kuuzaglobal.com Open in urlscan Pro
2a02:4780:4a:2abc:df43:e636:d364:7657 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://newstoday502.pages.dev/
Effective URL:
https://kuuzaglobal.com/owlcarousel/frn.php
Submission Tags: threatview.io malwar3ninja rule: suspected phishing scam automated-submission Search All
Submission: On November 20 via api (November 20th 2024, 7:13:11 am UTC) from DE — Scanned from US

Summary HTTP 55 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 11 domains to perform 55 HTTP transactions. The main IP is 2a02:4780:4a:2abc:df43:e636:d364:7657, located in Cyprus and belongs to AS-HOSTINGER Hostinger International Limited, CY. The main domain is kuuzaglobal.com.
TLS certificate: Issued by R10 on September 21st 2024. Valid for: 3 months.

This is the only time kuuzaglobal.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 8	2606:4700:310... 2606:4700:310c::ac42:2d1b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a02:4780:4a:... 2a02:4780:4a:2abc:df43:e636:d364:7657	47583 (AS-HOSTIN...) (AS-HOSTINGER Hostinger International Limited)
3	2607:f8b0:400... 2607:f8b0:4006:816::2002	() ()
24	141.193.213.10 141.193.213.10	() ()
1	2606:4700::68... 2606:4700::6812:bcf	() ()
2	2607:f8b0:400... 2607:f8b0:4006:80c::200a	() ()
1	2607:f8b0:400... 2607:f8b0:4006:824::2004	() ()
1	2607:f8b0:400... 2607:f8b0:4006:81d::2008	() ()
1	172.67.23.169 172.67.23.169	() ()
2	2606:4700::68... 2606:4700::6811:190e	() ()
55	11

8 2606:4700:310c::ac42:2d1b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

newstoday502.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:4780:4a:2abc:df43:e636:d364:7657 (Cyprus)

ASN47583 (AS-HOSTINGER Hostinger International Limited, CY)

kuuzaglobal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:816::2002 (None, )

ASN- ()

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 141.193.213.10 (None, )

ASN- ()

uphelp.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (None, )

ASN- ()

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80c::200a (None, )

ASN- ()

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:824::2004 (None, )

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81d::2008 (None, )

ASN- ()

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.23.169 (None, )

ASN- ()

widgets.guidestar.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (None, )

ASN- ()

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	uphelp.org uphelp.org	412 KB
8	pages.dev 1 redirects newstoday502.pages.dev	44 KB
5	kuuzaglobal.com kuuzaglobal.com	40 KB
3	googlesyndication.com pagead2.googlesyndication.com	249 KB
2	cloudflare.com cdnjs.cloudflare.com	48 KB
2	googleapis.com fonts.googleapis.com	4 KB
1	guidestar.org widgets.guidestar.org	5 KB
1	googletagmanager.com www.googletagmanager.com	80 KB
1	google.com www.google.com	968 B
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	7 KB
0	doubleclick.net Failed googleads.g.doubleclick.net Failed
55	11

	Domain	Requested by
24	uphelp.org	kuuzaglobal.com
8	newstoday502.pages.dev	1 redirects newstoday502.pages.dev
5	kuuzaglobal.com	kuuzaglobal.com
3	pagead2.googlesyndication.com	kuuzaglobal.com pagead2.googlesyndication.com
2	cdnjs.cloudflare.com	kuuzaglobal.com
2	fonts.googleapis.com	kuuzaglobal.com
1	widgets.guidestar.org	kuuzaglobal.com
1	www.googletagmanager.com	kuuzaglobal.com
1	www.google.com	kuuzaglobal.com
1	maxcdn.bootstrapcdn.com	kuuzaglobal.com
0	googleads.g.doubleclick.net Failed	pagead2.googlesyndication.com
55	11

This site contains no links.

Subject Issuer	Validity	Valid
newstoday502.pages.dev WE1	`2024-11-04` - `2025-02-02`	3 months	crt.sh
kuuzaglobal.com R10	`2024-09-21` - `2024-12-20`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
uphelp.org E5	`2024-11-15` - `2025-02-13`	3 months	crt.sh
bootstrapcdn.com WE1	`2024-11-18` - `2025-02-16`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
widgets.guidestar.org WE1	`2024-11-16` - `2025-02-14`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-09-28` - `2024-12-27`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://kuuzaglobal.com/owlcarousel/frn.php
Frame ID: C468CA472842A535AB265B5991ACB265
Requests: 52 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241118/r20190131/zrt_lookup_fy2021.html
Frame ID: 437975C235297F86D916DCBF33420D3E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7270602505604953&output=html&adk=1812271804&adf=1573534164&abgtt=6&lmt=1732086790&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fkuuzaglobal.com%2Fowlcarousel%2Ffrn.php&pra=5&wgl=1&aihb=0&aiof=4&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732086790327&bpp=5&bdt=598&idt=277&shv=r20241118&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=4191618293722&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95332923%2C95344187%2C95344787%2C95341243%2C31088250%2C95345967%2C95347756&oid=2&pvsid=1211241899541079&tmod=1079441554&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fkuuzaglobal.com%2Fowlcarousel%2Ffrn.php&fc=1920&brdim=1440%2C1170%2C1440%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=309
Frame ID: 956F98F65ACFF8FE8422DF8646EC8775
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7270602505604953&output=html&h=280&slotname=8144743706&adk=3297734497&adf=3025194257&pi=t.ma~as.8144743706&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1732086790&rafmt=1&format=1200x280&url=https%3A%2F%2Fkuuzaglobal.com%2Fowlcarousel%2Ffrn.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732086790332&bpp=3&bdt=603&idt=323&shv=r20241118&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=4191618293722&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95332923%2C95344187%2C95344787%2C95341243%2C31088250%2C95345967%2C95347756&oid=2&pvsid=1211241899541079&tmod=1079441554&uas=0&nvt=1&ref=https%3A%2F%2Fkuuzaglobal.com%2Fowlcarousel%2Ffrn.php&fc=1920&brdim=1440%2C1170%2C1440%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=332
Frame ID: 9193C8224E2E67ED2179B8683F2E8CBC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Checking your browser before accessing. Just a moment...

Page URL History Show full URLs

http://newstoday502.pages.dev/ HTTP 307
https://newstoday502.pages.dev/ Page URL
https://newstoday502.pages.dev/cdn-cgi/phish-bypass?atok=SQnUIDD38VB1V_83claD0xyKUmDcyc8lXBuNy9I_9Jo-173208... HTTP 301
https://newstoday502.pages.dev/ Page URL
https://kuuzaglobal.com/owlcarousel/frn.php Page URL
https://kuuzaglobal.com/owlcarousel/frn.php Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

D3 (JavaScript Graphics) Expand

Overall confidence: 100%
Detected patterns

/d3(?:\. v\d+)?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

55
Requests

85 %
HTTPS

80 %
IPv6

11
Domains

11
Subdomains

11
IPs

2
Countries

891 kB
Transfer

7850 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://newstoday502.pages.dev/ HTTP 307
https://newstoday502.pages.dev/ Page URL
https://newstoday502.pages.dev/cdn-cgi/phish-bypass?atok=SQnUIDD38VB1V_83claD0xyKUmDcyc8lXBuNy9I_9Jo-1732086779-0.0.1.1-%2F HTTP 301
https://newstoday502.pages.dev/ Page URL
https://kuuzaglobal.com/owlcarousel/frn.php Page URL
https://kuuzaglobal.com/owlcarousel/frn.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://newstoday502.pages.dev/ HTTP 307
https://newstoday502.pages.dev/

Request Chain 4

https://newstoday502.pages.dev/cdn-cgi/phish-bypass?atok=SQnUIDD38VB1V_83claD0xyKUmDcyc8lXBuNy9I_9Jo-1732086779-0.0.1.1-%2F HTTP 301
https://newstoday502.pages.dev/

55 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

/ Show response
newstoday502.pages.dev/
Redirect Chain

http://newstoday502.pages.dev/
https://newstoday502.pages.dev/

5 KB
2 KB

402ms
193ms

Document
text/html

2606:4700:310c::ac42:2d1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newstoday502.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2d1b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b073706e69aa7682894aa2112a76738ee16bdbf5ff9d4f125943d3ea5e366ca3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-ray: 8e56a2841af44411-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 20 Nov 2024 07:12:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bfS%2BZjXySfGakhhAcbwVVpRv81QCGvNlptmU7O5PVfdMfFPqYS6fkdXGBpP4DvazQGTGAeNDF9a03pbC4EGc9Gi9VL4u1xNkZUHhdvxbaF%2BrjROi%2B2QVNTf7ybWRGjxZ%2FUez9F9ZvAviFpF1VsYcqRPBUVwR"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=77760&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4215&recv_bytes=5628&delivery_rate=42631&cwnd=12000&unsent_bytes=0&cid=76d20c0d6c6082f1&ts=174&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://newstoday502.pages.dev/
Non-Authoritative-Reason: HSTS

GET
H3 200 cf.errors.css
newstoday502.pages.dev/cdn-cgi/styles/ 23 KB
5 KB 41ms
40ms Stylesheet
text/css 2606:4700:310c::ac42:2d1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newstoday502.pages.dev/cdn-cgi/styles/cf.errors.css

Requested by

Host: newstoday502.pages.dev
URL: https://newstoday502.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2d1b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://newstoday502.pages.dev/

Response headers

vary: Accept-Encoding
cache-control: max-age=7200, public
content-encoding: gzip
etag: W/"673379a7-5df3"
x-content-type-options: nosniff
cf-ray: 8e56a286bcdf4411-EWR
expires: Wed, 20 Nov 2024 09:12:59 GMT
date: Wed, 20 Nov 2024 07:12:59 GMT
content-type: text/css
last-modified: Tue, 12 Nov 2024 15:52:07 GMT
server: cloudflare
x-frame-options: DENY

GET
H3 200 icon-exclamation.png
newstoday502.pages.dev/cdn-cgi/images/ 452 B
635 B 41ms
40ms Image
image/png 2606:4700:310c::ac42:2d1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newstoday502.pages.dev/cdn-cgi/images/icon-exclamation.png?1376755637

Requested by

Host: newstoday502.pages.dev
URL: https://newstoday502.pages.dev/cdn-cgi/styles/cf.errors.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2d1b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://newstoday502.pages.dev/cdn-cgi/styles/cf.errors.css

Response headers

vary: Accept-Encoding
cache-control: max-age=7200, public
etag: "673379a7-1c4"
x-content-type-options: nosniff
cf-ray: 8e56a287ae174411-EWR
expires: Wed, 20 Nov 2024 09:13:00 GMT
accept-ranges: bytes
content-length: 452
date: Wed, 20 Nov 2024 07:13:00 GMT
content-type: image/png
last-modified: Tue, 12 Nov 2024 15:52:07 GMT
server: cloudflare
x-frame-options: DENY

GET
H3 200 favicon.ico
newstoday502.pages.dev/ 5 KB
2 KB 30ms
30ms Other
text/html 2606:4700:310c::ac42:2d1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newstoday502.pages.dev/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2d1b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8de26e4f88116a6479ce4d04082e8053e779bfcd7562a2612e74f3171fb4cd2f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://newstoday502.pages.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nIdKdAis%2BH%2Fr48a9L8AVOUwVNo3HclfkgktehvUD1I0c6bLoT7dQ0%2FyrHI0qAvwBG%2FNWZcrmrWk2xEFn16JcPPlN5u2F%2FSM4NHsF27zfOzM%2Fp20epoesfR%2BUrMQ1w4uOvUgo4Yxqh6o9ufKk8V1vWcXkzzKr"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e56a288ceea4411-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=102045&sent=25&recv=21&lost=0&retrans=0&sent_bytes=12216&recv_bytes=7048&delivery_rate=11606&cwnd=12000&unsent_bytes=0&cid=76d20c0d6c6082f1&ts=921&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 20 Nov 2024 07:13:00 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
priority: u=1,i
x-frame-options: SAMEORIGIN

GET
H3

200

/ Show response
newstoday502.pages.dev/
Redirect Chain

https://newstoday502.pages.dev/cdn-cgi/phish-bypass?atok=SQnUIDD38VB1V_83claD0xyKUmDcyc8lXBuNy9I_9Jo-1732086779-0.0.1.1-%2F
https://newstoday502.pages.dev/

766 B
1 KB

308ms
307ms

Document
text/html

2606:4700:310c::ac42:2d1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newstoday502.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2d1b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42062c4bb831c06541064dfa94785fb27a8a6e443798e03a261ed345ace4a871

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://newstoday502.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-ray: 8e56a2a25b484411-EWR
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 20 Nov 2024 07:13:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wPBRBkXGIHzJxgaUE%2B33ERnA%2Byp2ywXeIWB03mv7lSsXL8uhF72OIHTEz%2Fp2ohaDqDnsGZdu%2BgMdFR3xwK6IB7enfecwGA512qiYvcMyhvt9QEcJPxwYc7iZDi53pI2l3ne5xihzSFqXqbT7npdK%2BR%2FITqod"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=81342&sent=32&recv=27&lost=0&retrans=0&sent_bytes=15141&recv_bytes=8168&delivery_rate=267&cwnd=12000&unsent_bytes=0&cid=76d20c0d6c6082f1&ts=5279&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

cache-control: private, no-cache
cf-ray: 8e56a2a1fb034411-EWR
content-length: 167
content-type: text/html
date: Wed, 20 Nov 2024 07:13:04 GMT
location: https://newstoday502.pages.dev/
server: cloudflare
x-content-type-options: nosniff
x-frame-options: DENY

GET style.css
newstoday502.pages.dev/ 0
0

GET
H3 200 1.jpg
newstoday502.pages.dev/ 32 KB
32 KB 181ms
180ms Image
image/jpeg 2606:4700:310c::ac42:2d1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newstoday502.pages.dev/1.jpg

Requested by

Host: newstoday502.pages.dev
URL: https://newstoday502.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2d1b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://newstoday502.pages.dev/

Response headers

etag: "79590f4f717814088f17fd44fbf183e5"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yPNFtszcbdu0i3cuk4e0qQoGWQRd%2F%2FhzbaN8g4sW1MaR8Ig6mMDi4HZwRgaGkwNq6Jhk1ZQySeQdwwXRtgdwQj8sGfW9B28hOFvPFPTy7WEhvyjWyZq6q%2F8A50%2BgP4b%2BKcr%2BFypk0cxHIGlXyRiQjenPvgsf"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=73235&sent=37&recv=31&lost=0&retrans=0&sent_bytes=17385&recv_bytes=9038&delivery_rate=19060&cwnd=12000&unsent_bytes=0&cid=76d20c0d6c6082f1&ts=5741&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 20 Nov 2024 07:13:05 GMT
content-type: image/jpeg
vary: Accept-Encoding
priority: u=2,i
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e56a2a5fd934411-EWR
access-control-allow-origin: *
content-length: 32318
server: cloudflare

GET
H2 403 frn.php Show response
kuuzaglobal.com/owlcarousel/ 5 KB
3 KB 187ms
31ms Document
text/html 2a02:4780:4a:2abc:df43:e636:d364:7657
AS-HOSTINGER Host...

General

Check archive.org

Show headers Download Go to

Full URL

https://kuuzaglobal.com/owlcarousel/frn.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:4a:2abc:df43:e636:d364:7657 , Cyprus, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),

Reverse DNS

Software

hcdn /

Resource Hash

c2779250c7e25bb12281a890f3ec61c3585c5bbad82fbbb55a3068191004fc4a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://newstoday502.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: br
content-length: 2193
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Wed, 20 Nov 2024 07:13:05 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: hcdn
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-hcdn-request-id: 4c6e8b610fa42e904e2ba59abb69b9d9-bos-edge4

GET
H3 200 favicon.ico
newstoday502.pages.dev/ 766 B
1 KB 65ms
65ms Other
text/html 2606:4700:310c::ac42:2d1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newstoday502.pages.dev/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2d1b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://newstoday502.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VrqR2hWlAWVXdFvMmb%2FK7WEaEap8q0bmIMBfRPNkak9eNSyFvw5lR8JsvCCOVnPJwrQW4Nz43kdz4SL%2B%2F9jvEZLztnMVt5w11BCnfTOt1XQEX6OJ4HA6HiG%2BbrRcjfw8n%2BMjtYPREvC0aIX5le96XZ7q3iZp"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e56a2a86f504411-EWR
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=43774&sent=67&recv=47&lost=0&retrans=0&sent_bytes=51167&recv_bytes=10099&delivery_rate=581222&cwnd=24000&unsent_bytes=0&cid=76d20c0d6c6082f1&ts=6019&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 20 Nov 2024 07:13:05 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
server: cloudflare
priority: u=1,i

GET
H2 200 jschallenge Show response
kuuzaglobal.com/hcdn-cgi/ 156 B
739 B 30ms
28ms Script
application/javascript 2a02:4780:4a:2abc:df43:e636:d364:7657
AS-HOSTINGER Host...

General

Check archive.org

Show headers Download Go to

Full URL

https://kuuzaglobal.com/hcdn-cgi/jschallenge

Requested by

Host: kuuzaglobal.com
URL: https://kuuzaglobal.com/owlcarousel/frn.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:4a:2abc:df43:e636:d364:7657 , Cyprus, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),

Reverse DNS

Software

hcdn /

Resource Hash

ae763a37b90d6d320ab70c64a7ae0df6408689b0f01fa5c0e43d8d0020f15c52

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kuuzaglobal.com/owlcarousel/frn.php

Response headers

x-hcdn-request-id: e9dcb00ae493c75e1c029f0c4aeba052-bos-edge4
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy: same-origin
content-encoding: br
cross-origin-resource-policy: same-origin
referrer-policy: same-origin
cross-origin-embedder-policy: require-corp
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:01 GMT
date: Wed, 20 Nov 2024 07:13:05 GMT
content-type: application/javascript
vary: Accept-Encoding
server: hcdn
x-frame-options: SAMEORIGIN

GET
H2 403 favicon.ico
kuuzaglobal.com/ 5 KB
3 KB 27ms
27ms Other
text/html 2a02:4780:4a:2abc:df43:e636:d364:7657
AS-HOSTINGER Host...

General

Check archive.org

Show headers Download Go to

Full URL

https://kuuzaglobal.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:4a:2abc:df43:e636:d364:7657 , Cyprus, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),

Reverse DNS

Software

hcdn /

Resource Hash

c2779250c7e25bb12281a890f3ec61c3585c5bbad82fbbb55a3068191004fc4a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kuuzaglobal.com/owlcarousel/frn.php

Response headers

x-hcdn-request-id: 22e6f94a4cbf06c4097f86fc6dc2c9e2-bos-edge4
content-encoding: br
expires: Thu, 01 Jan 1970 00:00:01 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 20 Nov 2024 07:13:05 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
referrer-policy: same-origin
cross-origin-embedder-policy: require-corp
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
content-length: 2193
server: hcdn

POST
H2 200 jschallenge-validate
kuuzaglobal.com/hcdn-cgi/ 0
714 B 164ms
163ms XHR
application/octet-stream 2a02:4780:4a:2abc:df43:e636:d364:7657
AS-HOSTINGER Host...

General

Check archive.org

Show headers Download Go to

Full URL

https://kuuzaglobal.com/hcdn-cgi/jschallenge-validate

Requested by

Host: kuuzaglobal.com
URL: https://kuuzaglobal.com/owlcarousel/frn.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:4a:2abc:df43:e636:d364:7657 , Cyprus, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),

Reverse DNS

Software

hcdn /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://kuuzaglobal.com/owlcarousel/frn.php

Response headers

x-hcdn-request-id: 3210569b3cc0d885d05c6e4e7b32a92e-bos-edge4
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
referrer-policy: same-origin
cross-origin-embedder-policy: require-corp
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:01 GMT
date: Wed, 20 Nov 2024 07:13:08 GMT
content-type: application/octet-stream
server: hcdn
x-frame-options: SAMEORIGIN

GET
H2 200 Primary Request frn.php Show response
kuuzaglobal.com/owlcarousel/ 131 KB
34 KB 371ms
370ms Document
text/html 2a02:4780:4a:2abc:df43:e636:d364:7657
AS-HOSTINGER Host...

General

Check archive.org

Show headers Download Go to

Full URL

https://kuuzaglobal.com/owlcarousel/frn.php

Requested by

Host: kuuzaglobal.com
URL: https://kuuzaglobal.com/owlcarousel/frn.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:4a:2abc:df43:e636:d364:7657 , Cyprus, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),

Reverse DNS

Software

hcdn / PHP/7.4.33

Resource Hash

47326c33bdfa8860ca8bbd3d82dd3eb4bc3ca88b975c2b6973d68c6a7e1b4c34

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31415926;includeSubDomains;
X-Content-Type-Options	nosniff //help protect against content-sniffin
X-Frame-Options	SAMEORIGIN //help protect against page-framing and clickjacking
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kuuzaglobal.com/owlcarousel/frn.php
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Wed, 20 Nov 2024 07:13:09 GMT
panel: hpanel
platform: hostinger
referrer-policy: origin
server: hcdn
strict-transport-security: max-age=31415926;includeSubDomains;
x-content-type-options: nosniff //help protect against content-sniffin
x-frame-options: SAMEORIGIN //help protect against page-framing and clickjacking
x-hcdn-cache-status: DYNAMIC
x-hcdn-request-id: 28089d043ec5f10a13c91ddc7364ec26-bos-edge4
x-hcdn-upstream-rt: 0.275
x-powered-by: PHP/7.4.33
x-xss-protection: 1; mode=block

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
52 KB 445ms
157ms Script
text/javascript 2607:f8b0:4006:816::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7270602505604953

Requested by

Host: kuuzaglobal.com
URL: https://kuuzaglobal.com/owlcarousel/frn.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

dc18b6127b481948d7ca5aa7106d78ab90876a7de170ab9ade97825fd9e867ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://kuuzaglobal.com
Referer: https://kuuzaglobal.com/

Response headers

content-encoding: br
etag: 17952065867460492202
x-content-type-options: nosniff
expires: Wed, 20 Nov 2024 07:13:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 20 Nov 2024 07:13:10 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53399
x-xss-protection: 0
server: cafe

GET
H2 200 app.css
uphelp.org/wp-content/themes/uphelp-theme/library/dist/css/ 4 MB
0 824ms
651ms Stylesheet
text/css 141.193.213.10

General

Check archive.org

Show headers Download Go to

Full URL: https://uphelp.org/wp-content/themes/uphelp-theme/library/dist/css/app.css?ver=1650034355
Requested by: Host: kuuzaglobal.com
URL: https://kuuzaglobal.com/owlcarousel/frn.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kuuzaglobal.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"65b0ebd6-4d46a8"
cf-ray: 8e56a2c52be50f6c-EWR
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Wed, 20 Nov 2024 07:13:09 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Wed, 24 Jan 2024 10:52:06 GMT

GET
H2 200 fontawesome.min.css
uphelp.org/wp-content/themes/uphelp-theme/library/dist/css/ 57 KB
12 KB 251ms
78ms Stylesheet
text/css 141.193.213.10

General

Check archive.org

Show headers Download Go to

Full URL: https://uphelp.org/wp-content/themes/uphelp-theme/library/dist/css/fontawesome.min.css?ver=1615230794
Requested by: Host: kuuzaglobal.com
URL: https://kuuzaglobal.com/owlcarousel/frn.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a0f0322dfe91f9af8ddcfb7e3253822bab9b946d28051078877bdb2a0e0378a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kuuzaglobal.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"6046774a-e238"
age: 1628783
cf-ray: 8e56a2c50bc40f6c-EWR
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Wed, 20 Nov 2024 07:13:09 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Mon, 08 Mar 2021 19:13:14 GMT

GET
H2 200 regular.min.css
uphelp.org/wp-content/themes/uphelp-theme/library/dist/css/ 677 B
526 B 246ms
73ms Stylesheet
text/css 141.193.213.10

General

Check archive.org

Show headers Download Go to

Full URL: https://uphelp.org/wp-content/themes/uphelp-theme/library/dist/css/regular.min.css?ver=1615230794
Requested by: Host: kuuzaglobal.com
URL: https://kuuzaglobal.com/owlcarousel/frn.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e95f83a4ef360f846ee2c5c1eb6e7b815932b6d30790f3e9fee1de73e435586e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kuuzaglobal.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"6046774a-2a5"
age: 1628783
cf-ray: 8e56a2c50bc60f6c-EWR
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Wed, 20 Nov 2024 07:13:09 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Mon, 08 Mar 2021 19:13:14 GMT

GET
H2 200 solid.min.css
uphelp.org/wp-content/themes/uphelp-theme/library/dist/css/ 669 B
378 B 245ms
74ms Stylesheet
text/css 141.193.213.10

General

Check archive.org

Show headers Download Go to

Full URL: https://uphelp.org/wp-content/themes/uphelp-theme/library/dist/css/solid.min.css?ver=1615230794
Requested by: Host: kuuzaglobal.com
URL: https://kuuzaglobal.com/owlcarousel/frn.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 75704c6862c9fc3c4ca3da63d52c977ac00a4ef6610df107dcd64741bd3a1a88

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kuuzaglobal.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"6046774a-29d"
age: 1628783
cf-ray: 8e56a2c50bc70f6c-EWR
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Wed, 20 Nov 2024 07:13:09 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Mon, 08 Mar 2021 19:13:14 GMT

GET
H2 200 brands.min.css
uphelp.org/wp-content/themes/uphelp-theme/library/dist/css/ 675 B
377 B 286ms
115ms Stylesheet
text/css 141.193.213.10

General

Check archive.org

Show headers Download Go to

Full URL: https://uphelp.org/wp-content/themes/uphelp-theme/library/dist/css/brands.min.css?ver=1615230794
Requested by: Host: kuuzaglobal.com
URL: https://kuuzaglobal.com/owlcarousel/frn.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: bba2cebc5189c4574438ecd0ff9b1fddf92f101e8e67b86fa1f5613265671a7d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kuuzaglobal.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"6046774a-2a3"
age: 1628783
cf-ray: 8e56a2c50bc50f6c-EWR
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Wed, 20 Nov 2024 07:13:09 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Mon, 08 Mar 2021 19:13:14 GMT

GET
H2 200 v4-shims.min.css
uphelp.org/wp-content/themes/uphelp-theme/library/dist/css/ 26 KB
4 KB 289ms
118ms Stylesheet
text/css 141.193.213.10

General

Check archive.org

Show headers Download Go to

Full URL: https://uphelp.org/wp-content/themes/uphelp-theme/library/dist/css/v4-shims.min.css?ver=1615230794
Requested by: Host: kuuzaglobal.com
URL: https://kuuzaglobal.com/owlcarousel/frn.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 23dc0579b933d942c0e46488214c394922cc3e9434f757d307bb1a3b72b276d7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kuuzaglobal.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"6046774a-684e"
age: 1272115
cf-ray: 8e56a2c52be30f6c-EWR
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Wed, 20 Nov 2024 07:13:09 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Mon, 08 Mar 2021 19:13:14 GMT

GET
H2 200 slick.css
uphelp.org/wp-content/themes/uphelp-theme/library/dist/css/ 2 KB
616 B 285ms
114ms Stylesheet
text/css 141.193.213.10

General

Check archive.org

Show headers Download Go to

Full URL: https://uphelp.org/wp-content/themes/uphelp-theme/library/dist/css/slick.css?ver=1615230794
Requested by: Host: kuuzaglobal.com
URL: https://kuuzaglobal.com/owlcarousel/frn.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kuuzaglobal.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"6046774a-6f0"
age: 742956
cf-ray: 8e56a2c52be20f6c-EWR
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Wed, 20 Nov 2024 07:13:09 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Mon, 08 Mar 2021 19:13:14 GMT

GET
H2 200 style.css
uphelp.org/wp-content/themes/uphelp-theme/ 484 B
332 B 288ms
118ms Stylesheet
text/css 141.193.213.10

General

Check archive.org

Show headers Download Go to

Full URL: https://uphelp.org/wp-content/themes/uphelp-theme/style.css?ver=1650034355
Requested by: Host: kuuzaglobal.com
URL: https://kuuzaglobal.com/owlcarousel/frn.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: f86e8c92219649e143d883e19a10799bdc0a6af86b20d4eccc873e9a1180ec43

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kuuzaglobal.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"63d25b71-1e4"
cf-ray: 8e56a2c50bcb0f6c-EWR
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Wed, 20 Nov 2024 07:13:09 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Thu, 26 Jan 2023 10:52:33 GMT

GET
H2 200 style.min.css
uphelp.org/wp-includes/css/dist/block-library/ 110 KB
15 KB 294ms
124ms Stylesheet
text/css 141.193.213.10

General

Check archive.org

Show headers Download Go to

Full URL: https://uphelp.org/wp-includes/css/dist/block-library/style.min.css
Requested by: Host: kuuzaglobal.com
URL: https://kuuzaglobal.com/owlcarousel/frn.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 885c89e82436cfa3d0a0a5a9b2f6be6e1503457c810cc88ed2c09b4570ae9fd6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kuuzaglobal.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"66b09847-1b723"
age: 1628783
cf-ray: 8e56a2c52be10f6c-EWR
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Wed, 20 Nov 2024 07:13:09 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Mon, 05 Aug 2024 09:15:51 GMT

GET ctf-styles.min.css
uphelp.org/wp-content/plugins/custom-twitter-feeds/css/ 0
0

GET
H2 200 frontend.css
uphelp.org/wp-content/plugins/pdf-print-pro/css/ 1 KB
433 B 283ms
114ms Stylesheet
text/css 141.193.213.10

General

Check archive.org

Show headers Download Go to

Full URL: https://uphelp.org/wp-content/plugins/pdf-print-pro/css/frontend.css?ver=2.2.0
Requested by: Host: kuuzaglobal.com
URL: https://kuuzaglobal.com/owlcarousel/frn.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: dc8da374c97584d47b3b29ac809c6cf10c70cfc491dfb1f064963b0fccc1be29

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kuuzaglobal.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"6177e998-5ca"
age: 1628783
cf-ray: 8e56a2c52bdc0f6c-EWR
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Wed, 20 Nov 2024 07:13:09 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Tue, 26 Oct 2021 11:42:16 GMT

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 303ms
92ms Stylesheet
text/css 2606:4700::6812:bcf

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: kuuzaglobal.com
URL: https://kuuzaglobal.com/owlcarousel/frn.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kuuzaglobal.com/

Response headers

cdn-status: 200
content-encoding: br
cf-cache-status: HIT
etag: "269550530cc127b6aa5a35925a7de6ce"
age: 1291837
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 20 Nov 2024 07:13:09 GMT
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-cache: HIT
cdn-cachedat: 10/06/2024 01:22:44
cdn-requestpullcode: 200
priority: u=0,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
timing-allow-origin: *
cdn-requesttime: 0
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 925ce50056c053a76028b17f3f524940
cross-origin-resource-policy: cross-origin
cdn-pullzone: 252412
cdn-proxyver: 1.04
cf-ray: 8e56a2c54a8d42d3-EWR
access-control-allow-origin: *
cdn-edgestorageid: 871
server: cloudflare
cdn-requestcountrycode: US

GET
H2 200 style.css
uphelp.org/wp-content/plugins/waqa-ask-an-expert/templates/assets/css/ 26 KB
5 KB 249ms
80ms Stylesheet
text/css 141.193.213.10

General

Check archive.org

Show headers Download Go to

Full URL: https://uphelp.org/wp-content/plugins/waqa-ask-an-expert/templates/assets/css/style.css?ver=190820170952
Requested by: Host: kuuzaglobal.com
URL: https://kuuzaglobal.com/owlcarousel/frn.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 43f4a2ef04bd71440ed5601fba72288ca6e517efd7efc09177b44467e05aa831

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kuuzaglobal.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"6666d822-6743"
age: 1628783
cf-ray: 8e56a2c50bcc0f6c-EWR
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Wed, 20 Nov 2024 07:13:09 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Mon, 10 Jun 2024 10:40:34 GMT

GET
H2 200 rtl.css
uphelp.org/wp-content/plugins/waqa-ask-an-expert/templates/assets/css/ 2 KB
638 B 244ms
76ms Stylesheet
text/css 141.193.213.10

General

Check archive.org

Show headers Download Go to

Full URL: https://uphelp.org/wp-content/plugins/waqa-ask-an-expert/templates/assets/css/rtl.css?ver=190820170952
Requested by: Host: kuuzaglobal.com
URL: https://kuuzaglobal.com/owlcarousel/frn.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e3d1c85450fe6a8fb2162805905d0960a90c92271ed51e3cdabd4fe91cb81804

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kuuzaglobal.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"60cb3cd0-9af"
age: 1628783
cf-ray: 8e56a2c50bca0f6c-EWR
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Wed, 20 Nov 2024 07:13:09 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Thu, 17 Jun 2021 12:15:12 GMT

GET
H2 200 simplemde.min.css
uphelp.org/wp-content/plugins/waqa-ask-an-expert/assets/css/ 11 KB
3 KB 248ms
80ms Stylesheet
text/css 141.193.213.10

General

Check archive.org

Show headers Download Go to

Full URL: https://uphelp.org/wp-content/plugins/waqa-ask-an-expert/assets/css/simplemde.min.css
Requested by: Host: kuuzaglobal.com
URL: https://kuuzaglobal.com/owlcarousel/frn.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: cc296883a1bd7ca17d9dc91550b8bb8e599f73ad95c16e5cba5f8c780acb6831

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kuuzaglobal.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"60cb3ccb-2a52"
age: 1628783
cf-ray: 8e56a2c50bc80f6c-EWR
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Wed, 20 Nov 2024 07:13:09 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Thu, 17 Jun 2021 12:15:07 GMT

GET
H2 200 widget-options.css
uphelp.org/wp-content/plugins/widget-options/assets/css/ 3 KB
498 B 285ms
117ms Stylesheet
text/css 141.193.213.10

General

Check archive.org

Show headers Download Go to

Full URL: https://uphelp.org/wp-content/plugins/widget-options/assets/css/widget-options.css
Requested by: Host: kuuzaglobal.com
URL: https://kuuzaglobal.com/owlcarousel/frn.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: abb0f964c9209344eba89cb789ed800a211da042d8341fbe4144f254d16e0458

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kuuzaglobal.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"6595802a-a57"
age: 1628783
cf-ray: 8e56a2c52bde0f6c-EWR
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Wed, 20 Nov 2024 07:13:09 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Wed, 03 Jan 2024 15:41:30 GMT

GET
H2 200 css
fonts.googleapis.com/ 17 KB
1 KB 296ms
95ms Stylesheet
text/css 2607:f8b0:4006:80c::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A300%2C300i%2C400%2C400i%2C500%2C600%2C700%2C700i

Requested by

Host: kuuzaglobal.com
URL: https://kuuzaglobal.com/owlcarousel/frn.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

47a02d04552e6e73b5633cc4303005561e00e1aea13606544cdbf0cbd6601dcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kuuzaglobal.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 20 Nov 2024 07:13:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 07:13:09 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 20 Nov 2024 07:13:09 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 45 KB
3 KB 296ms
96ms Stylesheet
text/css 2607:f8b0:4006:80c::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C300i%2C400%2C400i%2C500%2C600%2C700%2C700i

Requested by

Host: kuuzaglobal.com
URL: https://kuuzaglobal.com/owlcarousel/frn.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

e14cc0d0b290c5f0e44481add675c0593957839b3675e854052f1d61685d64cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kuuzaglobal.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 20 Nov 2024 07:13:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 07:13:09 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 20 Nov 2024 07:13:09 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 leaderboard.css
uphelp.org/wp-content/plugins/waqa-ask-an-expert/templates/assets/css/ 477 B
262 B 282ms
116ms Stylesheet
text/css 141.193.213.10

General

Check archive.org

Show headers Download Go to

Full URL: https://uphelp.org/wp-content/plugins/waqa-ask-an-expert/templates/assets/css/leaderboard.css
Requested by: Host: kuuzaglobal.com
URL: https://kuuzaglobal.com/owlcarousel/frn.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: bc0fc5841c27f29ecabec1e8d5b5fccc87d1bb929f25045962dbc42dddc76142

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kuuzaglobal.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"60cb3ccf-1dd"
age: 1628783
cf-ray: 8e56a2c52bdf0f6c-EWR
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Wed, 20 Nov 2024 07:13:09 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Thu, 17 Jun 2021 12:15:11 GMT

GET
H2 200 html2canvas.js Show response
uphelp.org/wp-content/plugins/pdf-print-pro/js/ 371 KB
64 KB 460ms
294ms Script
application/javascript 141.193.213.10

General

Check archive.org

Show headers Download Go to

Full URL: https://uphelp.org/wp-content/plugins/pdf-print-pro/js/html2canvas.js
Requested by: Host: kuuzaglobal.com
URL: https://kuuzaglobal.com/owlcarousel/frn.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: aca3d5114935c8a7b71b789d594cee2f21079d40974da14e04a26a2886636d98

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kuuzaglobal.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"6177e9aa-5cac0"
age: 1628783
cf-ray: 8e56a2c52bec0f6c-EWR
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Wed, 20 Nov 2024 07:13:09 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Tue, 26 Oct 2021 11:42:34 GMT

GET
H2 200 jspdf.js
uphelp.org/wp-content/plugins/pdf-print-pro/js/ 860 KB
192 KB 547ms
382ms Script
application/javascript 141.193.213.10

General

Check archive.org

Show headers Download Go to

Full URL: https://uphelp.org/wp-content/plugins/pdf-print-pro/js/jspdf.js
Requested by: Host: kuuzaglobal.com
URL: https://kuuzaglobal.com/owlcarousel/frn.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kuuzaglobal.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"6177e9ac-d6f10"
age: 1628783
cf-ray: 8e56a2c52be60f6c-EWR
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Wed, 20 Nov 2024 07:13:09 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Tue, 26 Oct 2021 11:42:36 GMT

GET
H2 200 front-script.js Show response
uphelp.org/wp-content/plugins/pdf-print-pro/js/ 4 KB
1 KB 281ms
116ms Script
application/javascript 141.193.213.10

General

Check archive.org

Show headers Download Go to

Full URL: https://uphelp.org/wp-content/plugins/pdf-print-pro/js/front-script.js
Requested by: Host: kuuzaglobal.com
URL: https://kuuzaglobal.com/owlcarousel/frn.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: df3b1a630022ea9cbe058ddc50cf5634369ad6e7d8e6bb3e8215d2d257aae9e4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kuuzaglobal.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"6177e9a9-e34"
age: 1628783
cf-ray: 8e56a2c52be70f6c-EWR
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Wed, 20 Nov 2024 07:13:09 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Tue, 26 Oct 2021 11:42:33 GMT

GET jquery.min.js
uphelp.org/wp-includes/js/jquery/ 0
0

GET
H2 200 jquery-migrate.min.js Show response
uphelp.org/wp-includes/js/jquery/ 13 KB
5 KB 809ms
645ms Script
application/javascript 141.193.213.10

General

Check archive.org

Show headers Download Go to

Full URL: https://uphelp.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: kuuzaglobal.com
URL: https://kuuzaglobal.com/owlcarousel/frn.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kuuzaglobal.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"6482bd64-3509"
cf-ray: 8e56a2c52bea0f6c-EWR
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Wed, 20 Nov 2024 07:13:09 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Fri, 09 Jun 2023 05:49:24 GMT

GET
H2 200 simplemde.min.js Show response
uphelp.org/wp-content/plugins/waqa-ask-an-expert/assets/js/ 238 KB
79 KB 345ms
181ms Script
application/javascript 141.193.213.10

General

Check archive.org

Show headers Download Go to

Full URL: https://uphelp.org/wp-content/plugins/waqa-ask-an-expert/assets/js/simplemde.min.js?ver=1
Requested by: Host: kuuzaglobal.com
URL: https://kuuzaglobal.com/owlcarousel/frn.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 32ae37cc54a731ac750c988a3735197f339c6ef2b1e386a65f81e904a599f102

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kuuzaglobal.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"60cb3cd6-3b9c5"
age: 1628783
cf-ray: 8e56a2c52beb0f6c-EWR
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Wed, 20 Nov 2024 07:13:09 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Thu, 17 Jun 2021 12:15:18 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
968 B 397ms
119ms Script
text/javascript 2607:f8b0:4006:824::2004

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: kuuzaglobal.com
URL: https://kuuzaglobal.com/owlcarousel/frn.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2004 -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

b7920c3ee4d6bb39bee9aead6cbf6e02254f8b2ec119b695fe252837cb2e69a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kuuzaglobal.com/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Wed, 20 Nov 2024 07:13:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Wed, 20 Nov 2024 07:13:10 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 223 KB
80 KB 325ms
137ms Script
application/javascript 2607:f8b0:4006:81d::2008

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-21786627-1

Requested by

Host: kuuzaglobal.com
URL: https://kuuzaglobal.com/owlcarousel/frn.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2008 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4cd084f159b5059cc8cdf4179e334e75b19bf2c2b7921d37813c0c0b761c99a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kuuzaglobal.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 20 Nov 2024 07:13:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 07:13:10 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 81499
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 united_policyholders_logo.png
uphelp.org/wp-content/uploads/2021/03/ 5 KB
5 KB 707ms
697ms Image
image/webp 141.193.213.10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uphelp.org/wp-content/uploads/2021/03/united_policyholders_logo.png
Requested by: Host: kuuzaglobal.com
URL: https://kuuzaglobal.com/owlcarousel/frn.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kuuzaglobal.com/

Response headers

cf-bgj: imgq:100,h2pri
etag: "6045e7ce-14ab"
age: 1628783
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=5291
alt-svc: h3=":443"; ma=86400
date: Wed, 20 Nov 2024 07:13:10 GMT
content-type: image/webp
content-disposition: inline; filename="united_policyholders_logo.webp"
vary: Accept
last-modified: Mon, 08 Mar 2021 09:01:02 GMT
cache-control: public, max-age=31536000
cf-ray: 8e56a2c58c1b0f6c-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4816
server: cloudflare

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
52 KB 369ms
123ms Script
text/javascript 2607:f8b0:4006:816::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5959389727029730

Requested by

Host: kuuzaglobal.com
URL: https://kuuzaglobal.com/owlcarousel/frn.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

8e646c1bc702604bb4ce8fbfdc44560bd107acf0a8bf57a484d5f2cacaac1dd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://kuuzaglobal.com
Referer: https://kuuzaglobal.com/

Response headers

content-encoding: br
etag: 705068096222438448
x-content-type-options: nosniff
expires: Wed, 20 Nov 2024 07:13:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 20 Nov 2024 07:13:10 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53398
x-xss-protection: 0
server: cafe

GET
H2 200 gximage2
widgets.guidestar.org/ 13 KB
5 KB 302ms
136ms Image
image/svg+xml 172.67.23.169

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.guidestar.org/gximage2?o=8414284&l=v4
Requested by: Host: kuuzaglobal.com
URL: https://kuuzaglobal.com/owlcarousel/frn.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.169 -, , ASN (),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5ee4dbeb415263a1bd1ff3f3903cac7f086f10d596e250c6fb68194e284f11fb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kuuzaglobal.com/

Response headers

cache-control: no-cache
x-aspnet-version: 4.0.30319
content-encoding: br
cf-cache-status: DYNAMIC
pragma: no-cache
cf-ray: 8e56a2c50d1f0f9b-EWR
expires: -1
date: Wed, 20 Nov 2024 07:13:09 GMT
content-type: image/svg+xml
x-powered-by: ASP.NET
server: cloudflare

GET
H3 200 d3.min.js Show response
cdnjs.cloudflare.com/ajax/libs/d3/3.5.3/ 147 KB
46 KB 272ms
89ms Script
application/javascript 2606:4700::6811:190e

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/d3/3.5.3/d3.min.js

Requested by

Host: kuuzaglobal.com
URL: https://kuuzaglobal.com/owlcarousel/frn.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

6bc79f159904f1905fcadab593d2e8ad6406acfaadcb70afafdb2e09ce2efadd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kuuzaglobal.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03e2f-24ce8"
age: 119842
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jh%2B12QN2QlsppRWLVllwlTOZ7fB396zpoVp4%2FYXK%2BsBEkszeudpRX%2FqOo0RcO6XnZHxawzr1GxmSXzhBkIwe3t9b86h2U9HRjlGv4yrefUvY764JdfVL1sGHXTyj1IT4sG6pJvqgRAiTgcl%2F95XMpl%2BZ"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 10 Nov 2025 07:13:09 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 20 Nov 2024 07:13:09 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:09:19 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8e56a2c54f751a34-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 46081
server: cloudflare

GET
H3 200 topojson.min.js Show response
cdnjs.cloudflare.com/ajax/libs/topojson/1.6.9/ 6 KB
3 KB 429ms
247ms Script
application/javascript 2606:4700::6811:190e

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/topojson/1.6.9/topojson.min.js

Requested by

Host: kuuzaglobal.com
URL: https://kuuzaglobal.com/owlcarousel/frn.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

59cd94ab71f03d943e15bf79588cc37de99af52023730cd68e51160c574715b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kuuzaglobal.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb04001-184a"
age: 1325977
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GBghxGqFAWncC99p1RS086tmdeNSklcv78wx%2FW7ZL7c8AkfYcmDGGbXcPhI4Cv%2BcYM%2BQwyYzqwCJ3dXnnxp5GVM8KGgfahgcboVKIYVbs0P78oVwH2WSivfZJ37AhF82Lig70JEyXejUiiiVrNQ11dy8"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 10 Nov 2025 07:13:09 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 20 Nov 2024 07:13:09 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:17:05 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8e56a2c54f761a34-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2160
server: cloudflare

GET
H2 200 datamaps.usa.min.js
uphelp.org/wp-content/themes/uphelp-theme/library/dist/js/ 52 KB
16 KB 738ms
729ms Script
application/javascript 141.193.213.10

General

Check archive.org

Show headers Download Go to

Full URL: https://uphelp.org/wp-content/themes/uphelp-theme/library/dist/js/datamaps.usa.min.js?ver=1615230794
Requested by: Host: kuuzaglobal.com
URL: https://kuuzaglobal.com/owlcarousel/frn.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kuuzaglobal.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"6046774a-d0a4"
age: 1628784
cf-ray: 8e56a2c58c200f6c-EWR
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Wed, 20 Nov 2024 07:13:10 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Mon, 08 Mar 2021 19:13:14 GMT

GET
H2 200 toastr.min.js
uphelp.org/wp-content/themes/uphelp-theme/library/dist/js/ 5 KB
2 KB 745ms
736ms Script
application/javascript 141.193.213.10

General

Check archive.org

Show headers Download Go to

Full URL: https://uphelp.org/wp-content/themes/uphelp-theme/library/dist/js/toastr.min.js?ver=1615230794
Requested by: Host: kuuzaglobal.com
URL: https://kuuzaglobal.com/owlcarousel/frn.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kuuzaglobal.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"6046774a-1392"
age: 1628784
cf-ray: 8e56a2c58c220f6c-EWR
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Wed, 20 Nov 2024 07:13:10 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Mon, 08 Mar 2021 19:13:14 GMT

GET app.js
uphelp.org/wp-content/themes/uphelp-theme/library/dist/js/ 0
0

GET app-no-webpack.js
uphelp.org/wp-content/themes/uphelp-theme/library/dist/js/ 0
0

GET
H2 200 wp-emoji-release.min.js
uphelp.org/wp-includes/js/ 18 KB
5 KB 746ms
736ms Script
application/javascript 141.193.213.10

General

Check archive.org

Show headers Download Go to

Full URL: https://uphelp.org/wp-includes/js/wp-emoji-release.min.js
Requested by: Host: kuuzaglobal.com
URL: https://kuuzaglobal.com/owlcarousel/frn.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kuuzaglobal.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"65cb7e57-4926"
age: 1628783
cf-ray: 8e56a2c58c250f6c-EWR
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Wed, 20 Nov 2024 07:13:10 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Tue, 13 Feb 2024 14:36:07 GMT

GET
H3 200 show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/ 434 KB
144 KB 145ms
144ms Script
text/javascript 2607:f8b0:4006:816::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7270602505604953

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kuuzaglobal.com/

Response headers

content-encoding: br
etag: 17789068872641229330
x-content-type-options: nosniff
expires: Wed, 20 Nov 2024 07:13:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 20 Nov 2024 07:13:10 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 147622
x-xss-protection: 0
server: cafe

GET zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241118/r20190131/ Frame 4379 0
0

GET ads
googleads.g.doubleclick.net/pagead/ Frame 956F 0
0

GET ads
googleads.g.doubleclick.net/pagead/ Frame 9193 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: newstoday502.pages.dev
URL: https://newstoday502.pages.dev/style.css

Domain: uphelp.org
URL: https://uphelp.org/wp-content/plugins/custom-twitter-feeds/css/ctf-styles.min.css?ver=1.7

Domain: uphelp.org
URL: https://uphelp.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Domain: uphelp.org
URL: https://uphelp.org/wp-content/themes/uphelp-theme/library/dist/js/app.js?ver=1615230794

Domain: uphelp.org
URL: https://uphelp.org/wp-content/themes/uphelp-theme/library/dist/js/app-no-webpack.js?ver=1615230794

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20241118/r20190131/zrt_lookup_fy2021.html

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7270602505604953&output=html&adk=1812271804&adf=1573534164&abgtt=6&lmt=1732086790&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fkuuzaglobal.com%2Fowlcarousel%2Ffrn.php&pra=5&wgl=1&aihb=0&aiof=4&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732086790327&bpp=5&bdt=598&idt=277&shv=r20241118&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=4191618293722&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95332923%2C95344187%2C95344787%2C95341243%2C31088250%2C95345967%2C95347756&oid=2&pvsid=1211241899541079&tmod=1079441554&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fkuuzaglobal.com%2Fowlcarousel%2Ffrn.php&fc=1920&brdim=1440%2C1170%2C1440%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=309

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7270602505604953&output=html&h=280&slotname=8144743706&adk=3297734497&adf=3025194257&pi=t.ma~as.8144743706&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1732086790&rafmt=1&format=1200x280&url=https%3A%2F%2Fkuuzaglobal.com%2Fowlcarousel%2Ffrn.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732086790332&bpp=3&bdt=603&idt=323&shv=r20241118&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=4191618293722&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95332923%2C95344187%2C95344787%2C95341243%2C31088250%2C95345967%2C95347756&oid=2&pvsid=1211241899541079&tmod=1079441554&uas=0&nvt=1&ref=https%3A%2F%2Fkuuzaglobal.com%2Fowlcarousel%2Ffrn.php&fc=1920&brdim=1440%2C1170%2C1440%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=332

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.newstoday502.pages.dev/	1970-01-21 01:09:33	Name: __cf_mw_byp Value: SQnUIDD38VB1V_83claD0xyKUmDcyc8lXBuNy9I_9Jo-1732086779-0.0.1.1-/

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://newstoday502.pages.dev/(Line 4) Message: Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.
security	error	URL: https://newstoday502.pages.dev/ Message: Refused to apply style from 'https://newstoday502.pages.dev/style.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
network	error	URL: https://kuuzaglobal.com/owlcarousel/frn.php Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://kuuzaglobal.com/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fonts.googleapis.com
googleads.g.doubleclick.net
kuuzaglobal.com
maxcdn.bootstrapcdn.com
newstoday502.pages.dev
pagead2.googlesyndication.com
uphelp.org
widgets.guidestar.org
www.google.com
www.googletagmanager.com
googleads.g.doubleclick.net
newstoday502.pages.dev
uphelp.org
141.193.213.10
172.67.23.169
2606:4700:310c::ac42:2d1b
2606:4700::6811:190e
2606:4700::6812:bcf
2607:f8b0:4006:80c::200a
2607:f8b0:4006:816::2002
2607:f8b0:4006:81d::2008
2607:f8b0:4006:824::2004
2a02:4780:4a:2abc:df43:e636:d364:7657
1a0f0322dfe91f9af8ddcfb7e3253822bab9b946d28051078877bdb2a0e0378a
23dc0579b933d942c0e46488214c394922cc3e9434f757d307bb1a3b72b276d7
32ae37cc54a731ac750c988a3735197f339c6ef2b1e386a65f81e904a599f102
42062c4bb831c06541064dfa94785fb27a8a6e443798e03a261ed345ace4a871
43f4a2ef04bd71440ed5601fba72288ca6e517efd7efc09177b44467e05aa831
47326c33bdfa8860ca8bbd3d82dd3eb4bc3ca88b975c2b6973d68c6a7e1b4c34
47a02d04552e6e73b5633cc4303005561e00e1aea13606544cdbf0cbd6601dcd
4cd084f159b5059cc8cdf4179e334e75b19bf2c2b7921d37813c0c0b761c99a7
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
59cd94ab71f03d943e15bf79588cc37de99af52023730cd68e51160c574715b3
5ee4dbeb415263a1bd1ff3f3903cac7f086f10d596e250c6fb68194e284f11fb
6bc79f159904f1905fcadab593d2e8ad6406acfaadcb70afafdb2e09ce2efadd
75704c6862c9fc3c4ca3da63d52c977ac00a4ef6610df107dcd64741bd3a1a88
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
885c89e82436cfa3d0a0a5a9b2f6be6e1503457c810cc88ed2c09b4570ae9fd6
8de26e4f88116a6479ce4d04082e8053e779bfcd7562a2612e74f3171fb4cd2f
8e646c1bc702604bb4ce8fbfdc44560bd107acf0a8bf57a484d5f2cacaac1dd3
abb0f964c9209344eba89cb789ed800a211da042d8341fbe4144f254d16e0458
aca3d5114935c8a7b71b789d594cee2f21079d40974da14e04a26a2886636d98
ae763a37b90d6d320ab70c64a7ae0df6408689b0f01fa5c0e43d8d0020f15c52
b073706e69aa7682894aa2112a76738ee16bdbf5ff9d4f125943d3ea5e366ca3
b7920c3ee4d6bb39bee9aead6cbf6e02254f8b2ec119b695fe252837cb2e69a0
bba2cebc5189c4574438ecd0ff9b1fddf92f101e8e67b86fa1f5613265671a7d
bc0fc5841c27f29ecabec1e8d5b5fccc87d1bb929f25045962dbc42dddc76142
c2779250c7e25bb12281a890f3ec61c3585c5bbad82fbbb55a3068191004fc4a
cc296883a1bd7ca17d9dc91550b8bb8e599f73ad95c16e5cba5f8c780acb6831
dc18b6127b481948d7ca5aa7106d78ab90876a7de170ab9ade97825fd9e867ab
dc8da374c97584d47b3b29ac809c6cf10c70cfc491dfb1f064963b0fccc1be29
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
df3b1a630022ea9cbe058ddc50cf5634369ad6e7d8e6bb3e8215d2d257aae9e4
e14cc0d0b290c5f0e44481add675c0593957839b3675e854052f1d61685d64cc
e3d1c85450fe6a8fb2162805905d0960a90c92271ed51e3cdabd4fe91cb81804
e95f83a4ef360f846ee2c5c1eb6e7b815932b6d30790f3e9fee1de73e435586e
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
f86e8c92219649e143d883e19a10799bdc0a6af86b20d4eccc873e9a1180ec43

kuuzaglobal.com Open in urlscan Pro 2a02:4780:4a:2abc:df43:e636:d364:7657 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

55 Requests

85 %HTTPS

80 %IPv6

11 Domains

11 Subdomains

11 IPs

2 Countries

891 kBTransfer

7850 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

kuuzaglobal.com Open in urlscan Pro
2a02:4780:4a:2abc:df43:e636:d364:7657 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

85 %
HTTPS

80 %
IPv6

11
Domains

11
Subdomains

11
IPs

2
Countries

891 kB
Transfer

7850 kB
Size

1
Cookies

55 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!