URL: https://updown.fun/9AqGQx68zMn6/file
Submission Tags: falconsandbox
Submission: On October 06 via api from US — Scanned from DE

Summary

This website contacted 9 IPs in 2 countries across 7 domains to perform 32 HTTP transactions. The main IP is 172.67.156.175, located in United States and belongs to CLOUDFLARENET, US. The main domain is updown.fun.
TLS certificate: Issued by WE1 on September 1st 2024. Valid for: 3 months.
This is the only time updown.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
21 updown.fun
updown.fun
523 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 3
970 B
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
51 KB
2 gstatic.com
fonts.gstatic.com
www.gstatic.com
240 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
3 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3643
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
104 KB
32 7
Domain Requested by
21 updown.fun updown.fun
3 www.google.com updown.fun
www.gstatic.com
2 pagead2.googlesyndication.com updown.fun
2 fonts.googleapis.com updown.fun
1 www.gstatic.com www.google.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com updown.fun
1 fonts.gstatic.com fonts.googleapis.com
32 8

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
wa.me
pinterest.com
Subject Issuer Validity Valid
updown.fun
WE1
2024-09-01 -
2024-11-30
3 months crt.sh
upload.video.google.com
WR2
2024-09-16 -
2024-12-09
3 months crt.sh
*.gstatic.com
WR2
2024-09-16 -
2024-12-09
3 months crt.sh
*.google-analytics.com
WR2
2024-09-16 -
2024-12-09
3 months crt.sh
*.google.com
WR2
2024-09-16 -
2024-12-09
3 months crt.sh
*.g.doubleclick.net
WR2
2024-09-16 -
2024-12-09
3 months crt.sh

This page contains 3 frames:

Primary Page: https://updown.fun/9AqGQx68zMn6/file
Frame ID: AAA2EBD4B8F088A0FDB0688B2F534D07
Requests: 31 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeZiwYqAAAAAId06riILcVlfLc_swowpjPf2i6o&co=aHR0cHM6Ly91cGRvd24uZnVuOjQ0Mw..&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=normal&cb=m6blaq51p71t
Frame ID: C2A1A572663C6740C1B0EADC12A69B69
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&k=6LeZiwYqAAAAAId06riILcVlfLc_swowpjPf2i6o
Frame ID: ED74DC12FEC04C7B8A875A895ADF9EB0
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Updown.fun — Download — National Bank of Egypt al ahly-By: bx1

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • <div[^>]+class="g-recaptcha"
  • /recaptcha/api\.js

Page Statistics

32
Requests

100 %
HTTPS

38 %
IPv6

7
Domains

8
Subdomains

9
IPs

2
Countries

922 kB
Transfer

2193 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request file
updown.fun/9AqGQx68zMn6/
29 KB
10 KB
Document
General
Full URL
https://updown.fun/9AqGQx68zMn6/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53ee0f242c7f799bd667abe2b20c19be146152c71e0dd00a75f3365681298bd9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8ce8bf78ff578330-SIN
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 06 Oct 2024 21:29:38 GMT
expires
-1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nCISpR7MCE9OVit16tqTOURmQLPmvWDDuCDyQjthhoB8iDodLtpBAKJsnjjKM23PbCEMJHKNoZafXAQrG0cyLoi26n8M2NzakQtWyJXpijWm%2BkmIjX2JTGtV2xIK"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
vary
Accept-Encoding,User-Agent
x-cache-status
MISS
speculation
updown.fun/cdn-cgi/
128 B
526 B
Other
General
Full URL
https://updown.fun/cdn-cgi/speculation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://updown.fun
Referer
https://updown.fun/9AqGQx68zMn6/file

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OayOOdz%2BrBefDollKHfEBUKU4Gk7Dd3i35n6QVPlHRcsid3QSEd7Jku2LbO43weC8XPtmFurpee5X6rb57r6kX8lvD5uFosM78lHCXDBqMJNdG%2FE5uhMW6rHR7U1"}],"group":"cf-nel","max_age":604800}
cf-ray
8ce8bf7fece78330-SIN
access-control-allow-origin
https://updown.fun
content-length
128
date
Sun, 06 Oct 2024 21:29:38 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
bootstrap.min.css
updown.fun/vendor/libs/bootstrap/
159 KB
24 KB
Stylesheet
General
Full URL
https://updown.fun/vendor/libs/bootstrap/bootstrap.min.css
Requested by
Host: updown.fun
URL: https://updown.fun/9AqGQx68zMn6/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
457d42dfc58373e2b07655f896ed685ba9729c2111684fd6eb02bf3697634939

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://updown.fun/9AqGQx68zMn6/file

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"27b73-6077a9f488b00-gzip"
age
97157
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2Fo4CE2gmZ%2BDb4TV0JphxrVDwLfxgIZx2TSQ%2FzcI6ApWsBQO42ce2aZ4s%2BmFsnP%2BAXXCD%2F6%2B%2B1O0PNyhlDOrTT179Ck5Hl6TBDkCVx%2FNG7qDIEpOyL7pCZpq5eLe"}],"group":"cf-nel","max_age":604800}
expires
Mon, 04 Nov 2024 18:30:21 GMT
date
Sun, 06 Oct 2024 21:29:38 GMT
content-type
text/css
last-modified
Thu, 12 Oct 2023 01:11:40 GMT
vary
Accept-Encoding,User-Agent
x-cache-status
BYPASS
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ce8bf7fece88330-SIN
accept-ranges
bytes
content-length
23849
server
cloudflare
fontawesome.min.css
updown.fun/vendor/libs/fontawesome/
98 KB
21 KB
Stylesheet
General
Full URL
https://updown.fun/vendor/libs/fontawesome/fontawesome.min.css
Requested by
Host: updown.fun
URL: https://updown.fun/9AqGQx68zMn6/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
188a706590dc9e898c5c90a1da8346a9bc732cad28884386fbf20b05f4e83594

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://updown.fun/9AqGQx68zMn6/file

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"18972-5e402a6bc9e80-gzip"
age
761430
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JC4tAuJlPEQ3dr1lFgZJic7qQELXkbyQVEBpoDj0m5OEPgpYjE01ex%2BmbEPOLIeolpUxey6uDW9fqI5KA77b5l%2B64JOVARfemMDaBKcoqxCncUUVK7qjzOTm2P2l"}],"group":"cf-nel","max_age":604800}
expires
Mon, 28 Oct 2024 01:59:08 GMT
date
Sun, 06 Oct 2024 21:29:38 GMT
content-type
text/css
last-modified
Sun, 17 Jul 2022 16:22:02 GMT
vary
Accept-Encoding,User-Agent
x-cache-status
MISS
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ce8bf7fece98330-SIN
accept-ranges
bytes
content-length
20557
server
cloudflare
vironeer-toastr.min.css
updown.fun/vendor/libs/vironeer/toastr/css/
7 KB
2 KB
Stylesheet
General
Full URL
https://updown.fun/vendor/libs/vironeer/toastr/css/vironeer-toastr.min.css
Requested by
Host: updown.fun
URL: https://updown.fun/9AqGQx68zMn6/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dccacdf65a58081f0d11f508b3ca8735df46dd53ad7f6839a240493a26ac597

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://updown.fun/9AqGQx68zMn6/file

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"1c24-6078ac2f54880-gzip"
age
710643
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a%2BPCHX2WwPGruqwLqX4B0MF%2F3pLbhE4JIo9D67dMr8FDgfvAkha%2FG%2B%2BB7SS0NUgvo1iPgz8%2BeIZJID8LrmucZibYRu%2BOKvhD0vMQmLqU1MWbFSQffsFarT4VEBLx"}],"group":"cf-nel","max_age":604800}
expires
Mon, 28 Oct 2024 16:05:35 GMT
date
Sun, 06 Oct 2024 21:29:38 GMT
content-type
text/css
last-modified
Thu, 12 Oct 2023 20:26:58 GMT
vary
Accept-Encoding,User-Agent
x-cache-status
BYPASS
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ce8bf7fecea8330-SIN
accept-ranges
bytes
content-length
1876
server
cloudflare
colors.css
updown.fun/themes/basic/assets/css/
268 B
636 B
Stylesheet
General
Full URL
https://updown.fun/themes/basic/assets/css/colors.css
Requested by
Host: updown.fun
URL: https://updown.fun/9AqGQx68zMn6/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b61ca0a855574122c31da4722ca0a2cde64ab714ab456e32b7c1bf791f64bb46

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://updown.fun/9AqGQx68zMn6/file

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"12b-61c858bf1161d-gzip"
age
97157
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I9XMuXi1GLRb%2FlUeomOXWUpMYVLkcGe2ZKyDWBO8PaGhAkTxQAfkjBCQfmRPUJoLzJENxoZzDQPnBTJYM3Lb8e6kzk6Z9TXsgDy0xbSVk4AunXUyBtYhY7AYNhbe"}],"group":"cf-nel","max_age":604800}
expires
Mon, 04 Nov 2024 18:30:21 GMT
cf-polished
origSize=299
date
Sun, 06 Oct 2024 21:29:38 GMT
content-type
text/css
last-modified
Fri, 05 Jul 2024 20:02:44 GMT
vary
Accept-Encoding,User-Agent
x-cache-status
BYPASS
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ce8bf7fecec8330-SIN
server
cloudflare
app.css
updown.fun/themes/basic/assets/css/
92 KB
14 KB
Stylesheet
General
Full URL
https://updown.fun/themes/basic/assets/css/app.css
Requested by
Host: updown.fun
URL: https://updown.fun/9AqGQx68zMn6/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
899d37d16eb5aca9ef09b36137278482714583285ae98a81d5e5b5181c952d8f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://updown.fun/9AqGQx68zMn6/file

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"1d2e6-607d760672740-gzip"
age
970651
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RENDX2nIeyXoiGQt4AzLWFHwJM1dAyKR6loL2Sen3aUYEAAMjld3npduZASQqrpceXV7uRCp2B3Poqi7N%2FlQKjFMXpq34vSOjUj2%2FVt4zONh9lW886zlAP0drDaR"}],"group":"cf-nel","max_age":604800}
expires
Fri, 25 Oct 2024 15:52:07 GMT
cf-polished
origSize=119526
date
Sun, 06 Oct 2024 21:29:38 GMT
content-type
text/css
last-modified
Mon, 16 Oct 2023 15:51:17 GMT
vary
Accept-Encoding,User-Agent
x-cache-status
BYPASS
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ce8bf7feced8330-SIN
server
cloudflare
custom.css
updown.fun/themes/basic/assets/css/
0
481 B
Stylesheet
General
Full URL
https://updown.fun/themes/basic/assets/css/custom.css
Requested by
Host: updown.fun
URL: https://updown.fun/9AqGQx68zMn6/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://updown.fun/9AqGQx68zMn6/file

Response headers

cf-bgj
minify
etag
"0-6070160766ec0"
age
710643
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1ctQBvFaMWH8iP28nIFrdTUd2WlCOX%2BNDYmbJUU%2B2FT8w7%2FfyG0d6JFRCpCf%2BNxr9esO86X%2BvsJOnOPhyTXTtSDRiJkInBfwDCAXnQN5z2n6WzEgEH2OZihTlD%2Fh"}],"group":"cf-nel","max_age":604800}
expires
Mon, 28 Oct 2024 16:05:35 GMT
date
Sun, 06 Oct 2024 21:29:38 GMT
content-type
text/css
last-modified
Fri, 06 Oct 2023 00:32:35 GMT
vary
User-Agent, Accept-Encoding
x-cache-status
BYPASS
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ce8bf7fecee8330-SIN
accept-ranges
bytes
content-length
0
server
cloudflare
logo-dark.png
updown.fun/themes/basic/images/
17 KB
18 KB
Image
General
Full URL
https://updown.fun/themes/basic/images/logo-dark.png
Requested by
Host: updown.fun
URL: https://updown.fun/9AqGQx68zMn6/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97201a142a3afc89ed1ac7a866b28fcbc877f07eabbd1071b3104b25af091d9a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://updown.fun/9AqGQx68zMn6/file

Response headers

cf-cache-status
HIT
etag
"4578-61c71568c8f63"
age
1445207
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uj638JZpqw%2FyHenGH7%2FL6LEcRL7n2wq6OGq%2FbJTgDPbqt2iiVunwOU4J81pR8OnXk4yU3GCMHpSU1RvRVYv2pDXKaIlkODOHXShd%2BeWGMf%2FZa05bpUkQIiibGRdM"}],"group":"cf-nel","max_age":604800}
expires
Sat, 20 Sep 2025 04:02:51 GMT
date
Sun, 06 Oct 2024 21:29:39 GMT
content-type
image/png
last-modified
Thu, 04 Jul 2024 19:56:09 GMT
vary
User-Agent, Accept-Encoding
x-cache-status
BYPASS
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ce8bf833f4c8330-SIN
accept-ranges
bytes
content-length
17784
server
cloudflare
en.png
updown.fun/images/languages/
567 B
1 KB
Image
General
Full URL
https://updown.fun/images/languages/en.png
Requested by
Host: updown.fun
URL: https://updown.fun/9AqGQx68zMn6/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
941ba21a55ec94d6378d654a9c712fe2c191edd16ee1a802697715ada1cd0cc6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://updown.fun/9AqGQx68zMn6/file

Response headers

cf-cache-status
HIT
etag
"237-5f35633a8f0c0"
age
97158
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bg6kzB8G%2BlMskCDn5F%2BhhA3Hil8X6r8r1NzX%2Bb0JL%2BhhxL7zgWTPA8tUxJIpZgHCPYtenbbZKvbs0t%2BxjWNIhlCciEoPl2p9N%2F9aRsdML4%2Bo5T4mBH%2FUsPFFAaxu"}],"group":"cf-nel","max_age":604800}
expires
Sun, 05 Oct 2025 18:30:21 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 06 Oct 2024 21:29:39 GMT
content-type
image/png
last-modified
Sat, 28 Jan 2023 17:20:43 GMT
vary
User-Agent, Accept-Encoding
x-cache-status
BYPASS
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ce8bf84c8808330-SIN
accept-ranges
bytes
content-length
567
server
cloudflare
ru.png
updown.fun/images/languages/
552 B
1 KB
Image
General
Full URL
https://updown.fun/images/languages/ru.png
Requested by
Host: updown.fun
URL: https://updown.fun/9AqGQx68zMn6/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4250a7a8bace76e55d3f940c431cc31a925ef183faaea8499d4da8889df9d2f7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://updown.fun/9AqGQx68zMn6/file

Response headers

cf-cache-status
HIT
etag
"228-61c5a657b7be9"
age
3307527
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fWCIlaftmVqVRAFLBUwHEyv36CtasFyMb0cgcYJvDLAO2WwgbfBZqyZqbeuQss%2FWKaY1ntT8Cbu81nGDhFqq%2Beb3oGesTa4Yx10gbeqy5D1dNv0zrWLvh7Fe%2B4IZ"}],"group":"cf-nel","max_age":604800}
expires
Fri, 29 Aug 2025 14:44:12 GMT
date
Sun, 06 Oct 2024 21:29:39 GMT
content-type
image/png
last-modified
Wed, 03 Jul 2024 16:33:55 GMT
vary
User-Agent, Accept-Encoding
x-cache-status
BYPASS
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ce8bf84c8828330-SIN
accept-ranges
bytes
content-length
552
server
cloudflare
tr.png
updown.fun/images/languages/
21 KB
22 KB
Image
General
Full URL
https://updown.fun/images/languages/tr.png
Requested by
Host: updown.fun
URL: https://updown.fun/9AqGQx68zMn6/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
373669430b4ff3da1a6f4e7fa1549d20f282b6206f87a1edfc3e363ac4818550

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://updown.fun/9AqGQx68zMn6/file

Response headers

cf-cache-status
HIT
etag
"557c-61c5596e83801"
age
3307525
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vlZodzKFizXoRuIR%2B0atmwZw6XMb4l4louy4Xb05gfDpoYcXwcHFYXN%2F2H7Rx%2FsdEFqsEVjqDBH3TlQpHWmwrJBRqS6TeiLewXu8NyMpo9UEuyiiZK6ahx8L2Mjy"}],"group":"cf-nel","max_age":604800}
expires
Fri, 29 Aug 2025 14:44:13 GMT
date
Sun, 06 Oct 2024 21:29:39 GMT
content-type
image/png
last-modified
Wed, 03 Jul 2024 10:49:49 GMT
vary
User-Agent, Accept-Encoding
x-cache-status
BYPASS
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ce8bf84d89f8330-SIN
accept-ranges
bytes
content-length
21884
server
cloudflare
ZHCUb5shBrp0CVv_1724159084.png
updown.fun/images/uploads/
65 KB
66 KB
Image
General
Full URL
https://updown.fun/images/uploads/ZHCUb5shBrp0CVv_1724159084.png
Requested by
Host: updown.fun
URL: https://updown.fun/9AqGQx68zMn6/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddca7524a237e8f8bcacf13dd24d2b30b1567c88b98e7ec50744144f103d6526

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://updown.fun/9AqGQx68zMn6/file

Response headers

cf-cache-status
HIT
etag
"1058f-6201d11ca3f36"
age
97158
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iugrByaMQSoTmd5UY4qhY2QBmxaC0q1w5ghhwVMOqDPjb0mxH7asFc9etYtSk183h%2BsAcAmmGt%2BZ2A8POW0esYnEgrI6oUrBRl7TcKf8QD%2B%2BulRh%2Fy%2FU1s6UoIbJ"}],"group":"cf-nel","max_age":604800}
expires
Sun, 05 Oct 2025 18:30:21 GMT
date
Sun, 06 Oct 2024 21:29:39 GMT
content-type
image/png
last-modified
Tue, 20 Aug 2024 13:04:44 GMT
vary
User-Agent, Accept-Encoding
x-cache-status
BYPASS
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ce8bf84d8a48330-SIN
accept-ranges
bytes
content-length
66959
server
cloudflare
rocket-loader.min.js
updown.fun/cdn-cgi/scripts/7d0fa10a/cloudflare-static/
12 KB
4 KB
Script
General
Full URL
https://updown.fun/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: updown.fun
URL: https://updown.fun/9AqGQx68zMn6/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://updown.fun/9AqGQx68zMn6/file

Response headers

x-frame-options
DENY
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"66fc0c28-302c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NvePgE7%2BZ4NBYckLMVikRdhdtA%2BshRkrknzG5%2FSGNPp%2FO01KXvriH1%2F0mDqF2LTbE32Vlxdwf2aUt7srsNn6g6%2F8lrR%2Fqc3snTkxm4MuBafSbXeYY3z30NNWdbmD"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8ce8bf84d8a78330-SIN
expires
Tue, 08 Oct 2024 21:29:39 GMT
date
Sun, 06 Oct 2024 21:29:39 GMT
content-type
application/javascript
last-modified
Tue, 01 Oct 2024 14:50:16 GMT
server
cloudflare
vary
Accept-Encoding
css2
fonts.googleapis.com/
16 KB
843 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700;800;900&display=swap
Requested by
Host: updown.fun
URL: https://updown.fun/vendor/libs/vironeer/toastr/css/vironeer-toastr.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f1e4c18549167223af672ff319ac7293d52e09fd02544d08d4166078b5f36c4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://updown.fun/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 06 Oct 2024 21:29:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 06 Oct 2024 21:29:39 GMT
content-type
text/css; charset=utf-8
last-modified
Sun, 06 Oct 2024 20:33:46 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css2
fonts.googleapis.com/
32 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;1,100&family=Plus+Jakarta+Sans:wght@200;300;400;500;600;700;800&display=swap&family=Almarai:wght@300;400;700;800&display=swap
Requested by
Host: updown.fun
URL: https://updown.fun/themes/basic/assets/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6435396e3e17c17324e0cf2a6abb165ec5766a81c132461c53e6d8ccfc8fc3f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://updown.fun/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 06 Oct 2024 21:29:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 06 Oct 2024 21:29:39 GMT
content-type
text/css; charset=utf-8
last-modified
Sun, 06 Oct 2024 21:29:39 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
LDIoaomQNQcsA88c7O9yZ4KMCoOg4Ko20yw.woff2
fonts.gstatic.com/s/plusjakartasans/v8/
27 KB
27 KB
Font
General
Full URL
https://fonts.gstatic.com/s/plusjakartasans/v8/LDIoaomQNQcsA88c7O9yZ4KMCoOg4Ko20yw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;1,100&family=Plus+Jakarta+Sans:wght@200;300;400;500;600;700;800&display=swap&family=Almarai:wght@300;400;700;800&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f3.1e100.net
Software
sffe /
Resource Hash
1262bff0591c36094d058ab102b84ce34eb1e547e8ff00557bf8d55449e58e40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://updown.fun
Referer
https://fonts.googleapis.com/

Response headers

age
134512
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 05 Oct 2025 08:07:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 05 Oct 2024 08:07:47 GMT
last-modified
Thu, 22 Jun 2023 14:14:33 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
27444
x-xss-protection
0
server
sffe
fa-solid-900.woff2
updown.fun/vendor/libs/fontawesome/webfonts/
151 KB
151 KB
Font
General
Full URL
https://updown.fun/vendor/libs/fontawesome/webfonts/fa-solid-900.woff2
Requested by
Host: updown.fun
URL: https://updown.fun/vendor/libs/fontawesome/fontawesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d76fb4e841748a3f6bc63efa23156e02631c283bf41f84efcbdaf339ea3e1b73

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://updown.fun
Referer
https://updown.fun/vendor/libs/fontawesome/fontawesome.min.css

Response headers

x-cache-status
BYPASS
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
etag
"25a74-5dace4d817080"
age
6368
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qWk6Iv%2F6YqmIOlndkHC1LLSkNnL9kEz3trDRkGUSbn8SZ8bq7wERf9KjtBQ76JAA1zzLujTL84TuR9XXo673g4U06iDbfQ4yi%2FCnNLfTMA7Jz9QLm5c3g1QVD04b"}],"group":"cf-nel","max_age":604800}
cf-ray
8ce8bf85e94b8330-SIN
expires
Mon, 07 Oct 2024 19:43:31 GMT
accept-ranges
bytes
content-length
154228
date
Sun, 06 Oct 2024 21:29:39 GMT
last-modified
Tue, 22 Mar 2022 13:08:02 GMT
vary
User-Agent, Accept-Encoding
server
cloudflare
fa-brands-400.woff2
updown.fun/vendor/libs/fontawesome/webfonts/
103 KB
104 KB
Font
General
Full URL
https://updown.fun/vendor/libs/fontawesome/webfonts/fa-brands-400.woff2
Requested by
Host: updown.fun
URL: https://updown.fun/vendor/libs/fontawesome/fontawesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
404c746c8f7e3f9b7611a8f23d908c1a32a5c972236b9d89bb68b05d9bf4b905

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://updown.fun
Referer
https://updown.fun/vendor/libs/fontawesome/fontawesome.min.css

Response headers

x-cache-status
BYPASS
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
etag
"19c40-5dace4d817080"
age
6368
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wgAsvwGWm1KPsD7z0%2BTlXCt79Ca4TBEO0iCrIrq5sUcxvWOjrA5m9AZOGjvDK8lDvoPnwYwbGmiikX%2F75q2X3GyO5%2FN5Ia0eIffb6lJ1KF1aMwvL5hHB4LO8jxHS"}],"group":"cf-nel","max_age":604800}
cf-ray
8ce8bf85e94d8330-SIN
expires
Mon, 07 Oct 2024 19:43:31 GMT
accept-ranges
bytes
content-length
105536
date
Sun, 06 Oct 2024 21:29:39 GMT
last-modified
Tue, 22 Mar 2022 13:08:02 GMT
vary
User-Agent, Accept-Encoding
server
cloudflare
app.js
updown.fun/themes/basic/assets/js/
18 KB
6 KB
Script
General
Full URL
https://updown.fun/themes/basic/assets/js/app.js
Requested by
Host: updown.fun
URL: https://updown.fun/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dfa41264bc484592ebec666be5a2d333d8e5dae6cffb8c4ddbbbf9e5c49f729

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://updown.fun/9AqGQx68zMn6/file

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"7361-6077aab068640-gzip"
age
53498
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CwVLYuro72iC%2BDEBOo%2FqBrK7%2BZNG7xvYu2sNRUR7fYnc796n1lQdm1FWll4uwL856xMXYan8D3IkvOElau4aZfgz4GG9HcjvjSkPfAIC46dFeRPeNo%2FamdnpeQ8U"}],"group":"cf-nel","max_age":604800}
expires
Mon, 07 Oct 2024 06:38:01 GMT
cf-polished
origSize=29537
date
Sun, 06 Oct 2024 21:29:39 GMT
content-type
application/javascript
last-modified
Thu, 12 Oct 2023 01:14:57 GMT
vary
Accept-Encoding,User-Agent
x-cache-status
BYPASS
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ce8bf8699b48330-SIN
server
cloudflare
vironeer-toastr.min.js
updown.fun/vendor/libs/vironeer/toastr/js/
3 KB
1 KB
Script
General
Full URL
https://updown.fun/vendor/libs/vironeer/toastr/js/vironeer-toastr.min.js
Requested by
Host: updown.fun
URL: https://updown.fun/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e69ea651ffbd11346d2d9c2429f65762e64d371f611d0705e4828199abff6148

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://updown.fun/9AqGQx68zMn6/file

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"abe-6078ac2f54880-gzip"
age
6368
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pvl1KIywZy%2FEMYpKVM7euRr8irao%2FdFWMDhFSMRRyPB8cRqb7A8KEHo8XbE0ZUbH7ayf7rByhoEQ4QoYbQE0J5WiYKvZCIbWes50%2Fx5h3lCRye4H8VvLL0G2HoCW"}],"group":"cf-nel","max_age":604800}
expires
Mon, 07 Oct 2024 19:43:31 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 06 Oct 2024 21:29:39 GMT
content-type
application/javascript
last-modified
Thu, 12 Oct 2023 20:26:58 GMT
vary
Accept-Encoding,User-Agent
x-cache-status
BYPASS
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ce8bf8699b68330-SIN
accept-ranges
bytes
content-length
916
server
cloudflare
bootstrap.bundle.min.js
updown.fun/vendor/libs/bootstrap/
77 KB
22 KB
Script
General
Full URL
https://updown.fun/vendor/libs/bootstrap/bootstrap.bundle.min.js
Requested by
Host: updown.fun
URL: https://updown.fun/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e5bcbef6de2733340d0a5a46e17adefa2f86fa89f5275c05c63831b011b88cc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://updown.fun/9AqGQx68zMn6/file

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"13253-6077a9eddbb40-gzip"
age
6368
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AkLhLG8r1P3xgExffKT1NEuTuim3dRBb4EWvuJrce5rmCNp87igf1pM%2BU4QX15Mv1ZinTOEgf8ATo4YAcmphhnEawcktl6uR35L2cSM0x7Vs2NJCE1bMxYlxtfur"}],"group":"cf-nel","max_age":604800}
expires
Mon, 07 Oct 2024 19:43:31 GMT
date
Sun, 06 Oct 2024 21:29:39 GMT
content-type
application/javascript
last-modified
Thu, 12 Oct 2023 01:11:33 GMT
vary
Accept-Encoding,User-Agent
x-cache-status
BYPASS
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ce8bf8699b88330-SIN
accept-ranges
bytes
content-length
22451
server
cloudflare
jquery.min.js
updown.fun/vendor/libs/jquery/
85 KB
30 KB
Script
General
Full URL
https://updown.fun/vendor/libs/jquery/jquery.min.js
Requested by
Host: updown.fun
URL: https://updown.fun/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f764efbb2cdb303e3019325d811225ead27d656f8b40390de427db1415dc56a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://updown.fun/9AqGQx68zMn6/file

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"155a5-5fd09c5770d40-gzip"
age
6368
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xbHbmhcC2oEIk2a25uBncWyQW3nZVh1SaPPx99rTsSpISKhAZ2ph%2BBpUUfhFrceuV2ZEu8XbDBhFIybhfm8e6HhZ6MxOhbiURZoK5BefsrIINe%2F9VlnH6s4ZDSis"}],"group":"cf-nel","max_age":604800}
expires
Mon, 07 Oct 2024 19:43:31 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 06 Oct 2024 21:29:39 GMT
content-type
application/javascript
last-modified
Thu, 01 Jun 2023 04:21:33 GMT
vary
Accept-Encoding,User-Agent
x-cache-status
BYPASS
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ce8bf8699b98330-SIN
accept-ranges
bytes
content-length
30335
server
cloudflare
js
www.googletagmanager.com/gtag/
312 KB
104 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NJWSM9V4VG
Requested by
Host: updown.fun
URL: https://updown.fun/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
36ebdf02636754dfd4b134f9a4a8514deb7f23dd1f03082c48d32f35fee06f91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://updown.fun/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sun, 06 Oct 2024 21:29:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 06 Oct 2024 21:29:39 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
105914
x-xss-protection
0
server
Google Tag Manager
api.js
www.google.com/recaptcha/
1 KB
970 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?hl=en
Requested by
Host: updown.fun
URL: https://updown.fun/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f4.1e100.net
Software
ESF /
Resource Hash
8ab3bc08e25f6a7e24ef75ee66ed06360bceeace487d22822d7724b3f2bbed50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://updown.fun/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Sun, 06 Oct 2024 21:29:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Sun, 06 Oct 2024 21:29:39 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
152 KB
51 KB
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: updown.fun
URL: https://updown.fun/9AqGQx68zMn6/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
7cb2f0c956372c7759030d4e3f42a9e094e272a52bd0e45d6c4c41958a880d68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://updown.fun/

Response headers

content-encoding
br
etag
9756067897028164275
x-content-type-options
nosniff
expires
Sun, 06 Oct 2024 21:29:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sun, 06 Oct 2024 21:29:40 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
52540
x-xss-protection
0
server
cafe
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-NJWSM9V4VG&gtm=45je4a20v9189126678za200&_p=1728250180235&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533422~101671035~101747727&cid=16610963.1728250180&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1728250180&sct=1&seg=0&dl=https%3A%2F%2Fupdown.fun%2F9AqGQx68zMn6%2Ffile&dt=Updown.fun%20%E2%80%94%20Download%20%E2%80%94%20National%20Bank%20of%20Egypt%20al%20ahly-By%3A%20bx1&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3328
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NJWSM9V4VG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://updown.fun/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://updown.fun
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 06 Oct 2024 21:29:40 GMT
content-type
text/plain
server
Golfe2
favicon.png
updown.fun/themes/basic/images/
23 KB
23 KB
Other
General
Full URL
https://updown.fun/themes/basic/images/favicon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70a0cbd5da8ffd00e18fc33a560acbb80e71accab5b59b1e3ccf5e2f96d16401

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://updown.fun/9AqGQx68zMn6/file

Response headers

cf-cache-status
HIT
etag
"5b3c-61c7143470616"
age
3307526
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wYWq1C96U8BnDM4RjFkZdayrCmgZKMe3cU6h4Yze%2F8b2lZO0QuwhDLsX4g0KdjDn7jXJob9mFEZ%2FsXeJROpjt2uzRU4LMHU0odewiE2ZIRPq9n3nKH%2BCirarPaUJ"}],"group":"cf-nel","max_age":604800}
expires
Fri, 29 Aug 2025 14:44:14 GMT
date
Sun, 06 Oct 2024 21:29:40 GMT
content-type
image/png
last-modified
Thu, 04 Jul 2024 19:50:45 GMT
vary
User-Agent, Accept-Encoding
x-cache-status
BYPASS
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ce8bf8bfe0f8330-SIN
accept-ranges
bytes
content-length
23356
server
cloudflare
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
152 KB
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: updown.fun
URL: https://updown.fun/themes/basic/assets/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
7cb2f0c956372c7759030d4e3f42a9e094e272a52bd0e45d6c4c41958a880d68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://updown.fun/

Response headers

content-encoding
br
etag
9756067897028164275
x-content-type-options
nosniff
expires
Sun, 06 Oct 2024 21:29:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sun, 06 Oct 2024 21:29:40 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
52540
x-xss-protection
0
server
cafe
recaptcha__en.js
www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/
539 KB
213 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
b5e8ec5d4dcc080657deb2d004f65d974bf4ec9e9aa5d621e10749182fff8731
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://updown.fun
Referer
https://updown.fun/

Response headers

content-encoding
gzip
age
7977
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Mon, 06 Oct 2025 19:16:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 06 Oct 2024 19:16:43 GMT
last-modified
Mon, 23 Sep 2024 04:00:50 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
218137
x-xss-protection
0
server
sffe
anchor
www.google.com/recaptcha/api2/ Frame C2A1
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeZiwYqAAAAAId06riILcVlfLc_swowpjPf2i6o&co=aHR0cHM6Ly91cGRvd24uZnVuOjQ0Mw..&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=normal&cb=m6blaq51p71t
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9mUznoTXc8f8Huxc4pPe3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://updown.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-9mUznoTXc8f8Huxc4pPe3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Sun, 06 Oct 2024 21:29:40 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
bframe
www.google.com/recaptcha/api2/ Frame ED74
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&k=6LeZiwYqAAAAAId06riILcVlfLc_swowpjPf2i6o
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DGpP7TPH-p9sy4tFfkyYiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://updown.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-DGpP7TPH-p9sy4tFfkyYiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Sun, 06 Oct 2024 21:29:41 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
truncated
/
273 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
953c39b93c46656e2d25a28dd13379498f98e991a78f682c4a42c951bc87a0f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| __cfQR function| protection function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal function| $ function| jQuery number| uidEvent object| bootstrap function| copy function| recaptchaCallback boolean| __cfRLUnblockHandlers object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_961849

5 Cookies

Domain/Path Name / Value
updown.fun/ Name: XSRF-TOKEN
Value: eyJpdiI6IkRzTHdpUDd1TTAzL3ZyTXR2VzRGWWc9PSIsInZhbHVlIjoicDFqSWllQ1BMcFBGZkluZ1ZjcXl0cDNjVGlKZXdDamRBeGVyR1lTQklTWnppYStaUUJ4TWk3UWJoSlpnenlrQUJnK2VVY1VRdVQ2MEZUZ2plSDZNZVM4bVFqSUswUGpiOVhseTI0OWpzaUUxcU82aEtKUHFYTUhsT2dGZ0NTRVYiLCJtYWMiOiI1Y2FhMjE2ZGMxMzRjOWQ3YjFiMjY5M2QwYTVjNmEzNjlkZTNiMDVmODIwZmRhOGUwNmFkNTIwYThhN2ZmNzIwIiwidGFnIjoiIn0%3D
updown.fun/ Name: updownfun_user_session
Value: eyJpdiI6IjNCdWQ0UnJja3d4SGFrNXgwT0hGTFE9PSIsInZhbHVlIjoiUmFxM21VQmJCTG9ad0haSEkvRy96Wk14a0p1bS9LK1N4OUZDMXg1bHRqV2pOcE5WRjNSMW4wTWVYYUhQaURaSW52Tm43RFpTaDZ4SnFQZU44dHQzWmlWVjlKUUtRV2Ezb3NFQ1NGNDZmR2szNW5ma25sNnpPdTJpZ3JHd0h4QXMiLCJtYWMiOiI2ZjQ3NTE4MjMxYjQwMTU1MGQ2M2EyMTYwZTUzODAzNmU0OTRkZmE2ZGM3OWY3Zjc5MzA2M2I4OGQwYzFmYjAxIiwidGFnIjoiIn0%3D
.updown.fun/ Name: _ga_NJWSM9V4VG
Value: GS1.1.1728250180.1.0.1728250180.0.0.0
.updown.fun/ Name: _ga
Value: GA1.1.16610963.1728250180
updown.fun/ Name: adb
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
pagead2.googlesyndication.com
region1.google-analytics.com
updown.fun
www.google.com
www.googletagmanager.com
www.gstatic.com
142.250.184.194
142.250.186.132
142.250.186.67
172.67.156.175
2001:4860:4802:34::36
216.58.212.163
2a00:1450:4001:80f::2008
2a00:1450:4001:829::200a
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
1262bff0591c36094d058ab102b84ce34eb1e547e8ff00557bf8d55449e58e40
188a706590dc9e898c5c90a1da8346a9bc732cad28884386fbf20b05f4e83594
2dfa41264bc484592ebec666be5a2d333d8e5dae6cffb8c4ddbbbf9e5c49f729
36ebdf02636754dfd4b134f9a4a8514deb7f23dd1f03082c48d32f35fee06f91
373669430b4ff3da1a6f4e7fa1549d20f282b6206f87a1edfc3e363ac4818550
3e5bcbef6de2733340d0a5a46e17adefa2f86fa89f5275c05c63831b011b88cc
404c746c8f7e3f9b7611a8f23d908c1a32a5c972236b9d89bb68b05d9bf4b905
4250a7a8bace76e55d3f940c431cc31a925ef183faaea8499d4da8889df9d2f7
457d42dfc58373e2b07655f896ed685ba9729c2111684fd6eb02bf3697634939
53ee0f242c7f799bd667abe2b20c19be146152c71e0dd00a75f3365681298bd9
6435396e3e17c17324e0cf2a6abb165ec5766a81c132461c53e6d8ccfc8fc3f8
70a0cbd5da8ffd00e18fc33a560acbb80e71accab5b59b1e3ccf5e2f96d16401
7cb2f0c956372c7759030d4e3f42a9e094e272a52bd0e45d6c4c41958a880d68
7dccacdf65a58081f0d11f508b3ca8735df46dd53ad7f6839a240493a26ac597
899d37d16eb5aca9ef09b36137278482714583285ae98a81d5e5b5181c952d8f
8ab3bc08e25f6a7e24ef75ee66ed06360bceeace487d22822d7724b3f2bbed50
8f764efbb2cdb303e3019325d811225ead27d656f8b40390de427db1415dc56a
941ba21a55ec94d6378d654a9c712fe2c191edd16ee1a802697715ada1cd0cc6
953c39b93c46656e2d25a28dd13379498f98e991a78f682c4a42c951bc87a0f2
97201a142a3afc89ed1ac7a866b28fcbc877f07eabbd1071b3104b25af091d9a
b5e8ec5d4dcc080657deb2d004f65d974bf4ec9e9aa5d621e10749182fff8731
b61ca0a855574122c31da4722ca0a2cde64ab714ab456e32b7c1bf791f64bb46
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d76fb4e841748a3f6bc63efa23156e02631c283bf41f84efcbdaf339ea3e1b73
ddca7524a237e8f8bcacf13dd24d2b30b1567c88b98e7ec50744144f103d6526
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e69ea651ffbd11346d2d9c2429f65762e64d371f611d0705e4828199abff6148
f1e4c18549167223af672ff319ac7293d52e09fd02544d08d4166078b5f36c4d