: www.up-4ever.net
URL: https://www.up-4ever.net/fcuh2jmegikb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 361956d1f211151543ff2f654ac6b7ce9fbe31b3eaa08832a693f5a18a8a6ad7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-4ever.net/fcuh2jmegikb

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-bgj: minify
cf-cache-status: HIT
age: 2991
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZsA%2F1C3ROh3igkoqmRhnvh8NQwx8TiH%2FC5XUTgl0xpPu3wfT%2BByJmXWOd%2BBu3C3mGMnSH2nto1BaKtPPJyoQr%2BWI80%2FUFaeoPMSs1sY1YCYv26p7TR570IbhapC%2FsRqBcmrE"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d0cb53d1b3239ea-YYZ
cf-polished: origSize=6769
alt-svc: h3=":443"; ma=86400
date: Fri, 11 Oct 2024 06:14:05 GMT
content-type: text/css
last-modified: Mon, 27 May 2019 05:05:41 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
52 KB 166ms
60ms Script
text/javascript 209.85.144.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6001787570359789

Requested by

Host: www.up-4ever.net
URL: https://www.up-4ever.net/fcuh2jmegikb

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.144.154 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f154.1e100.net

Software

cafe /

Resource Hash

32c5e19d84262f6e0dece31d753af2c26ee86cdc6caf5fbc063739fe0a65ede1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.up-4ever.net
Referer: https://www.up-4ever.net/

Response headers

content-encoding: br
etag: 16153565181393916486
x-content-type-options: nosniff
expires: Fri, 11 Oct 2024 06:14:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Fri, 11 Oct 2024 06:14:06 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 52982
x-xss-protection: 0
server: cafe

GET
H3 200 jquery-3.3.1.min.js Show response
www.up-4ever.net/assets/js/ 85 KB
32 KB 55ms
53ms Script
application/javascript 172.67.216.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.up-4ever.net/assets/js/jquery-3.3.1.min.js
Requested by: Host: www.up-4ever.net
URL: https://www.up-4ever.net/fcuh2jmegikb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-4ever.net/fcuh2jmegikb

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: HIT
age: 990
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gTUe4OvplLxXLWCsvOoGgHBmXZyoYjuHQe0ukQ9UGLg1c7c8PBOL1Js2k3lgsuPg3D0mihRWX8nCF6bvZmPGCcSat%2F5G6a8%2BByxPTaFkL%2BWYPOWEQNdlWFi2MRqQv9EpM3If"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d0cb53d1b3439ea-YYZ
alt-svc: h3=":443"; ma=86400
date: Fri, 11 Oct 2024 06:14:05 GMT
content-type: application/javascript
last-modified: Thu, 23 May 2019 00:36:01 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 287 KB
100 KB 130ms
51ms Script
application/javascript 2607:f8b0:400d:c03::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BH3KCF6H24

Requested by

Host: www.up-4ever.net
URL: https://www.up-4ever.net/fcuh2jmegikb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c03::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3900ede293bfb15a58e82ffcb1d73b4ec24157e36f5aed04e56d832fab57b03f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-4ever.net/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 11 Oct 2024 06:14:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 11 Oct 2024 06:14:06 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 102014
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 jquery.paging.js Show response
www.up-4ever.net/js/ 19 KB
5 KB 289ms
287ms Script
application/javascript 172.67.216.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.up-4ever.net/js/jquery.paging.js
Requested by: Host: www.up-4ever.net
URL: https://www.up-4ever.net/fcuh2jmegikb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8ecfe747c979fbd87624913200a9237343679923b495885bced089b80fc84f6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-4ever.net/fcuh2jmegikb

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: HIT
age: 990
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nFFfBXNu08HPiZFj0uNeCuluNXpcgm%2F%2FvKCYyvhTRhJKmHT%2FVUDr8Zg026h3dr%2BahAJxgGD7pQkyfcAwex9TmJVLlQjcpdhm%2B%2B6hAu41QerT%2Br4vWE%2Bhk%2BMHVTOo%2FIgFcmW3"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d0cb53d1b3639ea-YYZ
alt-svc: h3=":443"; ma=86400
date: Fri, 11 Oct 2024 06:14:05 GMT
content-type: application/javascript
last-modified: Thu, 23 May 2019 00:40:06 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 jquery.cookie.js Show response
www.up-4ever.net/js/ 3 KB
2 KB 306ms
304ms Script
application/javascript 172.67.216.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.up-4ever.net/js/jquery.cookie.js
Requested by: Host: www.up-4ever.net
URL: https://www.up-4ever.net/fcuh2jmegikb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4fb91befcf134b81ecfa1c586e1f9d6426c8f4fc1f6c130ac1fddb49ab5df96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-4ever.net/fcuh2jmegikb

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: HIT
age: 990
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SxQjKU36azx%2BkRZqjG00bfeaTD9PzWFxTTLjznPv%2FELbaR4DKLYjC%2BOgDc2evjzXYILJF4m9hjRx64tfwyfy7tw8oJ%2Bx92nE1zaFrnjlsBCJw7YEuBdbEmUoGqn2jj2Hvfb5"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d0cb53d1b3839ea-YYZ
alt-svc: h3=":443"; ma=86400
date: Fri, 11 Oct 2024 06:14:05 GMT
content-type: application/javascript
last-modified: Wed, 25 Nov 2020 04:27:31 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 paging.js Show response
www.up-4ever.net/js/ 2 KB
1 KB 310ms
308ms Script
application/javascript 172.67.216.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.up-4ever.net/js/paging.js?ver=8
Requested by: Host: www.up-4ever.net
URL: https://www.up-4ever.net/fcuh2jmegikb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20bc222f73096f80397fe7b936bf6c6ca21f77dc5eb9ae91244154a98a207a64

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-4ever.net/fcuh2jmegikb

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: HIT
age: 990
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=imppRNw3dCT8gBSfF51Gsbz%2Bc1thhcUnvQL5w134goPyZJunBUOsDRozuM4LQ8NJEi6wTbqacLMxLYmOZk08aVpNvoWRyb%2F%2Ftz7ACy%2ByrA8%2BZZt0yDtbJlXyCZsPdzoHJq%2Bh"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d0cb53d1b3a39ea-YYZ
alt-svc: h3=":443"; ma=86400
date: Fri, 11 Oct 2024 06:14:05 GMT
content-type: application/javascript
last-modified: Mon, 27 May 2019 03:32:02 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 logo.png
www.up-4ever.net/assets/image/ 4 KB
5 KB 310ms
308ms Image
image/png 172.67.216.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.up-4ever.net/assets/image/logo.png
Requested by: Host: www.up-4ever.net
URL: https://www.up-4ever.net/fcuh2jmegikb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9e78b0bfceeaad1dc5d2a5a1a8a08da46dc4164dd7f3303924741a675f8db79

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-4ever.net/fcuh2jmegikb

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 5394
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GGDBeC28tt9rmEZGCxdawLiwGo%2BzFeBMVN2MtUEi3fm1flfxPy7mxl0ii3V9bciR%2BtTUWx4Qqo%2FiPGZOidsITQMDILcTwK8%2FREVBFTHLgyQIbIwIidlFpNfsu42S46c1e84C"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d0cb53d1b3d39ea-YYZ
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 4569
date: Fri, 11 Oct 2024 06:14:05 GMT
content-type: image/png
last-modified: Thu, 23 May 2019 00:36:03 GMT
vary: Accept-Encoding
server: cloudflare

GET
H/1.1 200
OK vGVkM Show response
om.avocetriches.com/rqCiQRa2FDawEzoOq/ 0
1 KB 339ms
57ms Script
application/javascript 173.0.146.108
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://om.avocetriches.com/rqCiQRa2FDawEzoOq/vGVkM

Requested by

Host: www.up-4ever.net
URL: https://www.up-4ever.net/fcuh2jmegikb

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

173.0.146.108 , United States, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-4ever.net/

Response headers

Access-Control-Max-Age: 600
Content-Encoding: gzip
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Content-Type-Options: nosniff
Keep-Alive: timeout=20
Date: Fri, 11 Oct 2024 06:14:06 GMT
Content-Type: application/javascript; charset=utf-8
Vary: Accept-Encoding
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=1
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.up-4ever.net
Server: nginx

GET
H2 200 / Show response
dof9zd9l290mz.cloudfront.net/ 312 KB
100 KB 224ms
108ms Script
text/plain 2600:9000:2514:f200:15:c03c:5ec0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dof9zd9l290mz.cloudfront.net/?dzfod=1038311
Requested by: Host: www.up-4ever.net
URL: https://www.up-4ever.net/fcuh2jmegikb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2514:f200:15:c03c:5ec0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7562baefa798b5a47f3af8589529dccee091f4e40f13edc1b014f1776ef57c33

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-4ever.net/

Response headers

cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
via: 1.1 67d3f8867c3d6540e7495f9026c9c57a.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 102202
x-amz-cf-id: UHy8N3hb2THv87_mQxH5kIGcU64Ayxnqx3xhoaxTSqdxtcUCZU_qnA==
date: Fri, 11 Oct 2024 06:14:05 GMT
x-amz-cf-pop: JFK50-P8

GET
H/1.1 403
Forbidden 3a4d714cbee4782ae5a10295f716c3d4.js
mingleassertiveregard.com/3a/4d/71/ 0
0 177ms
33ms Script
application/javascript 172.240.127.234
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://mingleassertiveregard.com/3a/4d/71/3a4d714cbee4782ae5a10295f716c3d4.js
Requested by: Host: www.up-4ever.net
URL: https://www.up-4ever.net/fcuh2jmegikb
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.240.127.234 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-4ever.net/

Response headers

Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date: Fri, 11 Oct 2024 06:14:06 GMT
Content-Type: application/javascript
Host: mingleassertiveregard.com
Server: nginx/1.21.6

GET
H3 200 popper.min.js Show response
www.up-4ever.net/assets/js/ 20 KB
8 KB 37ms
33ms Script
application/javascript 172.67.216.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.up-4ever.net/assets/js/popper.min.js?ver=10
Requested by: Host: www.up-4ever.net
URL: https://www.up-4ever.net/fcuh2jmegikb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58cb6a78afc204b7165e947c965cbce6296ee0e587fbab3e12c0d2b6378e9004

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-4ever.net/fcuh2jmegikb

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: HIT
age: 986
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X9P1QZSWhx8ZQM%2F7FfoG5IQ%2F2NJ3IiS2m4Yy3UPnW0JZ04EIdUjBZjtIM34Hj5qqhlQ8aH0gykl7DNydqVMTe6YpGrB86KJtanmvo5Mf%2BrWmqHYcGxgucAn0Xu1sQC6Wx03L"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d0cb53efc4439ea-YYZ
alt-svc: h3=":443"; ma=86400
date: Fri, 11 Oct 2024 06:14:05 GMT
content-type: application/javascript
last-modified: Thu, 23 May 2019 00:36:02 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 bootstrap.min.js Show response
www.up-4ever.net/assets/js/ 50 KB
15 KB 35ms
32ms Script
application/javascript 172.67.216.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.up-4ever.net/assets/js/bootstrap.min.js?ver=10
Requested by: Host: www.up-4ever.net
URL: https://www.up-4ever.net/fcuh2jmegikb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-4ever.net/fcuh2jmegikb

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: HIT
age: 986
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yRHBLqHhDsZRENF1bslSAgfhcN0WMmPn5C%2FImm%2FEJQxKwC1DG6keqBHTr%2FtIiHSPo5Vc7yDglueaHCg%2Fvh5X4qrwLwmw4vvA4N%2F7P887SZrfUIMp8%2Fwr8DdDjOpd0PseTfuk"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d0cb53efc4639ea-YYZ
alt-svc: h3=":443"; ma=86400
date: Fri, 11 Oct 2024 06:14:05 GMT
content-type: application/javascript
last-modified: Thu, 23 May 2019 00:36:02 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 mdb.min.js Show response
www.up-4ever.net/assets/js/ 410 KB
128 KB 60ms
57ms Script
application/javascript 172.67.216.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.up-4ever.net/assets/js/mdb.min.js?ver=15
Requested by: Host: www.up-4ever.net
URL: https://www.up-4ever.net/fcuh2jmegikb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6e658cbd1f64eba1b117f37d463588e91d21469fbf2cb2332b5d68f4e4b0fee

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-4ever.net/fcuh2jmegikb

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: HIT
age: 986
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5o7wmxjq2gRqCw59d59uMOpqYtk89Z6wJIXIbry9j9mHQmrbFWKcFLpyIF26NZdcwE3Kf4mSNCABR25VPdsV6Iw6GgGUkjMQyR6G1HDH%2BPnz0S4Dkki7K780nvROCHO8Mny%2B"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d0cb53efc4739ea-YYZ
alt-svc: h3=":443"; ma=86400
date: Fri, 11 Oct 2024 06:14:05 GMT
content-type: application/javascript
last-modified: Thu, 23 May 2019 00:36:02 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 interface.js Show response
www.up-4ever.net/assets/js/ 135 B
570 B 194ms
191ms Script
application/javascript 172.67.216.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.up-4ever.net/assets/js/interface.js?ver=11
Requested by: Host: www.up-4ever.net
URL: https://www.up-4ever.net/fcuh2jmegikb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a61490d8aeb374bac98abdad64f4d036b7117d850c740dc4ebd5be7c0708e22

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-4ever.net/fcuh2jmegikb

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: HIT
age: 982
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H%2FYchaDNxQ20gNVBxlIiVzXWCYE62KVs%2B%2BccuICyHRbRF5XTISiW%2FwUdB6BIhqVdUp2dSfWg%2Bk7LzSIXh9bOJCJtfzTNUGk1EM%2BxPMKVZckbR39QKdlbuRas77gJm%2Bsvsexy"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d0cb53efc4839ea-YYZ
alt-svc: h3=":443"; ma=86400
date: Fri, 11 Oct 2024 06:14:05 GMT
content-type: application/javascript
last-modified: Sat, 06 Feb 2021 14:49:51 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 perfect-scrollbar.min.js Show response
www.up-4ever.net/assets/js/ 18 KB
6 KB 194ms
191ms Script
application/javascript 172.67.216.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.up-4ever.net/assets/js/perfect-scrollbar.min.js
Requested by: Host: www.up-4ever.net
URL: https://www.up-4ever.net/fcuh2jmegikb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4ec9d558eeb7bc7359fe7c4820deea2c951fdd8bd34cb0e15727412c7f6c634

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-4ever.net/fcuh2jmegikb

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: HIT
age: 982
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PYmJKfcdqD%2FSGR%2BxbwaLEkaDwasK8aSHIaHZKzx7JvXWrgfxMQ0hFsT%2BeUY2lDbSSflOnHBju3YDL1zH17HQ6FNh0RlcMD1lz80ErRPcfJVzgbv1LrY0nYTqaxMihr6eh4lV"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d0cb53efc4939ea-YYZ
alt-svc: h3=":443"; ma=86400
date: Fri, 11 Oct 2024 06:14:05 GMT
content-type: application/javascript
last-modified: Sat, 06 Feb 2021 14:52:57 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 bootstrap-confirm.js Show response
www.up-4ever.net/js/ 3 KB
2 KB 206ms
203ms Script
application/javascript 172.67.216.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.up-4ever.net/js/bootstrap-confirm.js
Requested by: Host: www.up-4ever.net
URL: https://www.up-4ever.net/fcuh2jmegikb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecf662e9f1d25bd142e6b4e5618012a3af7af1a2cd7504d67b90d59ca344ef2f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-4ever.net/fcuh2jmegikb

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: HIT
age: 1412
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9ltIDcj%2B7hrjzIBIkDdFNrFLX5ujcSm9zSgjQ7D%2FNblpq7QvWFP%2BJrVZII%2FKBkGqnXGDznaR12U%2Fx6Q38z%2Bndjzs0KpxgzPpeMEPFt6LhYdVkWtn9KOKMS7M8iDsErnGiTl8"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d0cb53efc4a39ea-YYZ
alt-svc: h3=":443"; ma=86400
date: Fri, 11 Oct 2024 06:14:05 GMT
content-type: application/javascript
last-modified: Thu, 23 May 2019 00:40:05 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 dialogs.js Show response
www.up-4ever.net/js/ 2 KB
1 KB 207ms
203ms Script
application/javascript 172.67.216.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.up-4ever.net/js/dialogs.js
Requested by: Host: www.up-4ever.net
URL: https://www.up-4ever.net/fcuh2jmegikb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71fea8e764130d6d3e79297c3c69a3f30ba91e929ef79753dc6fd807d04bc03d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-4ever.net/fcuh2jmegikb

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: HIT
age: 2990
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HNDPXwebFgNBa1p52qaltz3ngq7is3KqO2XfVXGrq3btqzgHjV9T8RRoL7aoe1g9VzslCpmyj2NAw7xekU%2BmSYrQsJfKhOZsZDljL5vpHoIzFAy0WkOPl7hlSM5cbc%2B43i7m"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d0cb53efc4b39ea-YYZ
alt-svc: h3=":443"; ma=86400
date: Fri, 11 Oct 2024 06:14:05 GMT
content-type: application/javascript
last-modified: Thu, 23 May 2019 00:40:07 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 flags.png
www.up-4ever.net/assets/image/ 15 KB
15 KB 195ms
195ms Image
image/png 172.67.216.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.up-4ever.net/assets/image/flags.png
Requested by: Host: www.up-4ever.net
URL: https://www.up-4ever.net/assets/css/style.css?ver=34
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0787e30d6145bc8b8b92ed329f664bcc3012162ccba9ef943d7ada480afb74e9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-4ever.net/assets/css/style.css?ver=34

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 4644
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LvGYmCLzhiiAgPJ8kS0Au4yERX%2B8TL1daqiIT5HougyahJRALW3QoEQKH5eNvCOenSC0nSVA9OpJe4luNMz%2B0Df4QGQr3qutoFVQkVttP3X62mBfDhZ31GmzUdhaYeBG%2Fj9Q"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d0cb53f1c4f39ea-YYZ
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 15180
date: Fri, 11 Oct 2024 06:14:05 GMT
content-type: image/png
last-modified: Thu, 23 May 2019 00:36:04 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 Roboto-Bold.woff2
www.up-4ever.net/assets/font/roboto/ 49 KB
49 KB 170ms
169ms Font
font/woff2 172.67.216.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.up-4ever.net/assets/font/roboto/Roboto-Bold.woff2
Requested by: Host: www.up-4ever.net
URL: https://www.up-4ever.net/assets/css/mdb.min.css?ver=25
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b84b2abc336ee61f48a28a697b6ace2333ea5f1868aa15d5aeb2c7beac6d716

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.up-4ever.net
Referer: https://www.up-4ever.net/assets/css/mdb.min.css?ver=25

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 2990
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K4Vu%2FK4bCI7VrLF22zKetxyEeITtV3uSva0jfA%2BrtBupRiShOoC2%2F3zvP%2B%2FwTpBihGDRdOIsKdpMsiepPb1sN0HOzVh5qCLFMrXbRyzHmzriDzewh8ebw47kYkGdSYJalo72"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d0cb53f4c6939ea-YYZ
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 49976
date: Fri, 11 Oct 2024 06:14:05 GMT
content-type: font/woff2
last-modified: Thu, 23 May 2019 00:36:35 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 Roboto-Light.woff2
www.up-4ever.net/assets/font/roboto/ 48 KB
49 KB 214ms
213ms Font
font/woff2 172.67.216.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.up-4ever.net/assets/font/roboto/Roboto-Light.woff2
Requested by: Host: www.up-4ever.net
URL: https://www.up-4ever.net/assets/css/mdb.min.css?ver=25
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94a0ac8d73bb60a9cbe27a4fa36669104f6ffa37c8ff2df29313a6c0d3b64a75

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.up-4ever.net
Referer: https://www.up-4ever.net/assets/css/mdb.min.css?ver=25

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 4366
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q0YnuIU2leKeY9hO73xZ1LR4LnSyh86qJ4T8GTFXmDSy2G5orlMPhUZHmJcoHeN08eHdY31tdQp80OAoO%2BhY8prCZlqBZm6HaentYvbX7VBq%2Bar1bOZgUccGacezzqhajJ%2F%2B"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d0cb53f4c6a39ea-YYZ
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 49380
date: Fri, 11 Oct 2024 06:14:05 GMT
content-type: font/woff2
last-modified: Thu, 23 May 2019 00:36:13 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 Roboto-Regular.woff2
www.up-4ever.net/assets/font/roboto/ 48 KB
49 KB 260ms
259ms Font
font/woff2 172.67.216.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.up-4ever.net/assets/font/roboto/Roboto-Regular.woff2
Requested by: Host: www.up-4ever.net
URL: https://www.up-4ever.net/assets/css/mdb.min.css?ver=25
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5c9c23bd12593523a46d79dd0aee80e3226bbde4c9ac05fc30a95e2c1510de0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.up-4ever.net
Referer: https://www.up-4ever.net/assets/css/mdb.min.css?ver=25

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 4365
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ri8cL7eE%2BOhDhtkXkN3luCwpafdtzexZE8tra%2FZedKZPo%2BL1Am6%2FCM%2B6TBruQOZH2VzcRKzha5dddm7NWiH0yoxa%2BbRW0RBuOTg3JKSU0J%2FNvyIF6E7Mu9GE2yn265bPs%2Fio"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d0cb53f4c6b39ea-YYZ
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 49236
date: Fri, 11 Oct 2024 06:14:05 GMT
content-type: font/woff2
last-modified: Thu, 23 May 2019 00:36:13 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 Roboto-Medium.woff2
www.up-4ever.net/assets/font/roboto/ 49 KB
50 KB 295ms
294ms Font
font/woff2 172.67.216.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.up-4ever.net/assets/font/roboto/Roboto-Medium.woff2
Requested by: Host: www.up-4ever.net
URL: https://www.up-4ever.net/assets/css/mdb.min.css?ver=25
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cd5c4b37938d932110ec043ce1cc766d18cacf7a4e7cffa6a539855d5bdc08d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.up-4ever.net
Referer: https://www.up-4ever.net/assets/css/mdb.min.css?ver=25

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 2990
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=029iHMSMWYPSUJpFss3ov8Hgqh6A5MN%2BEHEmihHnZRmOkoPeoJvG3r3a%2BIsknuEaBBogdxMKd4MW02xnSgkpacuqRH%2F%2ByGvVH3p6LIGTKh1YScjSYbxO2WhGHJmAp5ixoIjZ"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d0cb53f4c6c39ea-YYZ
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 50224
date: Fri, 11 Oct 2024 06:14:05 GMT
content-type: font/woff2
last-modified: Thu, 23 May 2019 00:36:13 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 fa-light-300.woff2
www.up-4ever.net/assets/packages/fontawesome/webfonts/ 115 KB
116 KB 330ms
329ms Font
font/woff2 172.67.216.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.up-4ever.net/assets/packages/fontawesome/webfonts/fa-light-300.woff2
Requested by: Host: www.up-4ever.net
URL: https://www.up-4ever.net/assets/packages/fontawesome/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fc5ace475076f454c946a32e61011a7b8b0ab6fadfb98a73756906b94a5588d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.up-4ever.net
Referer: https://www.up-4ever.net/assets/packages/fontawesome/css/all.css

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 4366
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hCpvkem42%2Fu0KeOwFbqsK2LU5IzuOs2aSfzIqy0zR7Ehcorgf1muzKVYAXkf7f%2FSD2TjC5AcCGKgV%2FGxDyyhetN2VXZVaSH7My%2FpoK22X71xoQ2u6K6wPQ9thuRC6swQf0hN"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d0cb53f4c6d39ea-YYZ
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 117936
date: Fri, 11 Oct 2024 06:14:05 GMT
content-type: font/woff2
last-modified: Thu, 23 May 2019 00:36:21 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 asd100.bin Show response
ukankingwithea.com/ 100 KB
101 KB 136ms
60ms Fetch
binary/octet-stream 104.21.68.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ukankingwithea.com/asd100.bin
Requested by: Host: dof9zd9l290mz.cloudfront.net
URL: https://dof9zd9l290mz.cloudfront.net/?dzfod=1038311
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.68.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-4ever.net/

Response headers

cf-cache-status: HIT
age: 6109
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9QH22EcnUqes3YuURHIxgjgQupC6bP6QiG8gvA7iDOBW3GfuqxgQML27NfjP0tE9FoXNH174IXDVA4NACQKYBdKDZDWcUibRcdaAEKEjwwHAtNg1EajAjf3GXaz5TcQ2XBO%2FISA%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
date: Fri, 11 Oct 2024 06:14:06 GMT
content-type: binary/octet-stream
last-modified: Fri, 11 Oct 2024 04:32:17 GMT
vary: Accept-Encoding
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8d0cb53feb98a232-YYZ
access-control-allow-origin: https://www.up-4ever.net
server: cloudflare

GET
H3 200 / Show response
ukankingwithea.com/ 27 B
552 B 134ms
58ms Fetch
text/plain 104.21.68.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ukankingwithea.com/
Requested by: Host: dof9zd9l290mz.cloudfront.net
URL: https://dof9zd9l290mz.cloudfront.net/?dzfod=1038311
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.68.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1c9d4f2132f0ab3024e0c723c263904103b1acadac056afe7ba3415dce3e10e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-4ever.net/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vyOsymSZPUU7vliFOoqpUMK7AF%2B3myE%2BIF6M%2BRkcR5lnVU%2BkJ40IxMQrIfveNk3RFotT%2BZSw8dP5yAC5%2Fr3z6YraZbziIYH0qVSGMnkRN6VQrsMdwYPdl17CACvOvaqTstlUC8s%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
access-control-allow-methods: GET
cf-ray: 8d0cb53feb97a232-YYZ
access-control-allow-origin: https://www.up-4ever.net
alt-svc: h3=":443"; ma=86400
date: Fri, 11 Oct 2024 06:14:06 GMT
content-type: text/plain
server: cloudflare
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 MHdWcVZRFTUcaVFKNFcjQhtrVGR2UmQ3Ml8RbwsyCRtkSGZdDXgSOl8CMhckXxkiXzhVA3NDEHstAiM4YSBuNgFHHDgkFHYTF0IuVSEHFTBTG2MkE1gULDIxfT0TNQ9pJGY0DlIxJTAHVz4sIAdEJRNDNXYxOgIcfSEfJhdkJjQ7IXYaGiMcejIDRRJWMhwiE1cEM...
osadooffinegold.com/ Frame BF4F 0
0 169ms
59ms Document
text/html 108.156.107.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://osadooffinegold.com/MHdWcVZRFTUcaVFKNFcjQhtrVGR2UmQ3Ml8RbwsyCRtkSGZdDXgSOl8CMhckXxkiXzhVA3NDEHstAiM4YSBuNgFHHDgkFHYTF0IuVSEHFTBTG2MkE1gULDIxfT0TNQ9pJGY0DlIxJTAHVz4sIAdEJRNDNXYxOgIcfSEfJhdkJjQ7IXYaGiMcejIDRRJWMhwiE1cEMTAHeT0HIgdyNTEdAWoAYjMAXAdnIgR2MhUyJmMxA0EAeyU5MgRyMiMzA341FB8hczQ9RRl8Jhs0E2YiHiY9QzIHHxhWIwMJAVMyJiYyWz0sKSFcExUlB2gmFysOfyEyJTcBWhBABFs2EScvcREQJzFzOTEeHmgAYkAFXBMvJDh6LgUGMmItEEAAeDYhARFHHw8gOH0EBzAMaDsHKBllIhwLDkc9BDMVXzYCMxBmFAcGGGIQMQIVWzYROA5yEw4zJmgVZ0gacjIcCw5ILQAwBXETEjMQZjVnAQFxRzoIAWU5FCY4cVE8AjleB2sCY2MtHhUEeiQ
Requested by: Host: dof9zd9l290mz.cloudfront.net
URL: https://dof9zd9l290mz.cloudfront.net/?dzfod=1038311
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.107.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-107-128.ord56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash

Request headers

Referer: https://www.up-4ever.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1231
content-type: text/html
date: Fri, 11 Oct 2024 06:14:06 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 0408bbc7259d4538045e939f634114ec.cloudfront.net (CloudFront)
x-amz-cf-id: Qj38o3gu5ZTcGxcvglMKOABAKu0AF4xVMtwhFmiFBg7gmA9ijyfA8A==
x-amz-cf-pop: ORD56-P2
x-cache: Miss from cloudfront

GET
H3 200 asd100.bin Show response
ukankingwithea.com/ 100 KB
101 KB 66ms
37ms Fetch
binary/octet-stream 104.21.68.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ukankingwithea.com/asd100.bin
Requested by: Host: dof9zd9l290mz.cloudfront.net
URL: https://dof9zd9l290mz.cloudfront.net/?dzfod=1038311
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.68.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-4ever.net/

Response headers

cf-cache-status: HIT
age: 6109
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=62f7hUv6by61UMWx2eHJ7o7dOm7DiRy3TzXhIT%2FTSzFyz1ga8nxKlu1EtGIK3huJBh%2BejEXkP%2FfNKBa%2FrDI%2BCmjNULa74yorqBV8B1sDV9ozaUa5yuKafm87tv8Apot2UGe6v6k%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
date: Fri, 11 Oct 2024 06:14:06 GMT
content-type: binary/octet-stream
last-modified: Fri, 11 Oct 2024 04:32:17 GMT
vary: Accept-Encoding
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8d0cb53feb99a232-YYZ
access-control-allow-origin: https://www.up-4ever.net
server: cloudflare

GET
H3 200 / Show response
ukankingwithea.com/ 27 B
547 B 157ms
67ms Fetch
text/plain 104.21.68.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ukankingwithea.com/
Requested by: Host: dof9zd9l290mz.cloudfront.net
URL: https://dof9zd9l290mz.cloudfront.net/?dzfod=1038311
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.68.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc409c9759a5426446bff4cea9dbee3cbf758fb97af540ccdacc670c0f609ce0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-4ever.net/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gluYrGKBx1mfEUa2VS%2BMlL5RdesPYBzPR%2BZCr8fIpmTb3CmeAEzua57Uhy0AG5ZOWxYTrWVdyahDBip5qJb3qzFDIqEIIR7k3p1e5vsP%2F%2BUZoYLxsdiY7kzgAGst8cCA7lJ58e0%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
access-control-allow-methods: GET
cf-ray: 8d0cb5404bb9a232-YYZ
access-control-allow-origin: https://www.up-4ever.net
alt-svc: h3=":443"; ma=86400
date: Fri, 11 Oct 2024 06:14:06 GMT
content-type: text/plain
server: cloudflare
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 J2U4LAY8DhYEAQgZNhMFODIWKSYnBR1gYikcHxQ+KTogDxsYLDMKYCk9ATJ9ImYWHRVZFg8qATY4NAEcXz9kBgY2YQ8GBSADPSozCwcaAjY+YScTNzkmFHY0IQMUHx4kMzwSNickPhMnIj0CBicuEjkyGiYVFRQaOQ4iFBEpcWUHBwZsDx0TITcOKTReMiAxdV0WB...
osadooffinegold.com/VFdFUG81NSY9UDVqJ3YaJjt4dV0ScncWCzsxfCoLbTt3aV85LWszAzsiITYdOzkxfgExI2BiKR8FdwUVAD0uOyw4ZyoSBRkaE2MiHTN0ESoxMHwnPmQafQgsEg4XFAMbNhcSKw0gdTkqZQ59FhY/FhdiBwAZBCALBDAUYyxlNDUHBiwPE... Frame 07FA 0
0 138ms
62ms Document
text/html 108.156.107.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://osadooffinegold.com/VFdFUG81NSY9UDVqJ3YaJjt4dV0ScncWCzsxfCoLbTt3aV85LWszAzsiITYdOzkxfgExI2BiKR8FdwUVAD0uOyw4ZyoSBRkaE2MiHTN0ESoxMHwnPmQafQgsEg4XFAMbNhcSKw0gdTkqZQ59FhY/FhdiBwAZBCALBDAUYyxlNDUHBiwPEwNWHREtHi0EFX0qJ2UzPxYnFhMdKVYMHgM3OR9mJjs4FR0qBywZHwE+ADIaPQYMHgYUYycREigELBUBFwMpAA4XEjw3ZhQ/J2U4LAY8DhYEAQgZNhMFODIWKSYnBR1gYikcHxQ+KTogDxsYLDMKYCk9ATJ9ImYWHRVZFg8qATY4NAEcXz9kBgY2YQ8GBSADPSozCwcaAjY+YScTNzkmFHY0IQMUHx4kMzwSNickPhMnIj0CBicuEjkyGiYVFRQaOQ4iFBEpcWUHBwZsDx0TITcOKTReMiAxdV0WBDIeCBcAKQYpOiAPHi4GAQlgHCEGBBUmEB8XAycMZxUJPRUYIydJPiQqPh9pJys0CDc8dzYOJQYzIh0
Requested by: Host: dof9zd9l290mz.cloudfront.net
URL: https://dof9zd9l290mz.cloudfront.net/?dzfod=1038311
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.107.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-107-128.ord56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash

Request headers

Referer: https://www.up-4ever.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1245
content-type: text/html
date: Fri, 11 Oct 2024 06:14:06 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 0408bbc7259d4538045e939f634114ec.cloudfront.net (CloudFront)
x-amz-cf-id: NMV8hYzNWesCe7l2nj8xeMBsY9ECh629z3nYltj4uUKuca_K8DRJnQ==
x-amz-cf-pop: ORD56-P2
x-cache: Miss from cloudfront

GET
H3 204 CSQtGlwMKzkLJx8eASpTCFpbdl0IW04+B11XWWgdTQscOx0EW04nAF8FVWgYBFtGfVoXWV5gWh8fVX9ITRoJKVMITBg6GlVXWXlcAVxaeVwNX1F5Vg
mileesidesukbein.com/Tm45amhhUVoZVSoCURMMBiR8CC0+LGhaDDs/ 0
426 B 145ms
50ms Image
text/plain 104.21.66.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mileesidesukbein.com/Tm45amhhUVoZVSoCURMMBiR8CC0+LGhaDDs/CSQtGlwMKzkLJx8eASpTCFpbdl0IW04+B11XWWgdTQscOx0EW04nAF8FVWgYBFtGfVoXWV5gWh8fVX9ITRoJKVMITBg6GlVXWXlcAVxaeVwNX1F5Vg
Requested by: Host: www.up-4ever.net
URL: https://www.up-4ever.net/fcuh2jmegikb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.66.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-4ever.net/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B6zhgjkvwYBPtAWsFbjYu%2BDFUYw7vUZcBe41AG0FZkJLeQSawo%2F3dP9z%2FJlcXmb9UPLRSQqDkRpi%2FWRDTkwfev64On7zWr6XyK567IJzfXdWFhKfJl9MAiqY6924z8ln%2BOVG%2BVTdHA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d0cb5407bad3702-YYZ
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Fri, 11 Oct 2024 06:14:06 GMT
server: cloudflare

GET login.php
www.facebook.com/ 0
0

GET

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ARpgrqd-3vl_q-3APQpoKtZJtGLoOmsDrLWK2Qv6auYyHy1l2es1uOUWwaQArEi...
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ARpgrqczjnjEdM5yI-3hhvwl1l9OnnCYcif8N8ohK2-refIpCAyhmVnf8yzpRG5bBjsnCde-YDM87A&passiv...

0
0

GET

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ARpgrqetRLdJE9IQqGwciXfDe9bMRmwWrI_Lcdb9fCqpWRNQpGO_9kzybAd...
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ARpgrqdtTUWQKbpON9B2-hQwbVhf8-TcectVnjT9HYgOVQ5DwY2uPnTcs7WGfVO3EyD59LlDFWZY9A&passi...

0
0

GET
H3 204 ZmdPW2d7Z0cdbGR1FRgwMm5QTiEhJw1VYGJhWV5jYmFVXmFnZw
mileesidesukbein.com/VVNhaFF6bAIbbAE5J1wHZRVUKRQtOAIwPhwHUwxiMDQrKgsNFkccODFuUFhkYmdXX3clOgVVYHMgFQklICBcWXc8PQcHbHMlXFl/ 0
388 B 146ms
52ms Image
text/plain 104.21.66.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mileesidesukbein.com/VVNhaFF6bAIbbAE5J1wHZRVUKRQtOAIwPhwHUwxiMDQrKgsNFkccODFuUFhkYmdXX3clOgVVYHMgFQklICBcWXc8PQcHbHMlXFl/ZmdPW2d7Z0cdbGR1FRgwMm5QTiEhJw1VYGJhWV5jYmFVXmFnZw
Requested by: Host: www.up-4ever.net
URL: https://www.up-4ever.net/fcuh2jmegikb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.66.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-4ever.net/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WoUqcZi%2F3N7CCjk79lwTOr%2BcEEi0CxyK6hp%2BjzMdwVWP1HyzVUPQs14bInC2BcwFyG%2Bqojk7kNiwav5d3mc85u%2BMWYbGygXX3QVLSjiEZqDfKxDB%2FDmNcycOTJiPf4IgnXwN5VohrA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d0cb5407bab3702-YYZ
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Fri, 11 Oct 2024 06:14:06 GMT
server: cloudflare

GET
H3 200 fa-brands-400.woff2
www.up-4ever.net/assets/packages/fontawesome/webfonts/ 64 KB
64 KB 265ms
264ms Font
font/woff2 172.67.216.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.up-4ever.net/assets/packages/fontawesome/webfonts/fa-brands-400.woff2
Requested by: Host: www.up-4ever.net
URL: https://www.up-4ever.net/assets/packages/fontawesome/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 974956f1b7b82cecd8ae88a0b685f0d5dfe5c8534c2784e59abeea719eadbbc4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.up-4ever.net
Referer: https://www.up-4ever.net/assets/packages/fontawesome/css/all.css

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 4363
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LtcQSk0PntSFdLVXlqHaCwl45aQ2TfqAdcqNo3MT6OE255PSuHaBF98mIiPnQOaZBe4ltOk3FHyE2j34%2FTRcwpOl6k%2FnxvdKMZK7Fo6RyeURZ7avgDBkrU6oO5oWVhC%2BqifE"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d0cb5402d0539ea-YYZ
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 65316
date: Fri, 11 Oct 2024 06:14:06 GMT
content-type: font/woff2
last-modified: Thu, 23 May 2019 00:36:23 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410090101/ 89 KB
31 KB 126ms
54ms Script
text/javascript 209.85.144.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410090101/slotcar_library_fy2021.js?bust=31087977

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6001787570359789

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.144.154 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f154.1e100.net

Software

cafe /

Resource Hash

368157e7aea7b13b88dffd4dc4b39e40399f52ab562b67139a5c53977a7f8bbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-4ever.net/

Response headers

content-encoding: br
etag: 7880065774370656081
x-content-type-options: nosniff
expires: Fri, 11 Oct 2024 06:14:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Fri, 11 Oct 2024 06:14:06 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 31867
x-xss-protection: 0
server: cafe

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410090101/ 420 KB
140 KB 177ms
105ms Script
text/javascript 209.85.144.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410090101/show_ads_impl_fy2021.js?bust=31087977

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6001787570359789

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.144.154 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f154.1e100.net

Software

cafe /

Resource Hash

a54c12f8a19ad3b549975107c57c841254867a4917ef17f097e3ed8890180f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-4ever.net/

Response headers

content-encoding: br
etag: 15259352540452211784
x-content-type-options: nosniff
expires: Fri, 11 Oct 2024 06:14:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Fri, 11 Oct 2024 06:14:06 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 143238
x-xss-protection: 0
server: cafe

POST
H2 204 collect
analytics.google.com/g/ 0
0 96ms
40ms Fetch
text/plain 2001:4860:4802:38::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-BH3KCF6H24&gtm=45je4a90v9132047618za200&_p=1728627245904&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101529666~101671035~101686685&cid=1465201339.1728627246&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1728627246&sct=1&seg=0&dl=https%3A%2F%2Fwww.up-4ever.net%2Ffcuh2jmegikb&dt=Download%20f2f2f2f2f2f22f2f2f2f2f%20torrent&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1025
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BH3KCF6H24
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-4ever.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.up-4ever.net
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 11 Oct 2024 06:14:06 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
555 B 120ms
37ms Ping
text/plain 2607:f8b0:400d:c0d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-BH3KCF6H24&cid=1465201339.1728627246&gtm=45je4a90v9132047618za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101529666~101671035~101686685
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BH3KCF6H24
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400d:c0d::9b Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-4ever.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.up-4ever.net
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 11 Oct 2024 06:14:06 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 5181 0
0 123ms
44ms Document
text/html 2607:f8b0:400d:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-BH3KCF6H24&gacid=1465201339.1728627246&gtm=45je4a90v9132047618za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101529666~101671035~101686685&z=1008846725

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BH3KCF6H24

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c02::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.up-4ever.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 11 Oct 2024 06:14:06 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 85ms
43ms Image
image/gif 209.85.232.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BH3KCF6H24&cid=1465201339.1728627246&gtm=45je4a90v9132047618za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101529666~101671035~101686685&tag_exp=101529666~101671035~101686685&z=698867523

Requested by

Host: www.up-4ever.net
URL: https://www.up-4ever.net/fcuh2jmegikb

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.232.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qt-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-4ever.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 11 Oct 2024 06:14:06 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 WVVTXGlIRhoBcgkFXFV5CgVcWXkLC14
mileesidesukbein.com/Tzgybm1gB1EdUCxuWgQ8JGJ2DCs7C1ZeLzptXDgaHH8HPAkhYRQaBCsFA15edwsDX0s/UVZTXGlLRg8ZOksPXV1/CRQHAylXD15dfwkUGFB+FgFaQ3wOHFpLOgUAX196CgVaVXkBAF1ceAkLSBk/ 0
381 B 47ms
47ms Image
text/plain 104.21.66.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mileesidesukbein.com/Tzgybm1gB1EdUCxuWgQ8JGJ2DCs7C1ZeLzptXDgaHH8HPAkhYRQaBCsFA15edwsDX0s/UVZTXGlLRg8ZOksPXV1/CRQHAylXD15dfwkUGFB+FgFaQ3wOHFpLOgUAX196CgVaVXkBAF1ceAkLSBk/WVVTXGlIRhoBcgkFXFV5CgVcWXkLC14
Requested by: Host: www.up-4ever.net
URL: https://www.up-4ever.net/fcuh2jmegikb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.66.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-4ever.net/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ihI5DmEdhiYsfhZ2OPuF9KXwgRgdYBXICSVi2F9KWTq9imrytxb5dEAakWZTE4B4gDsiLoNy8VSu26hOWBH2OLdOG1WuS8R5A%2BchZgc%2B90fb3dY8WSkZhHlRirQG6WxPs6pJUDOtFA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d0cb5420c743702-YYZ
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Fri, 11 Oct 2024 06:14:06 GMT
server: cloudflare

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241009/r20190131/ Frame CF3F 0
0 114ms
39ms Document
text/html 173.194.205.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20241009/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410090101/show_ads_impl_fy2021.js?bust=31087977

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.205.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qm-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.up-4ever.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age: 55179
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 10 Oct 2024 14:54:27 GMT
etag: 13108003645644964576
expires: Thu, 24 Oct 2024 14:54:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 45ms
45ms Image
image/gif 209.85.144.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=gdpr-cookie-notice&cls=hide%20appCookieNotice%20pr-5%20pl-5&ign=false&pw=1600&ph=1200&x=0&y=1130.4

Requested by

Host: www.up-4ever.net
URL: https://www.up-4ever.net/fcuh2jmegikb

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.144.154 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f154.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-4ever.net/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Fri, 11 Oct 2024 06:14:06 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 85ms
84ms Image
image/gif 209.85.144.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=NAV&cls=navbar%20navbar-expand-lg%20navbar-dark%20fixed-top%20scrolling-navbar%20wow%20fadeIn%20top-navbar%20animated&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.up-4ever.net
URL: https://www.up-4ever.net/fcuh2jmegikb

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.144.154 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f154.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-4ever.net/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Fri, 11 Oct 2024 06:14:06 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 2F8E 0
0 531ms
478ms Document
text/html 173.194.205.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6001787570359789&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1728627246&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fwww.up-4ever.net%2Ffcuh2jmegikb&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiict=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1728627246164&bpp=5&bdt=571&idt=253&shv=r20241009&mjsv=m202410090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=1679950235852&frm=20&pv=2&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C42532523%2C44795922%2C95331687%2C95342016%2C95343454%2C95344778%2C31087977&oid=2&pvsid=499346494065092&tmod=1341054876&uas=0&nvt=1&fsapi=1&fc=1920&brdim=110%2C110%2C110%2C110%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=281

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410090101/show_ads_impl_fy2021.js?bust=31087977

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.205.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qm-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.up-4ever.net/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 47497
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 11 Oct 2024 06:14:06 GMT
expires: Fri, 11 Oct 2024 06:14:06 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame A120 0
0 184ms
154ms Document
text/html 173.194.205.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6001787570359789&output=html&h=280&slotname=7333511488&adk=502614684&adf=1758048334&pi=t.ma~as.7333511488&w=1110&abgtt=6&fwrn=4&fwrnh=100&lmt=1728627246&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.up-4ever.net%2Ffcuh2jmegikb&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1728627246169&bpp=2&bdt=576&idt=292&shv=r20241009&mjsv=m202410090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=1679950235852&frm=20&pv=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=197&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C42532523%2C44795922%2C95331687%2C95342016%2C95343454%2C95344778%2C31087977&oid=2&pvsid=499346494065092&tmod=1341054876&uas=0&nvt=1&fc=1920&brdim=110%2C110%2C110%2C110%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=301

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410090101/show_ads_impl_fy2021.js?bust=31087977

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.205.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qm-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.up-4ever.net/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 410
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 11 Oct 2024 06:14:06 GMT
expires: Fri, 11 Oct 2024 06:14:06 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 52ms
50ms Fetch
text/html 209.85.144.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6001787570359789
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 209.85.144.154 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: qv-in-f154.1e100.net
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.up-4ever.net/

Response headers

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame F4D0 0
0 309ms
293ms Document
text/html 173.194.205.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6001787570359789&output=html&h=280&slotname=7333511488&adk=507415228&adf=3321263041&pi=t.ma~as.7333511488&w=350&abgtt=6&fwrn=4&fwrnh=100&lmt=1728627246&rafmt=1&format=350x280&url=https%3A%2F%2Fwww.up-4ever.net%2Ffcuh2jmegikb&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1728627246171&bpp=1&bdt=578&idt=310&shv=r20241009&mjsv=m202410090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=1679950235852&frm=20&pv=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=746&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C42532523%2C44795922%2C95331687%2C95342016%2C95343454%2C95344778%2C31087977&oid=2&pvsid=499346494065092&tmod=1341054876&uas=0&nvt=1&fc=1920&brdim=110%2C110%2C110%2C110%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&fsb=1&dtd=313

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410090101/show_ads_impl_fy2021.js?bust=31087977

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.205.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qm-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.up-4ever.net/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 28629
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 11 Oct 2024 06:14:06 GMT
expires: Fri, 11 Oct 2024 06:14:06 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 4DEA 0
0 307ms
305ms Document
text/html 173.194.205.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6001787570359789&output=html&h=280&slotname=7333511488&adk=507415228&adf=4259672823&pi=t.ma~as.7333511488&w=350&abgtt=6&fwrn=4&fwrnh=100&lmt=1728627246&rafmt=1&format=350x280&url=https%3A%2F%2Fwww.up-4ever.net%2Ffcuh2jmegikb&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1728627246172&bpp=1&bdt=578&idt=323&shv=r20241009&mjsv=m202410090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C1110x280%2C350x280&nras=1&correlator=1679950235852&frm=20&pv=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=746&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C42532523%2C44795922%2C95331687%2C95342016%2C95343454%2C95344778%2C31087977&oid=2&pvsid=499346494065092&tmod=1341054876&uas=0&nvt=1&fc=1920&brdim=110%2C110%2C110%2C110%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=4&uci=a!4&fsb=1&dtd=327

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410090101/show_ads_impl_fy2021.js?bust=31087977

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.205.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qm-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.up-4ever.net/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 28504
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 11 Oct 2024 06:14:06 GMT
expires: Fri, 11 Oct 2024 06:14:06 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 popunder.gif
mileesidesukbein.com/ 35 B
526 B 32ms
32ms Image
image/gif 104.21.66.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mileesidesukbein.com/popunder.gif
Requested by: Host: www.up-4ever.net
URL: https://www.up-4ever.net/fcuh2jmegikb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.66.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-4ever.net/

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 2721
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xNYaRofWGEaHHswivEt4SBkeyaTsbN1YDrakKQwEuEbsSueBA1eOYKrzwII8qfPJr78of7FWsd4kdF%2FWaNw3C90vFEAla3mc98WX11Jd3QBRnUNWPd%2BkTJg4ytgkf2s0KC6FT2Az0w%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
date: Fri, 11 Oct 2024 06:14:06 GMT
content-type: image/gif
last-modified: Fri, 11 Oct 2024 05:28:45 GMT
vary: Accept-Encoding
cache-control: public, max-age=604800, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: public
cf-ray: 8d0cb5431cd93702-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 58
server: cloudflare

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410090101/ 172 KB
58 KB 56ms
56ms Script
text/javascript 209.85.144.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410090101/reactive_library_fy2021.js?bust=31087977

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410090101/show_ads_impl_fy2021.js?bust=31087977

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.144.154 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f154.1e100.net

Software

cafe /

Resource Hash

4aad78e8fe05f5411c3c5b59b51426473a37c3ed8cf3ecd1618aa087a1753079

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-4ever.net/

Response headers

content-encoding: br
etag: 12485305053785670473
x-content-type-options: nosniff
expires: Fri, 11 Oct 2024 06:14:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Fri, 11 Oct 2024 06:14:07 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 59098
x-xss-protection: 0
server: cafe

GET
H2 200 ca-pub-6001787570359789 Show response
fundingchoicesmessages.google.com/i/ 200 KB
66 KB 211ms
95ms Script
application/javascript 2607:f8b0:400d:c03::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-6001787570359789?href=https%3A%2F%2Fwww.up-4ever.net%2Ffcuh2jmegikb&ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410090101/show_ads_impl_fy2021.js?bust=31087977

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c03::8b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fdc453f1fc06ddd1c0601c60a174eeabdd5e069777f70f34917b20889b916edf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-iECspl7glq9zu7LojEIviw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-4ever.net/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 11 Oct 2024 06:14:07 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjamDU4pJi8NGQYjhx6zbTBSA-73SH6ToQS3x9yaQGxE7pM1gDgLj15jnWyUCc9O88awEQu2tdZPUHYkOFS6z2QOxYdInVE4hVey6xGgPx_XWXWJ8D8dc9l1j_AvHej5dYjwJxkcQV1gYgvt10hfUxEAvxcKxvWbyDTeBH28O5jEoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmhgYGlnoGRvEFBgCuTE9a"
content-security-policy: script-src 'report-sample' 'nonce-iECspl7glq9zu7LojEIviw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 45ms
44ms Image
image/gif 209.85.144.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=0&wpc=ca-pub-6001787570359789&warn=13&w=1600&h=1200&pp=0&ppp=0&eatf=false&eatfAbg=true&reatf=true&a=6%2C1%2C5%2C7&apv=20241008_103507&sat=1728492360600&afm=2%2C0&as_count=3&d_count=0&ng_count=0&am_count=0&atf_count=3&mdns=0.340&alldns=0.340&allp=13&pgh=2473&abl=false&rr=n&su=www.up-4ever.net&pvc=499346494065092&r=0.1&eid=44759876%2C44759927%2C44759837%2C42531705%2C42532523%2C44795922%2C95331687%2C95342016%2C95343454%2C95344778%2C31087977

Requested by

Host: www.up-4ever.net
URL: https://www.up-4ever.net/fcuh2jmegikb

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.144.154 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f154.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-4ever.net/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Fri, 11 Oct 2024 06:14:07 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H3 204 AGSKWxVPFUT9vAu6mCwcf1wfyunUSo9wsqGpUcfrmDnWbCDSjD0yQxZHPvH-HWM7unPQota9e4vLt5G3Rj1QhVfzM04js5qeG8pSI0fJnpYVkbNIin3uke1-hY3oUN38cW8xM0E9FSPPHw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 158ms
82ms XHR
text/html 209.85.201.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVPFUT9vAu6mCwcf1wfyunUSo9wsqGpUcfrmDnWbCDSjD0yQxZHPvH-HWM7unPQota9e4vLt5G3Rj1QhVfzM04js5qeG8pSI0fJnpYVkbNIin3uke1-hY3oUN38cW8xM0E9FSPPHw==

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.taBgGvRQC20.es5.O/am=DAY/d=1/rs=AJlcJMw5WxYODxVUj1_d2AYr640ZNkz7Mg/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.201.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f100.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-TTuajSP4P2M5L5i82abbsA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.up-4ever.net/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 11 Oct 2024 06:14:07 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw05BicEqfwRoCxO5aF1n9gfjrnkusf4F478dLrEeBWIiHY33L4h1sAgf-Lp7IpOSSlF8Yn5yfV5KaV6KbmFKsC2IXZSaVluQXobBTy0AqcvLT0zPz0uONDIxMDA0MLPUMzOILDADQ_S9K"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-TTuajSP4P2M5L5i82abbsA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.up-4ever.net
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2 200 AGSKWxWhxm5gv4rVVQhI-4-N_cuX0WF5d2OeZETgOkjN8xgt7ATAf5ik0gsva6D6NkO-ivitZmmdJT42uq5oRgHjaTo64e1m6jvXbORT8Gtp89flc3RzMdRT0jL7OEIPAbTlAhO7ktYpBQ== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 84ms
83ms Script
application/javascript 2607:f8b0:400d:c03::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWhxm5gv4rVVQhI-4-N_cuX0WF5d2OeZETgOkjN8xgt7ATAf5ik0gsva6D6NkO-ivitZmmdJT42uq5oRgHjaTo64e1m6jvXbORT8Gtp89flc3RzMdRT0jL7OEIPAbTlAhO7ktYpBQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI4NjI3MjQ3LDQ2ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cudXAtNGV2ZXIubmV0L2ZjdWgyam1lZ2lrYiIsbnVsbCxbWzgsInRhQmdHdlJRQzIwIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c03::8b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

13dad7fdad2018be7a0ad4a780edcbb2bcb19c82bd1f02e0e9cf19048c0176a7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9_rX3Q9gvByyQpLDcrkKew' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-4ever.net/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 11 Oct 2024 06:14:07 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjqtDikmLw1ZBiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B2JDhUus9kDsWHSJ1ROIVXsusRoD8f11l1ifA_HXPZdY_wLx3o-XWI8CcZHEFdYGIL7ddIX1MRAL8XCsb1m8g03gwqp3fxiVNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAwNDCz1DIziCwwASaxKtA"
content-security-policy: script-src 'report-sample' 'nonce-9_rX3Q9gvByyQpLDcrkKew' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241009/r20190131/ Frame DA68 0
0 0ms
0ms Document
text/html 173.194.205.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20241009/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410090101/show_ads_impl_fy2021.js?bust=31087977

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.205.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qm-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.up-4ever.net/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age: 55179
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 10 Oct 2024 14:54:27 GMT
etag: 13108003645644964576
expires: Thu, 24 Oct 2024 14:54:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241009/r20190131/ Frame 63D4 0
0 0ms
0ms Document
text/html 173.194.205.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20241009/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410090101/show_ads_impl_fy2021.js?bust=31087977

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.205.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qm-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.up-4ever.net/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age: 55179
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 10 Oct 2024 14:54:27 GMT
etag: 13108003645644964576
expires: Thu, 24 Oct 2024 14:54:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 17 KB
12 KB 53ms
52ms XHR
application/json 209.85.144.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20241009&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410090101/show_ads_impl_fy2021.js?bust=31087977

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.144.154 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f154.1e100.net

Software

cafe /

Resource Hash

f78a6324c20a743f26c5b6d6807c955cc4677976ff6aa05c4bb85db860c9a69a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-4ever.net/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 12760
date: Fri, 11 Oct 2024 06:14:07 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 favicon.ico
www.up-4ever.net/ 12 KB
12 KB 32ms
31ms Other
image/x-icon 172.67.216.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.up-4ever.net/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71da8cb518e56fd83e092bdbcd3d69afee6caa8ba8e6947e5628ba5cd00e229b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-4ever.net/fcuh2jmegikb

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: HIT
age: 5294
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8BpN%2BSRJXf5AG9xEh61jMBA%2BTnGcG33ojgjyYbhGx4BHOtkA9w2y%2BB6YaqcBqunMj%2FPyx6PFE7nfEly0Bjz6RIJWk0ra%2BTpFSZBliiZ89nc8ip3HRKhytKt40yJm%2BjPKU2hw"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d0cb54a0a4939ea-YYZ
alt-svc: h3=":443"; ma=86400
date: Fri, 11 Oct 2024 06:14:07 GMT
content-type: image/x-icon
last-modified: Mon, 10 Jun 2019 20:35:15 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 favicon.ico
www.up-4ever.net/ 12 KB
0 0ms
0ms Other
image/x-icon 172.67.216.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.up-4ever.net/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71da8cb518e56fd83e092bdbcd3d69afee6caa8ba8e6947e5628ba5cd00e229b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-4ever.net/fcuh2jmegikb

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: HIT
age: 5294
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8BpN%2BSRJXf5AG9xEh61jMBA%2BTnGcG33ojgjyYbhGx4BHOtkA9w2y%2BB6YaqcBqunMj%2FPyx6PFE7nfEly0Bjz6RIJWk0ra%2BTpFSZBliiZ89nc8ip3HRKhytKt40yJm%2BjPKU2hw"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d0cb54a0a4939ea-YYZ
alt-svc: h3=":443"; ma=86400
date: Fri, 11 Oct 2024 06:14:07 GMT
content-type: image/x-icon
last-modified: Mon, 10 Jun 2019 20:35:15 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 18 KB
7 KB 115ms
40ms Script
text/javascript 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410090101/show_ads_impl_fy2021.js?bust=31087977

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-4ever.net/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Fri, 11 Oct 2024 06:14:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 11 Oct 2024 06:14:07 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H3 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/232/ Frame 1BD2 0
0 38ms
37ms Document
text/html 209.85.232.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.232.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qt-in-f132.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.up-4ever.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 512
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 11 Oct 2024 06:05:35 GMT
expires: Fri, 11 Oct 2024 06:55:35 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame D86D 0
0 50ms
49ms Document
text/html 173.194.68.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.68.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qr-in-f105.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dlTqJsLgtQaTKeb-_4M3NA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.up-4ever.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-dlTqJsLgtQaTKeb-_4M3NA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Fri, 11 Oct 2024 06:14:07 GMT
expires: Fri, 11 Oct 2024 06:14:07 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adt Show response
fundingchoicesmessages.google.com/f/AGSKWxWxzlM60lW-59_Wr7ENsV1XV2NxiZCFJrJFaIuh1WPKAfBrCdlbAdrpkQv1y43VB3-n7HW2kTFHTCY9Ud-SwivX69qhPeMQ7n0yTy-FJfiybd3zf5-Aj9Ca03JpIQz-ey6f7wWb_Uazbc3ppnMojfXS5OiVm... 54 B
109 B 70ms
68ms Script
application/javascript 209.85.201.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWxzlM60lW-59_Wr7ENsV1XV2NxiZCFJrJFaIuh1WPKAfBrCdlbAdrpkQv1y43VB3-n7HW2kTFHTCY9Ud-SwivX69qhPeMQ7n0yTy-FJfiybd3zf5-Aj9Ca03JpIQz-ey6f7wWb_Uazbc3ppnMojfXS5OiVmx3OBFjcO_yRVR-iE6n5J6780DQesSit/_/ad_tickets./ad-300x254./msnpopsingle2..net/adt?/adPos?

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.taBgGvRQC20.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwWdPVxtn5isVLilUbrYBvbgCY9ZQ/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.201.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f100.1e100.net

Software

ESF /

Resource Hash

96eab4dc3922714b445d695d9048a8bc63a59a6a89c0593427f3e3f2c1b2ab9f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-D2UVV0zrrSqmulEW_hBs7w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-4ever.net/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 11 Oct 2024 06:14:08 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjqtDikmJw05BiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B2JDhUus9kDsWHSJ1ROIVXsusRoD8f11l1ifA_HXPZdY_wLx3o-XWI8CcZHEFdYGIL7ddIX1MRALcXNsaFm8g03gwbeZKUoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmhgYGlnoGRvEFBgDweUob"
content-security-policy: script-src 'report-sample' 'nonce-D2UVV0zrrSqmulEW_hBs7w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
52 KB 59ms
57ms Script
text/javascript 209.85.144.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.144.154 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f154.1e100.net

Software

cafe /

Resource Hash

41404c53946570562b440b3c421e39a546ef0c9076f6e9852ec245e9863a6b79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-4ever.net/

Response headers

content-encoding: br
etag: 12818969484474575536
x-content-type-options: nosniff
expires: Fri, 11 Oct 2024 06:14:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Fri, 11 Oct 2024 06:14:08 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 52983
x-xss-protection: 0
server: cafe

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVPFUT9vAu6mCwcf1wfyunUSo9wsqGpUcfrmDnWbCDSjD0yQxZHPvH-HWM7unPQota9e4vLt5G3Rj1QhVfzM04js5qeG8pSI0fJnpYVkbNIin3uke1-hY3oUN38cW8xM0E9FSPPHw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.201.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f100.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-z7cRctqWhyg8iPGO2Zht6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.up-4ever.net/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 11 Oct 2024 06:14:08 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw0pBicEqfwRoCxO5aF1n9gfjrnkusf4F478dLrEeBWIibY0PL4h1sAh96ZsQquSTlF8Yn5-eVpOaV6CamFOuC2EWZSaUl-UUo7NQykIqc_PT0zLz0eCMDIxNDAwNLPQOz-AIDAJSKLsQ"
content-security-policy: script-src 'report-sample' 'nonce-z7cRctqWhyg8iPGO2Zht6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.up-4ever.net
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVPFUT9vAu6mCwcf1wfyunUSo9wsqGpUcfrmDnWbCDSjD0yQxZHPvH-HWM7unPQota9e4vLt5G3Rj1QhVfzM04js5qeG8pSI0fJnpYVkbNIin3uke1-hY3oUN38cW8xM0E9FSPPHw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.201.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f100.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JD4u-zD1tUwIyvh-R6ZwAQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.up-4ever.net/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 11 Oct 2024 06:14:08 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmII0JBicEqfwRoCxO5aF1n9gfjrnkusf4F478dLrEeBWIibY0PL4h1sAivu_ahRcknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGBgaWegZm8QUGAL1_L1M"
content-security-policy: script-src 'report-sample' 'nonce-JD4u-zD1tUwIyvh-R6ZwAQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.up-4ever.net
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVPFUT9vAu6mCwcf1wfyunUSo9wsqGpUcfrmDnWbCDSjD0yQxZHPvH-HWM7unPQota9e4vLt5G3Rj1QhVfzM04js5qeG8pSI0fJnpYVkbNIin3uke1-hY3oUN38cW8xM0E9FSPPHw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.201.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f100.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7JtvMA6L0htPokCuHavYzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.up-4ever.net/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 11 Oct 2024 06:14:08 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw15BicEqfwRoCxO5aF1n9gfjrnkusf4F478dLrEeBWIiHY0PL4h1sAh82fOtlVHJJyi-MT87PK0nNK9FNTCnWBbGLMpNKS_KLUNipZSAVOfnp6Zl56fFGBkYmhgYGlnoGZvEFBgDf2C99"
content-security-policy: script-src 'report-sample' 'nonce-7JtvMA6L0htPokCuHavYzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.up-4ever.net
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVPFUT9vAu6mCwcf1wfyunUSo9wsqGpUcfrmDnWbCDSjD0yQxZHPvH-HWM7unPQota9e4vLt5G3Rj1QhVfzM04js5qeG8pSI0fJnpYVkbNIin3uke1-hY3oUN38cW8xM0E9FSPPHw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.201.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f100.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ILluUkgJ6eHzND88GMu3DQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.up-4ever.net/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 11 Oct 2024 06:14:08 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmII0pBicEqfwRoCxO5aF1n9gfjrnkusf4F478dLrEeBWIiHY0PL4h1sAhNePJrIqOSSlF8Yn5yfV5KaV6KbmFKsC2IXZSaVluQXobBTy0AqcvLT0zPz0uONDIxMDA0MLPUMzOILDADQvC9I"
content-security-policy: script-src 'report-sample' 'nonce-ILluUkgJ6eHzND88GMu3DQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.up-4ever.net
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxXQnlzFy8469z6hQGlak4V7SBJp9YenRnCaAjfIQFPb864p4tK-MZ5Um_FVXo6bM0ax3V18_j92673lCXcvFMIdUmLxLNkzuF-NkdWWX1EP4xVbEkvbNkv-4pxv_kf0e6kcJiXOnQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
1 KB 62ms
62ms Script
application/javascript 209.85.201.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXQnlzFy8469z6hQGlak4V7SBJp9YenRnCaAjfIQFPb864p4tK-MZ5Um_FVXo6bM0ax3V18_j92673lCXcvFMIdUmLxLNkzuF-NkdWWX1EP4xVbEkvbNkv-4pxv_kf0e6kcJiXOnQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI4NjI3MjQ4LDI0NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3LnVwLTRldmVyLm5ldC9mY3VoMmptZWdpa2IiLG51bGwsW1s4LCJ0YUJnR3ZSUUMyMCJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.201.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f100.1e100.net

Software

ESF /

Resource Hash

74cdfe87bafd137fe82fac5cc9ae21f2066ebe9048a2c4ae87f22529ac894de4

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-ggYa851h11tcSPncrJJQIw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-4ever.net/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 11 Oct 2024 06:14:08 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjqtDikmLw1JBiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B2JDhUus9kDsWHSJ1ROIVXsusRoD8f11l1ifA_HXPZdY_wLx3o-XWI8CcZHEFdYGIL7ddIX1MRAL8XBsaFm8g01gxroLbYxKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGJoYGBpZ6BkbxBQYAJBNJ6Q"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-ggYa851h11tcSPncrJJQIw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxXSUbR8quedaPiTe5DDuRoi9jc6akF0Lyfs_ml1i4XJzny-ViSWpvKp2nhdd2jWqbZXs4aWvbXKsks47kHA_qE7SlVoke1h4Q6tQpz-yJprmhO20lY3YARg3erxCFDIe3QyprKb1A== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 56ms
56ms Script
application/javascript 209.85.201.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXSUbR8quedaPiTe5DDuRoi9jc6akF0Lyfs_ml1i4XJzny-ViSWpvKp2nhdd2jWqbZXs4aWvbXKsks47kHA_qE7SlVoke1h4Q6tQpz-yJprmhO20lY3YARg3erxCFDIe3QyprKb1A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI4NjI3MjQ4LDMxNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cudXAtNGV2ZXIubmV0L2ZjdWgyam1lZ2lrYiIsbnVsbCxbWzgsInRhQmdHdlJRQzIwIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.201.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f100.1e100.net

Software

ESF /

Resource Hash

2cab7aa232d376cae15aecc3c36fcbe4214515b9f06f134dbc78635b31fd0f86

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Qvni20uiptbkwln6gqz-Kg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-4ever.net/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 11 Oct 2024 06:14:08 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjqtDikmLw0ZBiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B2JDhUus9kDsWHSJ1ROIVXsusRoD8f11l1ifA_HXPZdY_wLx3o-XWI8CcZHEFdYGIL7ddIX1MRAL8XBsaFm8g03gxMZdyxmVNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAwNDCz1DIziCwwAMT9KKg"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Qvni20uiptbkwln6gqz-Kg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxVZXBlTX22qFat9iSpQD3ssatnPqSObTfDk6Lip6mCSxFqlA8Zgc4tKCWfBKi2RkUu4zEDMm1WS-cJ-d6j0v8PcGSllq7Y9M65p5toiXnPNNIgARQUm1hJAMXARRZWroT9sK2WILQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 49ms
48ms XHR
text/html 209.85.201.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVZXBlTX22qFat9iSpQD3ssatnPqSObTfDk6Lip6mCSxFqlA8Zgc4tKCWfBKi2RkUu4zEDMm1WS-cJ-d6j0v8PcGSllq7Y9M65p5toiXnPNNIgARQUm1hJAMXARRZWroT9sK2WILQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.201.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f100.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-2SzfRaezs5vQiTNUgjQsAg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.up-4ever.net/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 11 Oct 2024 06:14:08 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw1JBicEqfwRoCxO5aF1n9gfjrnkusf4F478dLrEeBWIiHY0PL4h1sAh_2XD7IqOSSlF8Yn5yfV5KaV6KbmFKsC2IXZSaVluQXobBTy0AqcvLT0zPz0uONDIxMDA0MLPUMzOILDADlJS-U"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-2SzfRaezs5vQiTNUgjQsAg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.up-4ever.net
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVPFUT9vAu6mCwcf1wfyunUSo9wsqGpUcfrmDnWbCDSjD0yQxZHPvH-HWM7unPQota9e4vLt5G3Rj1QhVfzM04js5qeG8pSI0fJnpYVkbNIin3uke1-hY3oUN38cW8xM0E9FSPPHw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.201.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f100.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-4mVte1aV4ZV9l4cseMj0GQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.up-4ever.net/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 11 Oct 2024 06:14:08 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmII1pBicEqfwRoCxO5aF1n9gfjrnkusf4F478dLrEeBWIiHY0PL4h1sAjPO9V1gVHJJyi-MT87PK0nNK9FNTCnWBbGLMpNKS_KLUNipZSAVOfnp6Zl56fFGBkYmhgYGlnoGZvEFBgDFzC8i"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-4mVte1aV4ZV9l4cseMj0GQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.up-4ever.net
content-length: 0
x-xss-protection: 0
server: ESF

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.facebook.com
URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp

Domain: accounts.google.com
URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ARpgrqczjnjEdM5yI-3hhvwl1l9OnnCYcif8N8ohK2-refIpCAyhmVnf8yzpRG5bBjsnCde-YDM87A&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S521214869%3A1728627246303524&ddm=0

Domain: accounts.google.com
URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ARpgrqdtTUWQKbpON9B2-hQwbVhf8-TcectVnjT9HYgOVQ5DwY2uPnTcs7WGfVO3EyD59LlDFWZY9A&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S505488728%3A1728627246269012&ddm=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241009&jk=499346494065092&bg=!29il2JfNAAaUWUsktFk7ADQBe5WfOC10oJcCJx7Y6I4KyYXNxwa-8eL3t0cUveAksRVZKm-b-y72xUOnBUreUagBq_F_AgAAAGNSAAAAA2gBB34ANgOoMqd7N0chSBPI2ZQ_BkZ7XSMEhN9y9ntm4CP7zWTFq5CXvwv67_XD71n63QSfenezIN00CZkChdgyoDia-GTRVyWYal8rWx3HTnpbBRf6TkloWEQjBwG4nhlODSdDJrx0Ry3RFhpjKVhyl2lG12SKXWVq1LhGzCFVOkmOcRwu83E9lK5HfuXAVQ7AxbtsFDbs1hn2gGhHjoyDLu5kcDY0ZFKvZb0jV6shg8mMDBjng0skHazgsEHGexjdTcB_gPou3N696CSPRadCdl8b5yXramnzZTYlQHS-SNX1_wkVk4drd4R_bzzcfC7Q2KlnAgbH2RQOwEINyGmOZAX08zBFISXAokMEHlBtBo6hmIaG9qMoNqCn54d6MBn65wRppx6xxTSatBt-ELsjFx4m9oNmfH7sFkT67PiEsk47Q-3VQxmtDG4fn0hIPDxUPy76EWhZpYDEQtHBmoTKjbmGElNhH7_5fZlvNQ624QzXFfUktAeD-DSrMFSZrE0jM3bG3WbG3pl_pta2kuNmYr9F_wAVX6LIVoln8cXQisei3M-v6FZme4StyMt086GzwsN2ZtJPJ-VnDYD2ebxay2PHQQYti184cH1t8pcA-Gg4A3ygMpX7EU_KB8r3HYB_KRWA8hhiWKuux7xbiAZnU0t7CZUDuPy0RBCQlwDLzE5FkMxzaISlwVw6eN_Tpf-Eow5qXgFjJlgYEcIsfP1Co0eI-dQgabs1it0Np0tVMT9Hi3JxE_T3fl_DwORaFGutYvd1H38gCVAXAkCd_SuGTCA1geimgy9UitN3MSetCRBEIJPL083Yjap3qLPKuPgrteATseyYetFgjt4TBMa0kxMsPHkHzINLYmXQRPjom3Yb0_GfLC623h00dpVvxRzgfmMcJM66WdTul7JP15wSGULL85kr8kYMR-kAP7VZkpAD-A

Verdicts & Comments Add Verdict or Comment

102 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

52 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.up-4ever.net/	1970-01-21 00:30:36	Name: aff Value: 1669272
ukankingwithea.com/	1970-01-21 08:48:51	Name: csu Value: 2125274869231719@1@1728627246
om.avocetriches.com/	1970-01-21 00:11:53	Name: GL_UI4 Value: eJw9jd1Og0AQhaGwtNWCTsID%2BAiAaOml8dZ3IMvuSNcuO82wpfr2riZ6dX7y5ZwoilblHcRLtoXkIp%2FgQel9pRCHVtb75656rIa66xp1qJq2kW3TwdbMvZeDRZ%2FCZp4k%2B94vKexGdMhG9Yo05nAfqL%2Fm5OjqUhADS6dzEFMgbA7rgek6I5cJpE5OCNnrkSmomOQHMSR1cwjeuODjClY0l0lxA%2BLNuMtnscuiosgiuD1b6d%2BJp97oEMXIUiPEL7BR0uNI%2FAVrjfPJ0xmArO7%2F%2Bd9PYX%2FWINO4GBUi%2BSPyN0XnTgI%3D
om.avocetriches.com/	1970-01-21 00:11:53	Name: GL_GI10 Value: eJwNyEEKwjAQBdDMIKmCIB97AE8QGiuKy5KNG5FScB%2FTIIWShDR6fn3LJ4TgegueEnb6fFFan9SxuSrdtKA32HRgFyCNDXa0oAzuDTj%2Fq%2F%2F4l3cgh%2FU9hpK9nUETqsfzdhi6ARwWbEzMKWZbPChJApdYrcDLWAvQV%2B5%2FZpIbJg%3D%3D
.up-4ever.net/	1970-01-21 09:46:27	Name: _ga_BH3KCF6H24 Value: GS1.1.1728627246.1.0.1728627246.60.0.0
.up-4ever.net/	1970-01-21 09:46:27	Name: _ga Value: GA1.1.1465201339.1728627246
.up-4ever.net/	1970-01-21 09:32:03	Name: __gads Value: ID=e76b186eb19e23f8:T=1728627246:RT=1728627246:S=ALNI_MYZS9ZzkmYeYMPppBCuLSE91CIuMw
.up-4ever.net/	1970-01-21 09:32:03	Name: __gpi Value: UID=00000f281886a59f:T=1728627246:RT=1728627246:S=ALNI_MYzTKpDM06jkHjRGymLOdIk-dkxrA
.up-4ever.net/	1970-01-21 04:29:39	Name: __eoi Value: ID=c1dfad9623a4abc3:T=1728627246:RT=1728627246:S=AA-AfjaeRcj4Qr2Avw7cgbP0el2j
.doubleclick.net/	1970-01-21 09:46:27	Name: IDE Value: AHWqTUnQqV2Z0TsQ1VuOWvJxg2J_76ody5dEOCYuFNYVWs7BfBUy_ltTebH3iIeh7Y4
gtrace.mediago.io/	1970-01-21 08:56:03	Name: cst_70 Value: ts=1728627247
.mediago.io/	1970-01-21 08:56:03	Name: __mguid_ Value: 4acc6291f5a629fd2kt8n700m24c14br
.ctnsnet.com/	1970-01-21 08:56:03	Name: gid_CAESELoUsorB1nJZVyokCEBkEO0 Value: 1
.ctnsnet.com/	1970-01-21 08:56:03	Name: cid_91cb881970a04362987be7f053b65fff Value: 1
.simpli.fi/	1970-01-21 08:57:29	Name: suid Value: A5B1DA39A96B4A54A533F2CD839F3C17
sync.srv.stackadapt.com/	1970-01-21 08:56:03	Name: sa-user-id Value: s%3A0-f5a595c3-5da4-5e07-4c0e-cf5528daa32a.FvOMVqzn5%2FbJ6ambVqxJR66AgzRBuPMOZr8Up%2F4YY0k
.srv.stackadapt.com/	1970-01-21 08:56:03	Name: sa-user-id Value: s%3A0-f5a595c3-5da4-5e07-4c0e-cf5528daa32a.FvOMVqzn5%2FbJ6ambVqxJR66AgzRBuPMOZr8Up%2F4YY0k
sync.srv.stackadapt.com/	1970-01-21 08:56:03	Name: sa-user-id-v2 Value: s%3A9aWVw12kXgdMDs9VKNqjKqdy0Wc.De8IYD3yL21YfFHosd1SSUx1ESXVXWALXruVMq8PWsw
.srv.stackadapt.com/	1970-01-21 08:56:03	Name: sa-user-id-v2 Value: s%3A9aWVw12kXgdMDs9VKNqjKqdy0Wc.De8IYD3yL21YfFHosd1SSUx1ESXVXWALXruVMq8PWsw
sync.srv.stackadapt.com/	1970-01-21 08:56:03	Name: sa-user-id-v3 Value: s%3AAQAKIPiNVVVjf4Tl9IQr6-i1WViXVQEozW0CRQSMhmC6a0aAEGcYBCCvhKO4BjABOgS9RxseQgRFxhgW.6mfBVWB187SrP2%2FAzraVXLVYrPiEFUywXcnJnuLrpVs
.srv.stackadapt.com/	1970-01-21 08:56:03	Name: sa-user-id-v3 Value: s%3AAQAKIPiNVVVjf4Tl9IQr6-i1WViXVQEozW0CRQSMhmC6a0aAEGcYBCCvhKO4BjABOgS9RxseQgRFxhgW.6mfBVWB187SrP2%2FAzraVXLVYrPiEFUywXcnJnuLrpVs
.linkedin.com/	1970-01-21 08:56:03	Name: bcookie Value: "v=2&183e00e1-53b2-49b2-8468-7e2588f10695"
.linkedin.com/	1970-01-21 04:29:39	Name: li_gc Value: MTswOzE3Mjg2MjcyNDc7MjswMjHMN3ETId9PAd2Qs7LxLiR1WwYEwPht3sQ1IVFVu3C2wg==
.linkedin.com/	1970-01-21 00:11:53	Name: lidc Value: "b=TGST02:s=T:r=T:a=T:p=T:g=3390:u=1:x=1:i=1728627247:t=1728713647:v=2:sig=AQFR8Jdm9nix1GMajz8LbZ8vgjMIzYa0"
beacon.lynx.cognitivlabs.com/	1970-01-21 08:56:03	Name: UID Value: 823ce408-2ee0-4f28-9d92-d1a3bc78e4f3
beacon.lynx.cognitivlabs.com/	1970-01-21 08:56:03	Name: ss Value: GgdQaFGgfNYQBRkeUQgam7IpskG3cjcSQ8nS7vqhnAeTDLaffwnqIQCpVrnEogr79OoVhg8l3O2cZx9xcHEdnA%3D%3D
.bidr.io/	1970-01-21 09:39:00	Name: bito Value: AAHwMU7OEYQAABQPj5XUuQ
.bidr.io/	1970-01-21 09:39:00	Name: bitoIsSecure Value: ok
.pangle-ads.com/	1970-01-21 09:32:03	Name: _pangle Value: 2nHPu4CT80OA4f500IELQrA6xSa
.bttrack.com/	1970-01-21 02:20:03	Name: GLOBALID Value: 2uKlc8-sIBd987FnXwa9YuP5fwgHX1d8cHY4nQ6wI0MIQztsCPHH0fi2YWPS5YosJGr2VP6SaZQC4TM1
.creativecdn.com/	1970-01-21 08:56:03	Name: g Value: pmd4Ngfil8fWIY002DG0_1728627247356
.creativecdn.com/	1970-01-21 08:56:03	Name: ts Value: 1728627247
.adform.net/	1970-01-21 00:55:05	Name: C Value: 1
.sitescout.com/	1970-01-21 08:56:03	Name: ssi Value: 0c322151-c3d2-4f7a-9ff8-410979b4f69c#1728627247670
.adform.net/	1970-01-21 01:36:51	Name: uid Value: 8481574559095696992
.mathtag.com/	1970-01-21 09:36:22	Name: uuid Value: 63d16708-c22f-4700-b0ca-795c51a76223
.mathtag.com/	1970-01-21 00:53:39	Name: mt_mop Value: 4:1728627247
.sitescout.com/	1970-01-21 00:53:39	Name: _ssuma Value: eyI2OCI6MTcyODYyNzI0NzcwN30
.tribalfusion.com/	1970-01-21 02:20:03	Name: ANON_ID Value: aanoeUx2eNOSE0UdaqkCUL6V371pykCHyoyZdPFEZa
.inmobi.com/	1970-01-21 02:20:03	Name: idsp_c Value: b05bb86e-1e6c-4f51-9996-4b5590b9419f
.ipredictive.com/	1970-01-21 08:56:03	Name: cu Value: 0d48dfe3-b45e-49bd-8384-5b4cb7566e13\|1728627247735
.travelaudience.com/	1970-01-21 09:40:41	Name: _tracker Value: %7B%22UUID%22%3A%223E583623-4A5D-476A-0814-A0B43C72CB48%22%7D
.mfadsrvr.com/	1970-01-21 08:56:03	Name: tuuid Value: 4f2d5254-ac73-45a1-b2f5-2d72c907d7ae
.mfadsrvr.com/	1970-01-21 08:56:03	Name: c Value: 1728627247
.mfadsrvr.com/	1970-01-21 08:56:03	Name: tuuid_lu Value: 1728627248
.mfadsrvr.com/	1970-01-21 08:56:03	Name: ssh Value: !google=1728627248
.uncn.jp/	1970-01-21 08:56:03	Name: t Value: v_5beee531-fa33-42df-9183-0412afa68191
.yandex.ru/	1970-01-21 09:46:27	Name: bh Value: EkAiR29vZ2xlIENocm9tZSI7dj0iMTI5IiwgIk5vdD1BP0JyYW5kIjt2PSI4IiwgIkNocm9taXVtIjt2PSIxMjkiKgI/MDoHIkxpbnV4ImCwhKO4Bg==
.yandex.ru/	1970-01-21 09:46:27	Name: i Value: 1SeWkhC6oNSRoHLvJse4lc9JE0IaJF9DXUuTjaU4eFYrytwNS6rBYkpWACFH5Yq6YKWJZW4Hpo5v/9DXYrWVeVFIocI=
.yandex.ru/	1970-01-21 09:46:27	Name: yandexuid Value: 6115466411728627248
.yandex.ru/	1970-01-21 08:56:03	Name: yashr Value: 4653324021728627248
.up-4ever.net/	1970-01-21 08:56:03	Name: FCNEC Value: %5B%5B%22AKsRol8qHrqvM3h0ouZjZPxCevlnCx4DExL7qS0fZGxc56iqkV9-dkniYPNRyBitdwF5AZE1gFOS7ZPozrMtIujI12URqL2tcElYLmESf6xi4B6YIgx0Qgs1GWJ5vmJUxq0RitiGeHaoaZDw0t9arrZ01hp6bQlKbA%3D%3D%22%5D%5D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mingleassertiveregard.com/3a/4d/71/3a4d714cbee4782ae5a10295f716c3d4.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0;includeSubDomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
analytics.google.com
dof9zd9l290mz.cloudfront.net
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
mileesidesukbein.com
mingleassertiveregard.com
om.avocetriches.com
osadooffinegold.com
pagead2.googlesyndication.com
stats.g.doubleclick.net
td.doubleclick.net
tpc.googlesyndication.com
ukankingwithea.com
www.facebook.com
www.google.ca
www.google.com
www.googletagmanager.com
www.up-4ever.net
accounts.google.com
pagead2.googlesyndication.com
www.facebook.com
104.21.66.110
104.21.68.94
108.156.107.128
172.240.127.234
172.67.216.188
173.0.146.108
173.194.205.156
173.194.68.105
2001:4860:4802:38::181
209.85.144.154
209.85.201.100
209.85.232.132
209.85.232.94
2600:9000:2514:f200:15:c03c:5ec0:21
2607:f8b0:400d:c02::9c
2607:f8b0:400d:c03::61
2607:f8b0:400d:c03::8b
2607:f8b0:400d:c0d::84
2607:f8b0:400d:c0d::9b
0787e30d6145bc8b8b92ed329f664bcc3012162ccba9ef943d7ada480afb74e9
0a61490d8aeb374bac98abdad64f4d036b7117d850c740dc4ebd5be7c0708e22
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
13dad7fdad2018be7a0ad4a780edcbb2bcb19c82bd1f02e0e9cf19048c0176a7
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1cd5c4b37938d932110ec043ce1cc766d18cacf7a4e7cffa6a539855d5bdc08d
20bc222f73096f80397fe7b936bf6c6ca21f77dc5eb9ae91244154a98a207a64
2cab7aa232d376cae15aecc3c36fcbe4214515b9f06f134dbc78635b31fd0f86
2d3e15995e3bcde2055bfc93d2523a0160d10386e9bf3a7c7ffc2b278ecb7c91
2fc5ace475076f454c946a32e61011a7b8b0ab6fadfb98a73756906b94a5588d
32c5e19d84262f6e0dece31d753af2c26ee86cdc6caf5fbc063739fe0a65ede1
361956d1f211151543ff2f654ac6b7ce9fbe31b3eaa08832a693f5a18a8a6ad7
368157e7aea7b13b88dffd4dc4b39e40399f52ab562b67139a5c53977a7f8bbc
3900ede293bfb15a58e82ffcb1d73b4ec24157e36f5aed04e56d832fab57b03f
41404c53946570562b440b3c421e39a546ef0c9076f6e9852ec245e9863a6b79
4aad78e8fe05f5411c3c5b59b51426473a37c3ed8cf3ecd1618aa087a1753079
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
58cb6a78afc204b7165e947c965cbce6296ee0e587fbab3e12c0d2b6378e9004
618251f1550c35003cf13548405c31e6ca81c9565ad12251b9465625a7926282
71da8cb518e56fd83e092bdbcd3d69afee6caa8ba8e6947e5628ba5cd00e229b
71fea8e764130d6d3e79297c3c69a3f30ba91e929ef79753dc6fd807d04bc03d
74cdfe87bafd137fe82fac5cc9ae21f2066ebe9048a2c4ae87f22529ac894de4
7562baefa798b5a47f3af8589529dccee091f4e40f13edc1b014f1776ef57c33
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8b84b2abc336ee61f48a28a697b6ace2333ea5f1868aa15d5aeb2c7beac6d716
94a0ac8d73bb60a9cbe27a4fa36669104f6ffa37c8ff2df29313a6c0d3b64a75
96eab4dc3922714b445d695d9048a8bc63a59a6a89c0593427f3e3f2c1b2ab9f
974956f1b7b82cecd8ae88a0b685f0d5dfe5c8534c2784e59abeea719eadbbc4
99c53397eb2217df916d67abfb55ed71b9db9d9b80d0ffa7813efe1c932bc91f
a4ec9d558eeb7bc7359fe7c4820deea2c951fdd8bd34cb0e15727412c7f6c634
a54c12f8a19ad3b549975107c57c841254867a4917ef17f097e3ed8890180f1e
a9e78b0bfceeaad1dc5d2a5a1a8a08da46dc4164dd7f3303924741a675f8db79
b5c9c23bd12593523a46d79dd0aee80e3226bbde4c9ac05fc30a95e2c1510de0
b6e658cbd1f64eba1b117f37d463588e91d21469fbf2cb2332b5d68f4e4b0fee
c4fb91befcf134b81ecfa1c586e1f9d6426c8f4fc1f6c130ac1fddb49ab5df96
c8ecfe747c979fbd87624913200a9237343679923b495885bced089b80fc84f6
c9adb52c42b2966ed05d4e7eda2695e67285e19546bccfd14eae3c77ad760d5a
dc409c9759a5426446bff4cea9dbee3cbf758fb97af540ccdacc670c0f609ce0
e1c9d4f2132f0ab3024e0c723c263904103b1acadac056afe7ba3415dce3e10e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecf662e9f1d25bd142e6b4e5618012a3af7af1a2cd7504d67b90d59ca344ef2f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
f78a6324c20a743f26c5b6d6807c955cc4677976ff6aa05c4bb85db860c9a69a
fdc453f1fc06ddd1c0601c60a174eeabdd5e069777f70f34917b20889b916edf
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

www.up-4ever.net Open in urlscan Pro 172.67.216.188 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

81 Requests

95 %HTTPS

37 %IPv6

13 Domains

19 Subdomains

20 IPs

2 Countries

1553 kBTransfer

3816 kBSize

52 Cookies

4 Outgoing links

Redirected requests

81 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.up-4ever.net Open in urlscan Pro
172.67.216.188 Public Scan

Screenshot
Live screenshot

Full Image

81
Requests

95 %
HTTPS

37 %
IPv6

13
Domains

19
Subdomains

20
IPs

2
Countries

1553 kB
Transfer

3816 kB
Size

52
Cookies

81 HTTP transactions
0 data transactions