URL: https://updown.fun/0wgWGqRQm4oy/file
Submission: On August 11 via api from US — Scanned from DE

Summary

This website contacted 7 IPs in 2 countries across 7 domains to perform 30 HTTP transactions. The main IP is 172.67.156.175, located in United States and belongs to CLOUDFLARENET, US. The main domain is updown.fun.
TLS certificate: Issued by WE1 on July 4th 2024. Valid for: 3 months.
This is the only time updown.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
19 updown.fun
updown.fun
456 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 10
962 B
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 157
51 KB
2 gstatic.com
fonts.gstatic.com
www.gstatic.com
238 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
3 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3123
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
102 KB
30 7
Domain Requested by
19 updown.fun updown.fun
3 www.google.com updown.fun
www.gstatic.com
2 pagead2.googlesyndication.com updown.fun
2 fonts.googleapis.com updown.fun
1 region1.google-analytics.com www.googletagmanager.com
1 www.gstatic.com www.google.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.googletagmanager.com updown.fun
30 8

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
wa.me
pinterest.com
Subject Issuer Validity Valid
updown.fun
WE1
2024-07-04 -
2024-10-02
3 months crt.sh
upload.video.google.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
*.google-analytics.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
*.google.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
*.gstatic.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
*.g.doubleclick.net
WR2
2024-07-30 -
2024-10-22
3 months crt.sh

This page contains 3 frames:

Primary Page: https://updown.fun/0wgWGqRQm4oy/file
Frame ID: A376FD18CA32580EA638CA5F1972B024
Requests: 28 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeZiwYqAAAAAId06riILcVlfLc_swowpjPf2i6o&co=aHR0cHM6Ly91cGRvd24uZnVuOjQ0Mw..&hl=en&v=_ZpyzC9NQw3gYt1GHTrnprhx&size=normal&cb=hhuox5wl97ga
Frame ID: 5C0FA17E3A0ED9983E94BCA92301BEB6
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=_ZpyzC9NQw3gYt1GHTrnprhx&k=6LeZiwYqAAAAAId06riILcVlfLc_swowpjPf2i6o
Frame ID: 7FB53879614504D7BD35F0470CDB9BD3
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Updown.fun — Download — yiminjector

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • <div[^>]+class="g-recaptcha"
  • /recaptcha/api\.js

Page Statistics

30
Requests

100 %
HTTPS

57 %
IPv6

7
Domains

8
Subdomains

7
IPs

2
Countries

851 kB
Transfer

2127 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request file
updown.fun/0wgWGqRQm4oy/
28 KB
10 KB
Document
General
Full URL
https://updown.fun/0wgWGqRQm4oy/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5e5647a3c5efcd478cdca23eac46fc5d0dd907bcd3d8b585740b33465ffc196

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8b156904cf873665-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 11 Aug 2024 04:16:26 GMT
expires
-1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dd3pv46R8LvGTiCgJT%2BfjymxgMVxFLHBXqj%2FwdMLjrOdL5jIrI%2BXBG0fPtHTGF9%2BvbSt2IQnqRlWkkLvutm7kSCRwgifj4g8VnERDVLnN%2BFn0%2FEA661MxzIowGuC"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
x-cache-status
MISS
bootstrap.min.css
updown.fun/vendor/libs/bootstrap/
159 KB
24 KB
Stylesheet
General
Full URL
https://updown.fun/vendor/libs/bootstrap/bootstrap.min.css
Requested by
Host: updown.fun
URL: https://updown.fun/0wgWGqRQm4oy/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
457d42dfc58373e2b07655f896ed685ba9729c2111684fd6eb02bf3697634939

Request headers

Referer
https://updown.fun/0wgWGqRQm4oy/file
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 04:16:26 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1836610
x-cache-status
BYPASS
alt-svc
h3=":443"; ma=86400
content-length
23849
last-modified
Thu, 12 Oct 2023 01:11:40 GMT
server
cloudflare
etag
"27b73-6077a9f488b00-gzip"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4NqD9mT2l9uLnkMgIdi9q74OfFO6ZQ7CciCIRGTCs8qQoClZxqCyVa1lrqHpm81BupWT2PWNwyZOwEGUW4m4tzdiaFPlzTS0%2BJuXC%2FNaooNHLe4qTx%2FYPe2%2BkjUA"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
8b156906c8b23665-FRA
expires
Mon, 19 Aug 2024 22:06:16 GMT
fontawesome.min.css
updown.fun/vendor/libs/fontawesome/
98 KB
21 KB
Stylesheet
General
Full URL
https://updown.fun/vendor/libs/fontawesome/fontawesome.min.css
Requested by
Host: updown.fun
URL: https://updown.fun/0wgWGqRQm4oy/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
188a706590dc9e898c5c90a1da8346a9bc732cad28884386fbf20b05f4e83594

Request headers

Referer
https://updown.fun/0wgWGqRQm4oy/file
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 04:16:26 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1836610
x-cache-status
BYPASS
alt-svc
h3=":443"; ma=86400
content-length
20557
last-modified
Sun, 17 Jul 2022 16:22:02 GMT
server
cloudflare
etag
"18972-5e402a6bc9e80-gzip"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p7ia%2BGp78QML8LcwDiItIcyLb2zFJTuraIUic8ql8VySpOKtp5fWQjsTm9n06DKNkFVPZMIaHrFWGzkI9PWLc92siPi6vs6cLKS4Yu%2Bc9xu2I4H3gSdPaxA6rmOb"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
8b156906d8b43665-FRA
expires
Mon, 19 Aug 2024 22:06:16 GMT
vironeer-toastr.min.css
updown.fun/vendor/libs/vironeer/toastr/css/
7 KB
2 KB
Stylesheet
General
Full URL
https://updown.fun/vendor/libs/vironeer/toastr/css/vironeer-toastr.min.css
Requested by
Host: updown.fun
URL: https://updown.fun/0wgWGqRQm4oy/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dccacdf65a58081f0d11f508b3ca8735df46dd53ad7f6839a240493a26ac597

Request headers

Referer
https://updown.fun/0wgWGqRQm4oy/file
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 04:16:26 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1836610
x-cache-status
BYPASS
alt-svc
h3=":443"; ma=86400
content-length
1876
last-modified
Thu, 12 Oct 2023 20:26:58 GMT
server
cloudflare
etag
"1c24-6078ac2f54880-gzip"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1hgNjbhYvI2ASadjdcjpNRQjImyiQG2tD9i9aQ8p%2Bxro4sME1nIAQn5%2BBWmWClKWNC%2BikG5YQuBbN%2Bf4KMTIVp0VqJwWmdDLE1C7wkRJ1NXnoTPPTdiuD7CEbVV%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
8b156906d8b63665-FRA
expires
Mon, 19 Aug 2024 22:06:16 GMT
colors.css
updown.fun/themes/basic/assets/css/
268 B
656 B
Stylesheet
General
Full URL
https://updown.fun/themes/basic/assets/css/colors.css
Requested by
Host: updown.fun
URL: https://updown.fun/0wgWGqRQm4oy/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b61ca0a855574122c31da4722ca0a2cde64ab714ab456e32b7c1bf791f64bb46

Request headers

Referer
https://updown.fun/0wgWGqRQm4oy/file
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 04:16:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1831972
cf-polished
origSize=299
x-cache-status
BYPASS
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 05 Jul 2024 20:02:44 GMT
server
cloudflare
etag
W/"12b-61c858bf1161d-gzip"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ItmIjvFuqjov9HR7raH0TCoLoLl3NnAfM3cP1TpW%2BXTqaRghSMIz4vtm9VtLtIzPQl5zdwGhBaz8NgwBEmxMHB6HR6vryKhpgITCx0KHV%2FvHj9iySXgLCfjI6dcm"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
8b156906d8b83665-FRA
expires
Mon, 19 Aug 2024 23:23:34 GMT
app.css
updown.fun/themes/basic/assets/css/
92 KB
15 KB
Stylesheet
General
Full URL
https://updown.fun/themes/basic/assets/css/app.css
Requested by
Host: updown.fun
URL: https://updown.fun/0wgWGqRQm4oy/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
899d37d16eb5aca9ef09b36137278482714583285ae98a81d5e5b5181c952d8f

Request headers

Referer
https://updown.fun/0wgWGqRQm4oy/file
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 04:16:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1831972
cf-polished
origSize=119526
x-cache-status
BYPASS
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 16 Oct 2023 15:51:17 GMT
server
cloudflare
etag
W/"1d2e6-607d760672740-gzip"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jMWRPpvRy6lCkjFFAxOhYNp8%2BiUXpHXZOykRDqSjWuEDAr4Q3eJ9b8YL2rJYxCj3PnD63t8apzDu4wSWae6JNqcMN6gVINXdXa2GhgSnlajEthYXU9h4R18ha%2FwO"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
8b156906d8b93665-FRA
expires
Mon, 19 Aug 2024 23:23:34 GMT
custom.css
updown.fun/themes/basic/assets/css/
0
495 B
Stylesheet
General
Full URL
https://updown.fun/themes/basic/assets/css/custom.css
Requested by
Host: updown.fun
URL: https://updown.fun/0wgWGqRQm4oy/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://updown.fun/0wgWGqRQm4oy/file
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 04:16:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1831972
x-cache-status
BYPASS
alt-svc
h3=":443"; ma=86400
content-length
0
cf-bgj
minify
last-modified
Fri, 06 Oct 2023 00:32:35 GMT
server
cloudflare
etag
"0-6070160766ec0"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iSiiOSBcE1NCs3hjKzfe5lVjwIVBw37JGpL0gxk6MkjveyIxYRpfdg%2FdfNcScdhqAxz4ZEo%2BcQLpFf5Ir%2BPS82qA4ZJ890U7YzcKc90cF1MH5lFjrFoFrmUjR%2F8G"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
8b156906d8ba3665-FRA
expires
Mon, 19 Aug 2024 23:23:34 GMT
logo-dark.png
updown.fun/themes/basic/images/
17 KB
18 KB
Image
General
Full URL
https://updown.fun/themes/basic/images/logo-dark.png
Requested by
Host: updown.fun
URL: https://updown.fun/0wgWGqRQm4oy/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97201a142a3afc89ed1ac7a866b28fcbc877f07eabbd1071b3104b25af091d9a

Request headers

Referer
https://updown.fun/0wgWGqRQm4oy/file
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 04:16:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1831972
x-cache-status
BYPASS
alt-svc
h3=":443"; ma=86400
content-length
17784
last-modified
Thu, 04 Jul 2024 19:56:09 GMT
server
cloudflare
etag
"4578-61c71568c8f63"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0WRepDj2BMsIcLgcdzOwB%2Be%2Fse%2BnnyP91gQe5HnCUDqO3dVFquXlf%2BMXiGkvjE4DIqs3CNWc44WV9iN6%2BGajcSviTmUO%2BseKCJRMe7kcQE4CbJ5q7V%2FsoKFrvJkV"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8b156906d8bb3665-FRA
expires
Sun, 20 Jul 2025 23:23:34 GMT
en.png
updown.fun/images/languages/
567 B
1 KB
Image
General
Full URL
https://updown.fun/images/languages/en.png
Requested by
Host: updown.fun
URL: https://updown.fun/0wgWGqRQm4oy/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
941ba21a55ec94d6378d654a9c712fe2c191edd16ee1a802697715ada1cd0cc6

Request headers

Referer
https://updown.fun/0wgWGqRQm4oy/file
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 04:16:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1831972
x-cache-status
BYPASS
alt-svc
h3=":443"; ma=86400
content-length
567
last-modified
Sat, 28 Jan 2023 17:20:43 GMT
server
cloudflare
etag
"237-5f35633a8f0c0"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NehJk6%2FYsFcPjAaztAaM4TaqGpqoiBlRYMvpMvzVY%2BFlC9bUyuTE6dKCpgzYIf11sjFlceju2WHCvUeUa7AGk4Vb%2BfLAgV9jYz4tbZzlXApjQWAyN8qsw8T%2Bdfyk"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8b156906d8bc3665-FRA
expires
Sun, 20 Jul 2025 23:23:34 GMT
ru.png
updown.fun/images/languages/
552 B
1 KB
Image
General
Full URL
https://updown.fun/images/languages/ru.png
Requested by
Host: updown.fun
URL: https://updown.fun/0wgWGqRQm4oy/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4250a7a8bace76e55d3f940c431cc31a925ef183faaea8499d4da8889df9d2f7

Request headers

Referer
https://updown.fun/0wgWGqRQm4oy/file
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 04:16:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1831972
x-cache-status
BYPASS
alt-svc
h3=":443"; ma=86400
content-length
552
last-modified
Wed, 03 Jul 2024 16:33:55 GMT
server
cloudflare
etag
"228-61c5a657b7be9"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TwHakFCJWiLxXjIKMOteKKyiM8jMBPDTmZ2G%2FkIGfG1UPND89IpzrjBHUAglw0Y3MMwZVgQd9RHtPSFPojzB73JyKcPN26Rsnyj6HxKlcJLY8cReDNs118%2BWnMey"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8b15690708d83665-FRA
expires
Sun, 20 Jul 2025 23:23:34 GMT
tr.png
updown.fun/images/languages/
21 KB
22 KB
Image
General
Full URL
https://updown.fun/images/languages/tr.png
Requested by
Host: updown.fun
URL: https://updown.fun/0wgWGqRQm4oy/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
373669430b4ff3da1a6f4e7fa1549d20f282b6206f87a1edfc3e363ac4818550

Request headers

Referer
https://updown.fun/0wgWGqRQm4oy/file
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 04:16:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
83471
x-cache-status
BYPASS
alt-svc
h3=":443"; ma=86400
content-length
21884
last-modified
Wed, 03 Jul 2024 10:49:49 GMT
server
cloudflare
etag
"557c-61c5596e83801"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K3FG%2B%2Fv6iE8MydRcpE%2Fkl1KFGEajTDgc3yGijz%2Burf9L89XMlmEuEkpotuH%2BoGuLExZDActDUQTvqoWWDxzrbOXVEMyus3JXdEnMmV%2FV9vsjUstOdNDOgZLABgF%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8b15690708db3665-FRA
expires
Sun, 10 Aug 2025 05:05:15 GMT
rocket-loader.min.js
updown.fun/cdn-cgi/scripts/7d0fa10a/cloudflare-static/
12 KB
4 KB
Script
General
Full URL
https://updown.fun/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: updown.fun
URL: https://updown.fun/0wgWGqRQm4oy/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://updown.fun/0wgWGqRQm4oy/file
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 04:16:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 06 Aug 2024 10:19:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66b1f8c4-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1ufN%2B4642D2C70yo5PZohlJS81f%2BlDTpwAVBmRYC77W61TLic8uM%2F1iSiEdKYKdjzEkfgKopDwFkCiTFRqCWe193ECmjdOvR1Jrv878D8zQ38NKAzb1GX0lpbnMh"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
8b15690708dc3665-FRA
expires
Tue, 13 Aug 2024 04:16:26 GMT
css2
fonts.googleapis.com/
16 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700;800;900&display=swap
Requested by
Host: updown.fun
URL: https://updown.fun/vendor/libs/vironeer/toastr/css/vironeer-toastr.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f1e4c18549167223af672ff319ac7293d52e09fd02544d08d4166078b5f36c4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://updown.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 11 Aug 2024 04:16:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 11 Aug 2024 02:49:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 11 Aug 2024 04:16:26 GMT
css2
fonts.googleapis.com/
31 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;1,100&family=Plus+Jakarta+Sans:wght@200;300;400;500;600;700;800&display=swap&family=Almarai:wght@300;400;700;800&display=swap
Requested by
Host: updown.fun
URL: https://updown.fun/themes/basic/assets/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ce937fd256c0c14466ed1104d33567c34bd8787abe060dd2207462daffc98baf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://updown.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 11 Aug 2024 04:16:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 11 Aug 2024 04:16:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 11 Aug 2024 04:16:26 GMT
app.js
updown.fun/themes/basic/assets/js/
18 KB
6 KB
Script
General
Full URL
https://updown.fun/themes/basic/assets/js/app.js
Requested by
Host: updown.fun
URL: https://updown.fun/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dfa41264bc484592ebec666be5a2d333d8e5dae6cffb8c4ddbbbf9e5c49f729

Request headers

Referer
https://updown.fun/0wgWGqRQm4oy/file
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 04:16:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
61986
cf-polished
origSize=29537
x-cache-status
BYPASS
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 12 Oct 2023 01:14:57 GMT
server
cloudflare
etag
W/"7361-6077aab068640-gzip"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2q1fmFqPiem3zmCZOAGnKLUi7LFFkO0Da87gzjh4w6P5vqD%2F1W6flfQoh7cNQp9lxXgm9Zlx6XabL1j3xuIwfTHrGX4yVLIvEWTDRfxBmE0StWI7g0hx2IctjUf5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
8b15690819ab3665-FRA
expires
Sun, 11 Aug 2024 11:03:20 GMT
vironeer-toastr.min.js
updown.fun/vendor/libs/vironeer/toastr/js/
3 KB
1 KB
Script
General
Full URL
https://updown.fun/vendor/libs/vironeer/toastr/js/vironeer-toastr.min.js
Requested by
Host: updown.fun
URL: https://updown.fun/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e69ea651ffbd11346d2d9c2429f65762e64d371f611d0705e4828199abff6148

Request headers

Referer
https://updown.fun/0wgWGqRQm4oy/file
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 04:16:26 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
61986
x-cache-status
BYPASS
alt-svc
h3=":443"; ma=86400
content-length
916
last-modified
Thu, 12 Oct 2023 20:26:58 GMT
server
cloudflare
etag
"abe-6078ac2f54880-gzip"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S10Mh5hreE2H3cSNvQJDv0HKCLGxtbMvojO136K%2BydaGHpC%2FjKNMh5dIC4KjzMsO6MJMPq%2BFHxiAGx7mD9bqG%2BJkb5uvyz5inpIMiGtFlrHaCpjnNi46re7bJrgD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
8b15690819ac3665-FRA
expires
Sun, 11 Aug 2024 11:03:20 GMT
bootstrap.bundle.min.js
updown.fun/vendor/libs/bootstrap/
77 KB
22 KB
Script
General
Full URL
https://updown.fun/vendor/libs/bootstrap/bootstrap.bundle.min.js
Requested by
Host: updown.fun
URL: https://updown.fun/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e5bcbef6de2733340d0a5a46e17adefa2f86fa89f5275c05c63831b011b88cc

Request headers

Referer
https://updown.fun/0wgWGqRQm4oy/file
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 04:16:26 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
61986
x-cache-status
BYPASS
alt-svc
h3=":443"; ma=86400
content-length
22451
last-modified
Thu, 12 Oct 2023 01:11:33 GMT
server
cloudflare
etag
"13253-6077a9eddbb40-gzip"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iLhMVpsNqPK1FakjoffHwiHeEadjZ7pnKLPr3aUjEpVcPs9bs9L51pNjoEWuhywGKJMb0KJupUjRAr2v6tOe%2FfvGEo2FA0WwrQczmohVM7P9xtpat4rHgA%2FFStJ6"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
8b15690819b03665-FRA
expires
Sun, 11 Aug 2024 11:03:20 GMT
jquery.min.js
updown.fun/vendor/libs/jquery/
85 KB
30 KB
Script
General
Full URL
https://updown.fun/vendor/libs/jquery/jquery.min.js
Requested by
Host: updown.fun
URL: https://updown.fun/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f764efbb2cdb303e3019325d811225ead27d656f8b40390de427db1415dc56a

Request headers

Referer
https://updown.fun/0wgWGqRQm4oy/file
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 04:16:26 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
52405
x-cache-status
BYPASS
alt-svc
h3=":443"; ma=86400
content-length
30335
last-modified
Thu, 01 Jun 2023 04:21:33 GMT
server
cloudflare
etag
"155a5-5fd09c5770d40-gzip"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RSBNjsHIwK1Y9xCssN7uJTLMth03MWE5mFfqS%2BfedmLNrCfBUjRPsZ04K45hI9BtsupXlB%2FVNTrJxCfbwA%2BG%2BGCw0VlA%2B8UWC0AmbDacad9hkNkUSG1tbkHEADkA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
8b15690819b23665-FRA
expires
Sun, 11 Aug 2024 13:43:01 GMT
js
www.googletagmanager.com/gtag/
308 KB
102 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NJWSM9V4VG
Requested by
Host: updown.fun
URL: https://updown.fun/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
164c9d4f6e82258c6e37a13cc91b8d5a547687f795104d5e38722d3685b3dfef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://updown.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 04:16:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
104382
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 11 Aug 2024 04:16:27 GMT
api.js
www.google.com/recaptcha/
1 KB
962 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?hl=en
Requested by
Host: updown.fun
URL: https://updown.fun/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f4.1e100.net
Software
GSE /
Resource Hash
72300664eb8a91149f6e107df9259946e156b71e37c5e746b6acc7c0a2e86b1f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://updown.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 04:16:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sun, 11 Aug 2024 04:16:27 GMT
LDIoaomQNQcsA88c7O9yZ4KMCoOg4Ko20yw.woff2
fonts.gstatic.com/s/plusjakartasans/v8/
27 KB
27 KB
Font
General
Full URL
https://fonts.gstatic.com/s/plusjakartasans/v8/LDIoaomQNQcsA88c7O9yZ4KMCoOg4Ko20yw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;1,100&family=Plus+Jakarta+Sans:wght@200;300;400;500;600;700;800&display=swap&family=Almarai:wght@300;400;700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1262bff0591c36094d058ab102b84ce34eb1e547e8ff00557bf8d55449e58e40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://updown.fun
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 19:40:48 GMT
x-content-type-options
nosniff
age
290139
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27444
x-xss-protection
0
last-modified
Thu, 22 Jun 2023 14:14:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Aug 2025 19:40:48 GMT
fa-solid-900.woff2
updown.fun/vendor/libs/fontawesome/webfonts/
151 KB
151 KB
Font
General
Full URL
https://updown.fun/vendor/libs/fontawesome/webfonts/fa-solid-900.woff2
Requested by
Host: updown.fun
URL: https://updown.fun/vendor/libs/fontawesome/fontawesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d76fb4e841748a3f6bc63efa23156e02631c283bf41f84efcbdaf339ea3e1b73

Request headers

Referer
https://updown.fun/vendor/libs/fontawesome/fontawesome.min.css
Origin
https://updown.fun
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 04:16:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
61986
x-cache-status
BYPASS
alt-svc
h3=":443"; ma=86400
content-length
154228
last-modified
Tue, 22 Mar 2022 13:08:02 GMT
server
cloudflare
etag
"25a74-5dace4d817080"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LdmXSe8Krfy1CR%2B1HzWu8ZdRY4IZXoyfBy7PXz3Adx%2Br1%2BgDEaMe8Z7btEt3g%2Fz2X1OuB5FndoOUU6%2FTkEYu%2FMw3pKigfq1yqLbpFu0RVQvCSUJExna0pqtZqtGq"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
8b15690849d33665-FRA
expires
Sun, 11 Aug 2024 11:03:20 GMT
fa-brands-400.woff2
updown.fun/vendor/libs/fontawesome/webfonts/
103 KB
104 KB
Font
General
Full URL
https://updown.fun/vendor/libs/fontawesome/webfonts/fa-brands-400.woff2
Requested by
Host: updown.fun
URL: https://updown.fun/vendor/libs/fontawesome/fontawesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
404c746c8f7e3f9b7611a8f23d908c1a32a5c972236b9d89bb68b05d9bf4b905

Request headers

Referer
https://updown.fun/vendor/libs/fontawesome/fontawesome.min.css
Origin
https://updown.fun
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 04:16:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
26469
x-cache-status
BYPASS
alt-svc
h3=":443"; ma=86400
content-length
105536
last-modified
Tue, 22 Mar 2022 13:08:02 GMT
server
cloudflare
etag
"19c40-5dace4d817080"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DMSHDknfCN5tC0vBfx2bHd4tPnBJUVLRSqLHHlFJlY6nGn%2BMvgTzlOZjrVWBpQFfyrDDPwjpwaZMFISdBN%2BjMUlbM%2F8coa%2FwdvGO9JOKhlLppOAr2A66h1PoDM4C"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
8b15690849d73665-FRA
expires
Sun, 11 Aug 2024 20:55:17 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
158 KB
51 KB
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: updown.fun
URL: https://updown.fun/0wgWGqRQm4oy/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e83338676b012b1fa2429db3e17c0ca20c6d4b3f32baf87f5156afca2308ad07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://updown.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 04:16:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52600
x-xss-protection
0
server
cafe
etag
3384925885985165251
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sun, 11 Aug 2024 04:16:27 GMT
favicon.png
updown.fun/themes/basic/images/
23 KB
23 KB
Other
General
Full URL
https://updown.fun/themes/basic/images/favicon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70a0cbd5da8ffd00e18fc33a560acbb80e71accab5b59b1e3ccf5e2f96d16401

Request headers

Referer
https://updown.fun/0wgWGqRQm4oy/file
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 04:16:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1831972
x-cache-status
BYPASS
alt-svc
h3=":443"; ma=86400
content-length
23356
last-modified
Thu, 04 Jul 2024 19:50:45 GMT
server
cloudflare
etag
"5b3c-61c7143470616"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=554%2BvfxmtqhzFZdoWJC%2Buari5OBih3R%2FyIhY%2F3dzPbmWlFepmclE4kuEn4rVu1IC%2FQ4GOsH5lu5jfr9XPZ1Dnlncwd2OA0ToFaPfd4Bs5rhtCvxAXgPNeUoKdAda"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8b1569095a9f3665-FRA
expires
Sun, 20 Jul 2025 23:23:35 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
158 KB
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: updown.fun
URL: https://updown.fun/themes/basic/assets/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e83338676b012b1fa2429db3e17c0ca20c6d4b3f32baf87f5156afca2308ad07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://updown.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 04:16:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52600
x-xss-protection
0
server
cafe
etag
3384925885985165251
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sun, 11 Aug 2024 04:16:27 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/_ZpyzC9NQw3gYt1GHTrnprhx/
533 KB
211 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/_ZpyzC9NQw3gYt1GHTrnprhx/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0579319097e8c725b3a3dcc597ec62fad86a379ea3c8c41c290deb379d3e6ee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://updown.fun/
Origin
https://updown.fun
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 20:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
115085
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
215162
x-xss-protection
0
last-modified
Tue, 06 Aug 2024 00:43:36 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 09 Aug 2025 20:18:22 GMT
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-NJWSM9V4VG&gtm=45je4880v9189126678za200&_p=1723349787056&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=930180133.1723349787&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1723349787&sct=1&seg=0&dl=https%3A%2F%2Fupdown.fun%2F0wgWGqRQm4oy%2Ffile&dt=Updown.fun%20%E2%80%94%20Download%20%E2%80%94%20yiminjector&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=981
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NJWSM9V4VG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://updown.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Aug 2024 04:16:27 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://updown.fun
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame 5C0F
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeZiwYqAAAAAId06riILcVlfLc_swowpjPf2i6o&co=aHR0cHM6Ly91cGRvd24uZnVuOjQ0Mw..&hl=en&v=_ZpyzC9NQw3gYt1GHTrnprhx&size=normal&cb=hhuox5wl97ga
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_ZpyzC9NQw3gYt1GHTrnprhx/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-s_jRgqGqjbNL5A48qwlg7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://updown.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-s_jRgqGqjbNL5A48qwlg7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 11 Aug 2024 04:16:27 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
bframe
www.google.com/recaptcha/api2/ Frame 7FB5
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=_ZpyzC9NQw3gYt1GHTrnprhx&k=6LeZiwYqAAAAAId06riILcVlfLc_swowpjPf2i6o
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_ZpyzC9NQw3gYt1GHTrnprhx/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-AOmF56dYiswFjIdP9ACr8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://updown.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-AOmF56dYiswFjIdP9ACr8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 11 Aug 2024 04:16:27 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| __cfQR function| protection function| gtag object| dataLayer function| $ function| jQuery number| uidEvent object| bootstrap function| copy function| recaptchaCallback boolean| __cfRLUnblockHandlers object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| recaptcha object| closure_lm_588860

5 Cookies

Domain/Path Name / Value
updown.fun/ Name: XSRF-TOKEN
Value: eyJpdiI6InhIMTNEQ3ppempjV2U4Uy8ycTZVTHc9PSIsInZhbHVlIjoiQUlaSUxmR0dMN1BuSnd6UEl6a0dTQjNiVUJYQ2MvSUJhdDRoNDdnZTh1aFBzcFNTQXQxRUl0anl6VkJZVmg0a2RaZjFSMll3dUZaOUVrRWVGaXNSTUFFVlRJNmxqV0MvcVA3TGNSNWZ0cm5BbmJpeGVNZVIxMUZveW1LcWttMWQiLCJtYWMiOiI5MjlmMzI2MWQxNDFkYjU5OThlNTk1NDVhOWU2NWI1OWFkOWQ1NGFmZjMwZmE0NDY4YTc4NjUyMWRmOWIxMTJkIiwidGFnIjoiIn0%3D
updown.fun/ Name: updownfun_user_session
Value: eyJpdiI6ImJzSlJsNUFkVVJYMUZ2dkNGTXIwOEE9PSIsInZhbHVlIjoiaGlrSjcyazFqY0JaU3JrUFExelAxbHp6WjByYVA1MmpaOGo0NWovMVVBSmFQT29LZEFCRWVnZFkwVjB2d0h1QURZTkQyVFhpOVlaall1RU5yK1pjVTMyeTBYa0psNHVadmluZm16d1hoVU1LQ21IZkYvRVpRbHd4dDViNlpKOTUiLCJtYWMiOiJlOGQ3M2ZmNmUyODViYzczNWZmM2ZhOTYzYWViYzYzMjIzZTFmYzM4MzE5M2M4YjgyYjkzODFmM2FkMDYxNWEwIiwidGFnIjoiIn0%3D
updown.fun/ Name: adb
Value: 1
.updown.fun/ Name: _ga_NJWSM9V4VG
Value: GS1.1.1723349787.1.0.1723349787.0.0.0
.updown.fun/ Name: _ga
Value: GA1.1.930180133.1723349787

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
pagead2.googlesyndication.com
region1.google-analytics.com
updown.fun
www.google.com
www.googletagmanager.com
www.gstatic.com
142.250.184.194
142.250.185.68
172.67.156.175
2001:4860:4802:34::36
2a00:1450:4001:80b::2003
2a00:1450:4001:827::200a
2a00:1450:4001:828::2008
0579319097e8c725b3a3dcc597ec62fad86a379ea3c8c41c290deb379d3e6ee0
1262bff0591c36094d058ab102b84ce34eb1e547e8ff00557bf8d55449e58e40
164c9d4f6e82258c6e37a13cc91b8d5a547687f795104d5e38722d3685b3dfef
188a706590dc9e898c5c90a1da8346a9bc732cad28884386fbf20b05f4e83594
2dfa41264bc484592ebec666be5a2d333d8e5dae6cffb8c4ddbbbf9e5c49f729
373669430b4ff3da1a6f4e7fa1549d20f282b6206f87a1edfc3e363ac4818550
3e5bcbef6de2733340d0a5a46e17adefa2f86fa89f5275c05c63831b011b88cc
404c746c8f7e3f9b7611a8f23d908c1a32a5c972236b9d89bb68b05d9bf4b905
4250a7a8bace76e55d3f940c431cc31a925ef183faaea8499d4da8889df9d2f7
457d42dfc58373e2b07655f896ed685ba9729c2111684fd6eb02bf3697634939
70a0cbd5da8ffd00e18fc33a560acbb80e71accab5b59b1e3ccf5e2f96d16401
72300664eb8a91149f6e107df9259946e156b71e37c5e746b6acc7c0a2e86b1f
7dccacdf65a58081f0d11f508b3ca8735df46dd53ad7f6839a240493a26ac597
899d37d16eb5aca9ef09b36137278482714583285ae98a81d5e5b5181c952d8f
8f764efbb2cdb303e3019325d811225ead27d656f8b40390de427db1415dc56a
941ba21a55ec94d6378d654a9c712fe2c191edd16ee1a802697715ada1cd0cc6
97201a142a3afc89ed1ac7a866b28fcbc877f07eabbd1071b3104b25af091d9a
b61ca0a855574122c31da4722ca0a2cde64ab714ab456e32b7c1bf791f64bb46
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ce937fd256c0c14466ed1104d33567c34bd8787abe060dd2207462daffc98baf
d76fb4e841748a3f6bc63efa23156e02631c283bf41f84efcbdaf339ea3e1b73
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e69ea651ffbd11346d2d9c2429f65762e64d371f611d0705e4828199abff6148
e83338676b012b1fa2429db3e17c0ca20c6d4b3f32baf87f5156afca2308ad07
f1e4c18549167223af672ff319ac7293d52e09fd02544d08d4166078b5f36c4d
f5e5647a3c5efcd478cdca23eac46fc5d0dd907bcd3d8b585740b33465ffc196