b.up818.com Open in urlscan Pro
159.89.100.47 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cl.gy/ud1
Effective URL:
https://b.up818.com/up/p
Submission: On September 13 via api (September 13th 2024, 11:49:50 am UTC) from HK — Scanned from IT

Summary HTTP 27 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 27 HTTP transactions. The main IP is 159.89.100.47, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN, US. The main domain is b.up818.com.
TLS certificate: Issued by E5 on August 8th 2024. Valid for: 3 months.

This is the only time b.up818.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.212.63.232 35.212.63.232	15169 (GOOGLE) (GOOGLE)
14	159.89.100.47 159.89.100.47	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
13	216.58.206.35 216.58.206.35	15169 (GOOGLE) (GOOGLE)
27	2

1 35.212.63.232 (Washington, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 232.63.212.35.bc.googleusercontent.com

cl.gy	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 159.89.100.47 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

b.up818.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 216.58.206.35 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	up818.com b.up818.com	3 MB
13	gstatic.com fonts.gstatic.com	674 KB
1	cl.gy 1 redirects cl.gy	401 B
27	3

	Domain	Requested by
14	b.up818.com	b.up818.com
13	fonts.gstatic.com	b.up818.com
1	cl.gy	1 redirects
27	3

This site contains no links.

Subject Issuer	Validity	Valid
b.up818.com E5	`2024-08-08` - `2024-11-06`	3 months	crt.sh
*.gstatic.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://b.up818.com/up/p
Frame ID: C0D8A62D382E8F4946668E7B598F9146
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

UnionPay

Page URL History Show full URLs

https://cl.gy/ud1 HTTP 301
https://b.up818.com/up/p Page URL

Page Statistics

27
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

3326 kB
Transfer

3618 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cl.gy/ud1 HTTP 301
https://b.up818.com/up/p Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request p Show response
b.up818.com/up/
Redirect Chain

https://cl.gy/ud1
https://b.up818.com/up/p

443 KB
143 KB

770ms
216ms

Document
text/html

159.89.100.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://b.up818.com/up/p
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.100.47 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.27.1 /
Resource Hash: f4491863cf6dd69a4a5589494a1ed441e30673bf2cd87c8f190e229b346f86a0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Fri, 13 Sep 2024 11:49:42 GMT
ETag: W/"66dbfc10-6ea02"
Last-Modified: Sat, 07 Sep 2024 07:09:04 GMT
Server: nginx/1.27.1
Transfer-Encoding: chunked

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 13 Sep 2024 11:49:41 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
host-header: 6b7412fb82ca5edfd0917e3957f05d89
location: https://b.up818.com/up/p
pragma: no-cache
server: nginx
x-httpd-modphp: 1
x-proxy-cache: MISS
x-proxy-cache-info: 0301 NC:000000 UP:SKIP_CACHE_SET_COOKIE

GET
H/1.1 200
OK styles.518c0da0c6a327a4.css
b.up818.com/ 327 KB
327 KB 99ms
98ms Stylesheet
text/css 159.89.100.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://b.up818.com/styles.518c0da0c6a327a4.css
Requested by: Host: b.up818.com
URL: https://b.up818.com/up/p
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.100.47 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.27.1 /
Resource Hash: d166cb013c46cccc8462594c532bce0aa7216a174245819f34d0c51d0e87bf47

Request headers

Referer: https://b.up818.com/up/p
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Fri, 13 Sep 2024 11:49:42 GMT
Last-Modified: Sat, 07 Sep 2024 07:09:01 GMT
Server: nginx/1.27.1
ETag: "66dbfc0d-51c8b"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 334987

GET
H/1.1 200
OK runtime.d59d91ea93ff5256.js Show response
b.up818.com/ 905 B
1 KB 308ms
72ms Script
application/javascript 159.89.100.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://b.up818.com/runtime.d59d91ea93ff5256.js
Requested by: Host: b.up818.com
URL: https://b.up818.com/up/p
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.100.47 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.27.1 /
Resource Hash: befb7b1934ab633b47db3b5d0053b59d69cf3fecdb16543d372ce26df080e496

Request headers

Referer: https://b.up818.com/up/p
Origin: https://b.up818.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Fri, 13 Sep 2024 11:49:42 GMT
Last-Modified: Sat, 07 Sep 2024 07:09:01 GMT
Server: nginx/1.27.1
ETag: "66dbfc0d-389"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 905

GET
H/1.1 200
OK polyfills.4e51e99fd26af9ba.js Show response
b.up818.com/ 33 KB
33 KB 400ms
165ms Script
application/javascript 159.89.100.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://b.up818.com/polyfills.4e51e99fd26af9ba.js
Requested by: Host: b.up818.com
URL: https://b.up818.com/up/p
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.100.47 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.27.1 /
Resource Hash: 674aba07e3bbc217921785d5a109124747bfc670bede7bae6369db46d82e5c9b

Request headers

Referer: https://b.up818.com/up/p
Origin: https://b.up818.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Fri, 13 Sep 2024 11:49:42 GMT
Last-Modified: Sat, 07 Sep 2024 07:09:01 GMT
Server: nginx/1.27.1
ETag: "66dbfc0d-8454"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33876

GET
H/1.1 200
OK scripts.3200a9ac2058d1ec.js Show response
b.up818.com/ 350 KB
350 KB 369ms
121ms Script
application/javascript 159.89.100.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://b.up818.com/scripts.3200a9ac2058d1ec.js
Requested by: Host: b.up818.com
URL: https://b.up818.com/up/p
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.100.47 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.27.1 /
Resource Hash: 1a49c6288b18e5a63bcd50c44feaac12f952caf4f226c4a0513cbf46074f082d

Request headers

Referer: https://b.up818.com/up/p
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Fri, 13 Sep 2024 11:49:42 GMT
Last-Modified: Sat, 07 Sep 2024 07:09:01 GMT
Server: nginx/1.27.1
ETag: "66dbfc0d-577c9"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 358345

GET
H/1.1 200
OK main.382139bb17efc1a5.js Show response
b.up818.com/ 1 MB
1 MB 373ms
137ms Script
application/javascript 159.89.100.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://b.up818.com/main.382139bb17efc1a5.js
Requested by: Host: b.up818.com
URL: https://b.up818.com/up/p
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.100.47 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.27.1 /
Resource Hash: 30f7ffba789ec0a6be263bb194820f8a37a8ea4a5220fd998f0b085f7fa39e95

Request headers

Referer: https://b.up818.com/up/p
Origin: https://b.up818.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Fri, 13 Sep 2024 11:49:42 GMT
Last-Modified: Sat, 07 Sep 2024 07:09:01 GMT
Server: nginx/1.27.1
ETag: "66dbfc0d-13796c"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1276268

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v32/ 13 KB
14 KB 633ms
86ms Font
font/woff2 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: b.up818.com
URL: https://b.up818.com/up/p

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f3.1e100.net

Software

sffe /

Resource Hash

bf9cfe01317e3758dd38982921dc1f26cc7243237d02e7ed90d3830b6f4e8ed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b.up818.com/
Origin: https://b.up818.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 11:45:08 GMT
x-content-type-options: nosniff
age: 259474
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13388
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Sep 2025 11:45:08 GMT

POST
H/1.1 200
OK / Show response
b.up818.com/api/checkValidation/ 25 B
975 B 43ms
41ms XHR
application/json 159.89.100.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://b.up818.com/api/checkValidation/

Requested by

Host: b.up818.com
URL: https://b.up818.com/polyfills.4e51e99fd26af9ba.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

159.89.100.47 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.27.1 /

Resource Hash

b5ba94e0cc9bfec550c44006d7af5e0aa2a89d47f91f68666d50b81463da68cb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Referer: https://b.up818.com/up/p
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Fri, 13 Sep 2024 11:49:43 GMT
Content-Security-Policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: require-corp
X-DNS-Prefetch-Control: off
Cross-Origin-Resource-Policy: same-origin
Connection: keep-alive
Content-Length: 25
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Server: nginx/1.27.1
Cross-Origin-Opener-Policy: same-origin
ETag: W/"19-xgXNzjNUx6Wb8DPV39qu2Ueo8SY"
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Origin-Agent-Cluster: ?1

GET
H/1.1 200
OK test.png
b.up818.com/assets/ 165 KB
165 KB 43ms
41ms Image
image/png 159.89.100.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b.up818.com/assets/test.png
Requested by: Host: b.up818.com
URL: https://b.up818.com/up/p
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.100.47 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.27.1 /
Resource Hash: 23ef1a147f5c033e22c3e3313c1cf37d40b7dc29742527c057cec69ebb92f3a1

Request headers

Referer: https://b.up818.com/up/p
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Fri, 13 Sep 2024 11:49:43 GMT
Last-Modified: Sat, 07 Sep 2024 07:09:03 GMT
Server: nginx/1.27.1
ETag: "66dbfc0f-29412"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 168978

GET
H/1.1 200
OK avatar.jpg
b.up818.com/assets/ 349 KB
350 KB 63ms
61ms Image
image/jpeg 159.89.100.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b.up818.com/assets/avatar.jpg
Requested by: Host: b.up818.com
URL: https://b.up818.com/up/p
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.100.47 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.27.1 /
Resource Hash: 5c68694f8496b9f47c0374da003e5f3c10dee0f06ea9732750b22b00affebe92

Request headers

Referer: https://b.up818.com/up/p
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Fri, 13 Sep 2024 11:49:43 GMT
Last-Modified: Sat, 07 Sep 2024 07:09:03 GMT
Server: nginx/1.27.1
ETag: "66dbfc0f-575f8"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 357880

GET
H/1.1 200
OK phonecall.png
b.up818.com/assets/ 27 KB
27 KB 70ms
68ms Image
image/png 159.89.100.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b.up818.com/assets/phonecall.png
Requested by: Host: b.up818.com
URL: https://b.up818.com/up/p
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.100.47 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.27.1 /
Resource Hash: 390142f4e8646f30fe280fa8fe721fd58d5d7e5c78443dc2f72dc3b0b05d4d74

Request headers

Referer: https://b.up818.com/up/p
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Fri, 13 Sep 2024 11:49:43 GMT
Last-Modified: Sat, 07 Sep 2024 07:09:03 GMT
Server: nginx/1.27.1
ETag: "66dbfc0f-6c1c"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27676

GET
H2 200 k3kXo84MPvpLmixcA63oeALhLIiP-Q-87KaAaH7rzeAODp22mF0qmF4CSjmPC6A0Rg5g1igg1w.114.woff2
fonts.gstatic.com/s/notosanssc/v37/ 57 KB
57 KB 55ms
46ms Font
font/woff2 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanssc/v37/k3kXo84MPvpLmixcA63oeALhLIiP-Q-87KaAaH7rzeAODp22mF0qmF4CSjmPC6A0Rg5g1igg1w.114.woff2

Requested by

Host: b.up818.com
URL: https://b.up818.com/up/p

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f3.1e100.net

Software

sffe /

Resource Hash

1bc1980b5f6a8f1a09859307b263184eea3d78c0432598df6234ac020097a98b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b.up818.com/
Origin: https://b.up818.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 12:07:44 GMT
x-content-type-options: nosniff
age: 258120
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58052
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 22:42:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Sep 2025 12:07:44 GMT

GET
H2 200 k3kXo84MPvpLmixcA63oeALhLIiP-Q-87KaAaH7rzeAODp22mF0qmF4CSjmPC6A0Rg5g1igg1w.118.woff2
fonts.gstatic.com/s/notosanssc/v37/ 45 KB
45 KB 233ms
226ms Font
font/woff2 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanssc/v37/k3kXo84MPvpLmixcA63oeALhLIiP-Q-87KaAaH7rzeAODp22mF0qmF4CSjmPC6A0Rg5g1igg1w.118.woff2

Requested by

Host: b.up818.com
URL: https://b.up818.com/up/p

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f3.1e100.net

Software

sffe /

Resource Hash

072b697fe76eb39b8f9097c752168ca4ad56e68d653bf54de9e950393bcef53a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b.up818.com/
Origin: https://b.up818.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 11:39:30 GMT
x-content-type-options: nosniff
age: 259814
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46236
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 22:41:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Sep 2025 11:39:30 GMT

GET
H2 200 k3kXo84MPvpLmixcA63oeALRLoKI2w328g.woff2
fonts.gstatic.com/s/notosanssc/v37/ 25 KB
25 KB 199ms
192ms Font
font/woff2 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanssc/v37/k3kXo84MPvpLmixcA63oeALRLoKI2w328g.woff2

Requested by

Host: b.up818.com
URL: https://b.up818.com/up/p

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f3.1e100.net

Software

sffe /

Resource Hash

16b3cc86e2dedda089099e588ba0f7e684de5e1ca0b9785b2456ba94a37fbc52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b.up818.com/
Origin: https://b.up818.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 21:32:24 GMT
x-content-type-options: nosniff
age: 51440
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25456
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 22:41:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Sep 2025 21:32:24 GMT

GET
H2 200 k3kXo84MPvpLmixcA63oeALhLIiP-Q-87KaAaH7rzeAODp22mF0qmF4CSjmPC6A0Rg5g1igg1w.119.woff2
fonts.gstatic.com/s/notosanssc/v37/ 75 KB
75 KB 293ms
286ms Font
font/woff2 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanssc/v37/k3kXo84MPvpLmixcA63oeALhLIiP-Q-87KaAaH7rzeAODp22mF0qmF4CSjmPC6A0Rg5g1igg1w.119.woff2

Requested by

Host: b.up818.com
URL: https://b.up818.com/up/p

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f3.1e100.net

Software

sffe /

Resource Hash

9e8f25a5c171ea0f725c220e3086dc716e63662d5ecfe54d1d738510f20ca218

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b.up818.com/
Origin: https://b.up818.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 11:51:51 GMT
x-content-type-options: nosniff
age: 259073
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76864
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 22:40:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Sep 2025 11:51:51 GMT

GET
H2 200 k3kXo84MPvpLmixcA63oeALhLIiP-Q-87KaAaH7rzeAODp22mF0qmF4CSjmPC6A0Rg5g1igg1w.116.woff2
fonts.gstatic.com/s/notosanssc/v37/ 52 KB
52 KB 441ms
434ms Font
font/woff2 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanssc/v37/k3kXo84MPvpLmixcA63oeALhLIiP-Q-87KaAaH7rzeAODp22mF0qmF4CSjmPC6A0Rg5g1igg1w.116.woff2

Requested by

Host: b.up818.com
URL: https://b.up818.com/up/p

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f3.1e100.net

Software

sffe /

Resource Hash

15f3e208e186e56d14f8f5541d47e0f4ff43ea00f22cfc839caba85a3d584744

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b.up818.com/
Origin: https://b.up818.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 12:04:31 GMT
x-content-type-options: nosniff
age: 258313
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53184
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 22:40:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Sep 2025 12:04:31 GMT

GET
H2 200 k3kXo84MPvpLmixcA63oeALhLIiP-Q-87KaAaH7rzeAODp22mF0qmF4CSjmPC6A0Rg5g1igg1w.117.woff2
fonts.gstatic.com/s/notosanssc/v37/ 52 KB
52 KB 256ms
249ms Font
font/woff2 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanssc/v37/k3kXo84MPvpLmixcA63oeALhLIiP-Q-87KaAaH7rzeAODp22mF0qmF4CSjmPC6A0Rg5g1igg1w.117.woff2

Requested by

Host: b.up818.com
URL: https://b.up818.com/up/p

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f3.1e100.net

Software

sffe /

Resource Hash

fe53bd0788612d9d4a5b388a9e1e645f73a2a20e7640fcc2f800d4ff3685dd63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b.up818.com/
Origin: https://b.up818.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 04:45:54 GMT
x-content-type-options: nosniff
age: 25430
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52768
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 22:44:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Sep 2025 04:45:54 GMT

GET
H2 200 k3kXo84MPvpLmixcA63oeALhLIiP-Q-87KaAaH7rzeAODp22mF0qmF4CSjmPC6A0Rg5g1igg1w.111.woff2
fonts.gstatic.com/s/notosanssc/v37/ 61 KB
61 KB 336ms
331ms Font
font/woff2 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanssc/v37/k3kXo84MPvpLmixcA63oeALhLIiP-Q-87KaAaH7rzeAODp22mF0qmF4CSjmPC6A0Rg5g1igg1w.111.woff2

Requested by

Host: b.up818.com
URL: https://b.up818.com/up/p

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f3.1e100.net

Software

sffe /

Resource Hash

2d64e8256f7e9ee72bbab18867fa48456299740a20f077fb6ba00f37862b7431

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b.up818.com/
Origin: https://b.up818.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 15:10:35 GMT
x-content-type-options: nosniff
age: 506349
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62728
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 22:47:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Sep 2025 15:10:35 GMT

GET
H2 200 k3kXo84MPvpLmixcA63oeALhLIiP-Q-87KaAaH7rzeAODp22mF0qmF4CSjmPC6A0Rg5g1igg1w.108.woff2
fonts.gstatic.com/s/notosanssc/v37/ 63 KB
63 KB 115ms
111ms Font
font/woff2 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanssc/v37/k3kXo84MPvpLmixcA63oeALhLIiP-Q-87KaAaH7rzeAODp22mF0qmF4CSjmPC6A0Rg5g1igg1w.108.woff2

Requested by

Host: b.up818.com
URL: https://b.up818.com/up/p

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f3.1e100.net

Software

sffe /

Resource Hash

a647e27c09160d696b923943aa111cd736d196d433689daeecad6e2c45bcbecc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b.up818.com/
Origin: https://b.up818.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 16:54:01 GMT
x-content-type-options: nosniff
age: 68143
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64628
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 22:41:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Sep 2025 16:54:01 GMT

GET
H2 200 k3kXo84MPvpLmixcA63oeALhLIiP-Q-87KaAaH7rzeAODp22mF0qmF4CSjmPC6A0Rg5g1igg1w.115.woff2
fonts.gstatic.com/s/notosanssc/v37/ 55 KB
55 KB 172ms
167ms Font
font/woff2 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanssc/v37/k3kXo84MPvpLmixcA63oeALhLIiP-Q-87KaAaH7rzeAODp22mF0qmF4CSjmPC6A0Rg5g1igg1w.115.woff2

Requested by

Host: b.up818.com
URL: https://b.up818.com/up/p

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f3.1e100.net

Software

sffe /

Resource Hash

abb5616a5d45b0fc4bb606ec57cd032fb4f0c6c0a68aa1ad427fbd0e35151d49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b.up818.com/
Origin: https://b.up818.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 11:42:20 GMT
x-content-type-options: nosniff
age: 259644
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56592
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 22:42:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Sep 2025 11:42:20 GMT

GET
H2 200 k3kXo84MPvpLmixcA63oeALhLIiP-Q-87KaAaH7rzeAODp22mF0qmF4CSjmPC6A0Rg5g1igg1w.113.woff2
fonts.gstatic.com/s/notosanssc/v37/ 57 KB
57 KB 134ms
129ms Font
font/woff2 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanssc/v37/k3kXo84MPvpLmixcA63oeALhLIiP-Q-87KaAaH7rzeAODp22mF0qmF4CSjmPC6A0Rg5g1igg1w.113.woff2

Requested by

Host: b.up818.com
URL: https://b.up818.com/up/p

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f3.1e100.net

Software

sffe /

Resource Hash

993b81c8ecb939d1facf7ac001ef51ad7bd25fb0a05c49aea815cd64fbc4dcef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b.up818.com/
Origin: https://b.up818.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 20:31:05 GMT
x-content-type-options: nosniff
age: 487119
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58636
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 22:40:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Sep 2025 20:31:05 GMT

GET
H2 200 k3kXo84MPvpLmixcA63oeALhLIiP-Q-87KaAaH7rzeAODp22mF0qmF4CSjmPC6A0Rg5g1igg1w.110.woff2
fonts.gstatic.com/s/notosanssc/v37/ 60 KB
60 KB 905ms
900ms Font
font/woff2 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanssc/v37/k3kXo84MPvpLmixcA63oeALhLIiP-Q-87KaAaH7rzeAODp22mF0qmF4CSjmPC6A0Rg5g1igg1w.110.woff2

Requested by

Host: b.up818.com
URL: https://b.up818.com/up/p

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f3.1e100.net

Software

sffe /

Resource Hash

4c4e7ad9613a7c431bef0a50f3433eec495e626b01f8a9c08f833773ab7448e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b.up818.com/
Origin: https://b.up818.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 23:58:05 GMT
x-content-type-options: nosniff
age: 42699
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61564
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 22:43:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Sep 2025 23:58:05 GMT

GET
H2 200 k3kXo84MPvpLmixcA63oeALhLIiP-Q-87KaAaH7rzeAODp22mF0qmF4CSjmPC6A0Rg5g1igg1w.112.woff2
fonts.gstatic.com/s/notosanssc/v37/ 56 KB
56 KB 1007ms
1003ms Font
font/woff2 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanssc/v37/k3kXo84MPvpLmixcA63oeALhLIiP-Q-87KaAaH7rzeAODp22mF0qmF4CSjmPC6A0Rg5g1igg1w.112.woff2

Requested by

Host: b.up818.com
URL: https://b.up818.com/up/p

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f3.1e100.net

Software

sffe /

Resource Hash

60c68494b21a289d7633d0be622e12f313c4d75d45aed0fe0ab5be50dd235279

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b.up818.com/
Origin: https://b.up818.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 11:54:46 GMT
x-content-type-options: nosniff
age: 258898
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57672
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 22:40:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Sep 2025 11:54:46 GMT

POST
H/1.1 403
Forbidden / Show response
b.up818.com/api/getRandomCredentialsCphone/ 28 B
985 B 42ms
41ms XHR
application/json 159.89.100.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://b.up818.com/api/getRandomCredentialsCphone/

Requested by

Host: b.up818.com
URL: https://b.up818.com/polyfills.4e51e99fd26af9ba.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

159.89.100.47 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.27.1 /

Resource Hash

eb9618fd680d8e9eb6eede6457cdee4e6529b7729ddc70cacb54b59aa286e5f1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Referer: https://b.up818.com/up/p
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
auth: https://b.up818.com
Content-Type: application/json

Response headers

Date: Fri, 13 Sep 2024 11:49:44 GMT
Content-Security-Policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: require-corp
X-DNS-Prefetch-Control: off
Cross-Origin-Resource-Policy: same-origin
Connection: keep-alive
Content-Length: 28
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Server: nginx/1.27.1
Cross-Origin-Opener-Policy: same-origin
ETag: W/"1c-7nkOl1XtMsZPmiTyQzI24Vu206Q"
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Origin-Agent-Cluster: ?1

POST
H/1.1 200
OK / Show response
b.up818.com/api/insertPageTrafficDetails/ 73 B
1023 B 78ms
77ms XHR
application/json 159.89.100.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://b.up818.com/api/insertPageTrafficDetails/

Requested by

Host: b.up818.com
URL: https://b.up818.com/polyfills.4e51e99fd26af9ba.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

159.89.100.47 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.27.1 /

Resource Hash

56b5725f8ec8054351311ad11bff55e7d81b241b14cf595f7bc2c9dd0fa6b5c3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Referer: https://b.up818.com/up/p
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Fri, 13 Sep 2024 11:49:44 GMT
Content-Security-Policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: require-corp
X-DNS-Prefetch-Control: off
Cross-Origin-Resource-Policy: same-origin
Connection: keep-alive
Content-Length: 73
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Server: nginx/1.27.1
Cross-Origin-Opener-Policy: same-origin
ETag: W/"49-/ZMmWUVsZc1l1m7ZDnaJ95jj3mo"
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Origin-Agent-Cluster: ?1

POST
H/1.1 200
OK / Show response
b.up818.com/api/getPopupMessageBasedOnTimeZone/ 302 B
1 KB 54ms
52ms XHR
application/json 159.89.100.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://b.up818.com/api/getPopupMessageBasedOnTimeZone/

Requested by

Host: b.up818.com
URL: https://b.up818.com/polyfills.4e51e99fd26af9ba.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

159.89.100.47 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.27.1 /

Resource Hash

9cbdb8414d7c6cf2317c23adb813117a365b4eeee6203e23aeddeaff646b8303

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Referer: https://b.up818.com/up/p
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Fri, 13 Sep 2024 11:49:44 GMT
Content-Security-Policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: require-corp
X-DNS-Prefetch-Control: off
Cross-Origin-Resource-Policy: same-origin
Connection: keep-alive
Content-Length: 302
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Server: nginx/1.27.1
Cross-Origin-Opener-Policy: same-origin
ETag: W/"12e-UxqguGVB/sdStDIKUPgTYGntXyA"
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Origin-Agent-Cluster: ?1

GET
H/1.1 200
OK favicon.ico
b.up818.com/ 4 KB
4 KB 49ms
49ms Other
image/x-icon 159.89.100.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://b.up818.com/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.100.47 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.27.1 /
Resource Hash: a147486efd054b545b691761f02e6cd6150af94bd15a11b5d1eea7fd4c5af451

Request headers

Referer: https://b.up818.com/up/p
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Fri, 13 Sep 2024 11:49:45 GMT
Last-Modified: Sat, 07 Sep 2024 07:09:03 GMT
Server: nginx/1.27.1
ETag: "66dbfc0f-10be"
Content-Type: image/x-icon
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4286

Verdicts & Comments Add Verdict or Comment

156 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackChunkwebRtc function| Zone function| __zone_symbol__Promise function| __zone_symbol__fetch function| __zone_symbol__queueMicrotask function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforexrselectpatched boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononbeforeinputpatched boolean| __zone_symbol__ononbeforematchpatched boolean| __zone_symbol__ononbeforetogglepatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontentvisibilityautostatechangepatched boolean| __zone_symbol__ononcontextlostpatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__ononcontextrestoredpatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__ononformdatapatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononsecuritypolicyviolationpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononslotchangepatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointerrawupdatepatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononmessageerrorpatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononpageswappatched boolean| __zone_symbol__ononpagerevealpatched boolean| __zone_symbol__ononscrollendpatched object| JsSIP number| uidEvent object| __zone_symbol__loadfalse object| __zone_symbol__resizefalse object| bootstrap function| saveAs function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse object| __zone_symbol__orientationchangefalse function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener function| eventListeners function| removeAllListeners

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			cl.gy/	1969-12-31 23:59:59	Name: PHPSESSID Value: 32fea9e882e92bf6f0130ea94116ba35
			cl.gy/	1970-01-20 23:30:29	Name: short_83906 Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://b.up818.com/api/getRandomCredentialsCphone/ Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b.up818.com
cl.gy
fonts.gstatic.com
159.89.100.47
216.58.206.35
35.212.63.232
072b697fe76eb39b8f9097c752168ca4ad56e68d653bf54de9e950393bcef53a
15f3e208e186e56d14f8f5541d47e0f4ff43ea00f22cfc839caba85a3d584744
16b3cc86e2dedda089099e588ba0f7e684de5e1ca0b9785b2456ba94a37fbc52
1a49c6288b18e5a63bcd50c44feaac12f952caf4f226c4a0513cbf46074f082d
1bc1980b5f6a8f1a09859307b263184eea3d78c0432598df6234ac020097a98b
23ef1a147f5c033e22c3e3313c1cf37d40b7dc29742527c057cec69ebb92f3a1
2d64e8256f7e9ee72bbab18867fa48456299740a20f077fb6ba00f37862b7431
30f7ffba789ec0a6be263bb194820f8a37a8ea4a5220fd998f0b085f7fa39e95
390142f4e8646f30fe280fa8fe721fd58d5d7e5c78443dc2f72dc3b0b05d4d74
4c4e7ad9613a7c431bef0a50f3433eec495e626b01f8a9c08f833773ab7448e7
56b5725f8ec8054351311ad11bff55e7d81b241b14cf595f7bc2c9dd0fa6b5c3
5c68694f8496b9f47c0374da003e5f3c10dee0f06ea9732750b22b00affebe92
60c68494b21a289d7633d0be622e12f313c4d75d45aed0fe0ab5be50dd235279
674aba07e3bbc217921785d5a109124747bfc670bede7bae6369db46d82e5c9b
993b81c8ecb939d1facf7ac001ef51ad7bd25fb0a05c49aea815cd64fbc4dcef
9cbdb8414d7c6cf2317c23adb813117a365b4eeee6203e23aeddeaff646b8303
9e8f25a5c171ea0f725c220e3086dc716e63662d5ecfe54d1d738510f20ca218
a147486efd054b545b691761f02e6cd6150af94bd15a11b5d1eea7fd4c5af451
a647e27c09160d696b923943aa111cd736d196d433689daeecad6e2c45bcbecc
abb5616a5d45b0fc4bb606ec57cd032fb4f0c6c0a68aa1ad427fbd0e35151d49
b5ba94e0cc9bfec550c44006d7af5e0aa2a89d47f91f68666d50b81463da68cb
befb7b1934ab633b47db3b5d0053b59d69cf3fecdb16543d372ce26df080e496
bf9cfe01317e3758dd38982921dc1f26cc7243237d02e7ed90d3830b6f4e8ed0
d166cb013c46cccc8462594c532bce0aa7216a174245819f34d0c51d0e87bf47
eb9618fd680d8e9eb6eede6457cdee4e6529b7729ddc70cacb54b59aa286e5f1
f4491863cf6dd69a4a5589494a1ed441e30673bf2cd87c8f190e229b346f86a0
fe53bd0788612d9d4a5b388a9e1e645f73a2a20e7640fcc2f800d4ff3685dd63

b.up818.com Open in urlscan Pro 159.89.100.47 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

27 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

2 IPs

2 Countries

3326 kBTransfer

3618 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

156 JavaScript Global Variables

2 Cookies

b.up818.com Open in urlscan Pro
159.89.100.47 Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

3326 kB
Transfer

3618 kB
Size

2
Cookies

27 HTTP transactions
0 data transactions