urlscan.io logo urlscan.io
SecurityTrails logo

vup.to Open in urlscan Pro
2606:4700:30::681b:9e9a  Public Scan

Go To Rescan Add Verdict Report
URL: https://vup.to/embed-fa8nalczjhbl.html
Submission: On January 06 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 5 countries across 15 domains to perform 45 HTTP transactions. The main IP is 2606:4700:30::681b:9e9a, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is vup.to.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on August 26th 2019. Valid for: a year.
This is the only time vup.to was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 2606:4700:30:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 23.111.9.35 33438 (HIGHWINDS2)
1 2a00:1450:400... 15169 (GOOGLE)
2 198.134.112.241 27257 (WEBAIR-IN...)
2 88.85.66.195 35415 (WEBZILLA)
1 2a00:1450:400... 15169 (GOOGLE)
1 195.181.170.17 60068 (CDN77)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 23.23.178.66 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 35.190.8.27 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 162.252.214.5 53334 (TUT-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 185.200.118.90 9009 (M247)
1 38.132.109.186 9009 (M247)
1 185.200.116.90 9009 (M247)
1 216.21.13.17 53334 (TUT-AS)
45 22
16    2606:4700:30::681b:9e9a (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
vup.to
cdn.vup.to
img.vup.to
2    2a00:1450:4001:824::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
1    23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)
use.fontawesome.com
1    2a00:1450:4001:821::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
2    198.134.112.241 (Garden City, United States)

ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US)
dadsecz.com
2    88.85.66.195 (Netherlands)

ASN35415 (WEBZILLA, NL)
deloplen.com
1    2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.gstatic.com
1    195.181.170.17 (Frankfurt am Main, Germany)

ASN60068 (CDN77, GB)
PTR: frankfurt-15.cdn77.com
c1.popads.net
2    2606:4700::6811:c16b (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
fbcdn2.com
2    2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    23.23.178.66 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-23-23-178-66.compute-1.amazonaws.com
perr.h-cdn.com
1    2a00:1450:4001:815::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
1    2606:4700:30::6812:3647 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ufpcdn.com
1    35.190.8.27 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 27.8.190.35.bc.googleusercontent.com
onclicksuper.com
3    2606:4700::6811:a7ba (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
c.adsco.re
6.adsco.re
2    162.252.214.5 (United States)

ASN53334 (TUT-AS - Total Uptime Technologies, LLC, US)
adsco.re
1    2606:4700::6811:a6ba (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
6.adsco.re
1    185.200.118.90 (London, United Kingdom)

ASN9009 (M247, GB)
PTR: adscore.com
xcc1rvttryco.l.adsco.re
1    38.132.109.186 (New York, United States)

ASN9009 (M247, GB)
xcc1rvttryco.n.adsco.re
1    185.200.116.90 (Singapore, Singapore)

ASN9009 (M247, GB)
PTR: no-mans-land.m247.com
xcc1rvttryco.s.adsco.re
1    216.21.13.17 (United States)

ASN53334 (TUT-AS - Total Uptime Technologies, LLC, US)
serve.popads.net
Domain Requested by
11 cdn.vup.to vup.to
4 vup.to vup.to
cdn.vup.to
2 adsco.re c.adsco.re
2 6.adsco.re c.adsco.re
2 c.adsco.re c1.popads.net
c.adsco.re
2 www.google-analytics.com www.googletagmanager.com
vup.to
2 fbcdn2.com vup.to
2 deloplen.com vup.to
deloplen.com
2 dadsecz.com vup.to
2 fonts.googleapis.com vup.to
cdn.vup.to
1 serve.popads.net c1.popads.net
1 xcc1rvttryco.s.adsco.re c.adsco.re
1 xcc1rvttryco.n.adsco.re c.adsco.re
1 xcc1rvttryco.l.adsco.re c.adsco.re
1 onclicksuper.com vup.to
1 ufpcdn.com vup.to
1 fonts.gstatic.com cdn.vup.to
1 perr.h-cdn.com cdn.vup.to
1 c1.popads.net vup.to
1 www.gstatic.com vup.to
1 img.vup.to vup.to
1 www.googletagmanager.com vup.to
1 use.fontawesome.com vup.to
0 cdn10.megaupload.to Failed cdn.vup.to
45 24

This site contains links to these domains. Also see Links.

Domain
adsco.re
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-08-26 -
2020-08-25		 a year crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2019-12-03 -
2020-02-25		 3 months crt.sh
*.fontawesome.com
DigiCert SHA2 Secure Server CA		 2019-10-28 -
2020-12-23		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-12-03 -
2020-02-25		 3 months crt.sh
dadsecz.com
Let's Encrypt Authority X3		 2019-12-09 -
2020-03-08		 3 months crt.sh
deloplen.com
Let's Encrypt Authority X3		 2019-12-01 -
2020-02-29		 3 months crt.sh
*.google.com
GTS CA 1O1		 2019-12-03 -
2020-02-25		 3 months crt.sh
1355769017.rsc.cdn77.org
Let's Encrypt Authority X3		 2019-11-04 -
2020-02-02		 3 months crt.sh
www.fbcdn2.com
COMODO RSA Domain Validation Secure Server CA		 2017-10-23 -
2020-10-22		 3 years crt.sh
*.h-cdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-07-15 -
2020-07-17		 a year crt.sh
sni110177.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-09-20 -
2020-03-28		 6 months crt.sh
www.onclicksuper.com
COMODO RSA Domain Validation Secure Server CA		 2017-10-18 -
2020-10-17		 3 years crt.sh
*.adsco.re
COMODO RSA Organization Validation Secure Server CA		 2017-09-26 -
2020-09-25		 3 years crt.sh
*.l.adsco.re
COMODO RSA Domain Validation Secure Server CA		 2018-07-14 -
2020-07-13		 2 years crt.sh
*.n.adsco.re
COMODO RSA Domain Validation Secure Server CA		 2018-07-30 -
2020-07-29		 2 years crt.sh
*.s.adsco.re
COMODO RSA Domain Validation Secure Server CA		 2018-07-30 -
2020-07-29		 2 years crt.sh
*.popads.net
Sectigo RSA Domain Validation Secure Server CA		 2019-10-29 -
2021-10-29		 2 years crt.sh

This page contains 4 frames:

Primary Page: https://vup.to/embed-fa8nalczjhbl.html
Frame ID: 9B36937D25AB809A550F981EF0627AEB
Requests: 45 HTTP requests in this frame

Frame: https://deloplen.com/fac.php
Frame ID: 0AE3DEB5D1497509801F93706A0B180C
Requests: 1 HTTP requests in this frame

Frame: https://ufpcdn.com/script/identify.html?frmt=0
Frame ID: B104DBBDED6BBC56BDEF6AE358B4D693
Requests: 1 HTTP requests in this frame

Frame: https://c.adsco.re/
Frame ID: 3F8E363E365F06D41D2AA6DEC57153C5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • html /<script[^>]* src=[^>]+fontawesome(?:\.js)?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

45
Requests

98 %
HTTPS

48 %
IPv6

15
Domains

24
Subdomains

22
IPs

5
Countries

1100 kB
Transfer

2912 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request embed-fa8nalczjhbl.html
vup.to/ 		56 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vup.to/embed-fa8nalczjhbl.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:9e9a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d511847c0cae53cd06d1ac02b8bb1d388c9e1da319d0562fc30e94c211be235f
Security Headers
Name Value
X-Frame-Options 1

Request headers

:method
GET
:authority
vup.to
:scheme
https
:path
/embed-fa8nalczjhbl.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Sec-Fetch-User
?1

Response headers

status
200
date
Mon, 06 Jan 2020 16:13:36 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d5828dfa38057f332ee377fd62e720ff11578327216; expires=Wed, 05-Feb-20 16:13:36 GMT; path=/; domain=.vup.to; HttpOnly; SameSite=Lax; Secure
expires
Sun, 05 Jan 2020 16:13:36 GMT
x-frame-options
1
vary
Accept-Encoding,User-Agent
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
550efaef9826c277-FRA
content-encoding
br
css
fonts.googleapis.com/ 		3 KB
484 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Quicksand:400,500,700
Requested by
Host: vup.to
URL: https://vup.to/embed-fa8nalczjhbl.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
47f851dd764d7df93abda40518fe798e8fe603ede35dfcc5b5e10c1de22d9b8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://vup.to/embed-fa8nalczjhbl.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 06 Jan 2020 16:13:36 GMT
server
ESF
access-control-allow-origin
*
date
Mon, 06 Jan 2020 16:13:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Mon, 06 Jan 2020 16:13:36 GMT
all.js
use.fontawesome.com/releases/v5.3.1/js/ 		963 KB
401 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.3.1/js/all.js
Requested by
Host: vup.to
URL: https://vup.to/embed-fa8nalczjhbl.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
8cb270b4d9485a93b31df98113fda8723ffc067fa7bfa90cedd47b76f7b10be1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://vup.to/embed-fa8nalczjhbl.html
Origin
https://vup.to

Response headers

date
Mon, 06 Jan 2020 16:13:36 GMT
content-encoding
gzip
last-modified
Tue, 28 Aug 2018 18:00:39 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
W/"d0482db440697a659af4980d2e841891"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
status
200
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
main.min.css
cdn.vup.to/css/ 		29 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.vup.to/css/main.min.css
Requested by
Host: vup.to
URL: https://vup.to/embed-fa8nalczjhbl.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:9e9a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bf9a3ab98f863dac9b71012d072902453aa6c4e16f5b11ce33f1bb4f51d5ed7

Request headers

Referer
https://vup.to/embed-fa8nalczjhbl.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 06 Jan 2020 16:13:36 GMT
content-encoding
br
cdn-cache-hit
1
cf-cache-status
REVALIDATED
status
200
cdn-node
FRA1-SO03022
last-modified
Tue, 01 Oct 2019 10:43:32 GMT
server
cloudflare
etag
W/"5d932dd4-7571"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
550efaf06aa9c277-FRA
cdn-cache
HIT
expires
Mon, 06 Jan 2020 16:13:36 GMT
jquery.min.js
cdn.vup.to/js/ 		94 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.vup.to/js/jquery.min.js
Requested by
Host: vup.to
URL: https://vup.to/embed-fa8nalczjhbl.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:9e9a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Referer
https://vup.to/embed-fa8nalczjhbl.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 06 Jan 2020 16:13:36 GMT
content-encoding
br
cdn-cache-hit
1
cf-cache-status
REVALIDATED
status
200
cdn-node
FRA1-SO03022
last-modified
Wed, 26 Sep 2018 13:03:47 GMT
server
cloudflare
etag
W/"5bab83b3-1762a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
550efaf06aafc277-FRA
cdn-cache
HIT
expires
Mon, 06 Jan 2020 16:13:36 GMT
xupload.js
cdn.vup.to/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.vup.to/js/xupload.js
Requested by
Host: vup.to
URL: https://vup.to/embed-fa8nalczjhbl.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:9e9a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b6ad945b300c48a534e36962be6c12e3357f6eecb6abc0e18f51a00fea3c400

Request headers

Referer
https://vup.to/embed-fa8nalczjhbl.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 06 Jan 2020 16:13:36 GMT
content-encoding
br
cdn-cache-hit
1
cf-cache-status
REVALIDATED
status
200
cdn-node
FRA1-SO03001
last-modified
Thu, 04 Oct 2018 08:43:55 GMT
server
cloudflare
etag
W/"5bb5d2cb-2657"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
550efaf06aabc277-FRA
cdn-cache
HIT
expires
Mon, 06 Jan 2020 16:13:36 GMT
jquery.cookie.js
cdn.vup.to/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.vup.to/js/jquery.cookie.js
Requested by
Host: vup.to
URL: https://vup.to/embed-fa8nalczjhbl.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:9e9a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
75aef2e95ea7f3a70999396fba0c2ab866f4ff06313cf1b07780d800a5fc1ebc

Request headers

Referer
https://vup.to/embed-fa8nalczjhbl.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 06 Jan 2020 16:13:36 GMT
content-encoding
br
cdn-cache-hit
1
cf-cache-status
REVALIDATED
status
200
cdn-node
FRA1-SO03001
last-modified
Wed, 26 Sep 2018 13:03:46 GMT
server
cloudflare
etag
W/"5bab83b2-10eb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
550efaf06aadc277-FRA
cdn-cache
HIT
expires
Mon, 06 Jan 2020 16:13:36 GMT
js
www.googletagmanager.com/gtag/ 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-126741147-1
Requested by
Host: vup.to
URL: https://vup.to/embed-fa8nalczjhbl.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
238803147293f6c158c157b0d3d9aac3e290df325f71ff07cdcd39b7fff76606
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://vup.to/embed-fa8nalczjhbl.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 06 Jan 2020 16:13:36 GMT
content-encoding
br
last-modified
Mon, 06 Jan 2020 15:00:00 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
27813
x-xss-protection
0
expires
Mon, 06 Jan 2020 16:13:36 GMT
invoke.js
dadsecz.com/f4caef4aa7cf70d593c8b8cc970efb64/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://dadsecz.com/f4caef4aa7cf70d593c8b8cc970efb64/invoke.js
Requested by
Host: vup.to
URL: https://vup.to/embed-fa8nalczjhbl.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.134.112.241 Garden City, United States, ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash

Request headers

Referer
https://vup.to/embed-fa8nalczjhbl.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 06 Jan 2020 16:13:48 GMT
Server
nginx/1.16.0
Connection
keep-alive
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Length
0
Content-Type
application/javascript
apu.php
deloplen.com/ 		98 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://deloplen.com/apu.php?zoneid=2798451
Requested by
Host: vup.to
URL: https://vup.to/embed-fa8nalczjhbl.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
88.85.66.195 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
ca86d1521cb178b94ec15bd3828c23413edd8e502aaee5ad3b9ad0095adb3afc
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://vup.to/embed-fa8nalczjhbl.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 06 Jan 2020 16:13:36 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
X-Trace-Id
3f4c85b85cf89e85e0fcb9a2c56f758e
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=1
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Authorization
Cache-Control
no-transform, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
*, *
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
Expires
Tue, 11 Jan 1994 10:00:00 GMT
a08e35bc2ee96d594e211454e8c6b36f.js
dadsecz.com/a0/8e/35/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://dadsecz.com/a0/8e/35/a08e35bc2ee96d594e211454e8c6b36f.js
Requested by
Host: vup.to
URL: https://vup.to/embed-fa8nalczjhbl.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.134.112.241 Garden City, United States, ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash

Request headers

Referer
https://vup.to/embed-fa8nalczjhbl.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 06 Jan 2020 16:13:48 GMT
Server
nginx/1.16.0
Connection
keep-alive
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Length
0
Content-Type
application/javascript
v5rx53l2q1q60000.jpg
img.vup.to/54/01/00076/ 		195 KB
196 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.vup.to/54/01/00076/v5rx53l2q1q60000.jpg
Requested by
Host: vup.to
URL: https://vup.to/embed-fa8nalczjhbl.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:9e9a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d4dc69af7a3da2f98d3b7734996a69899a702109859eae84d77b46a16579713

Request headers

Referer
https://vup.to/embed-fa8nalczjhbl.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 06 Jan 2020 16:13:37 GMT
cf-cache-status
HIT
last-modified
Tue, 26 Nov 2019 11:57:08 GMT
server
cloudflare
age
92772
etag
"5ddd1314-30d40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
550efaf28a43c277-FRA
content-length
200000
expires
Thu, 16 Jan 2020 08:39:33 GMT
hola_player.js
cdn.vup.to/player_hola/ 		970 KB
227 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.vup.to/player_hola/hola_player.js
Requested by
Host: vup.to
URL: https://vup.to/embed-fa8nalczjhbl.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:9e9a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6e4e7eb25d120d67b4c8aec58809a8e7c8024ad8f3257e1ea7c7a33ec4dac93

Request headers

Referer
https://vup.to/embed-fa8nalczjhbl.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 06 Jan 2020 16:13:36 GMT
content-encoding
br
cdn-cache-hit
1
cf-cache-status
REVALIDATED
status
200
cdn-node
FRA1-SO03022
last-modified
Sun, 28 Jul 2019 12:28:30 GMT
server
cloudflare
etag
W/"5d3d94ee-f2760"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
550efaf07b00c277-FRA
cdn-cache
HIT
expires
Mon, 06 Jan 2020 16:13:36 GMT
videojs.hotkeys.min.js
cdn.vup.to/player_hola/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.vup.to/player_hola/videojs.hotkeys.min.js
Requested by
Host: vup.to
URL: https://vup.to/embed-fa8nalczjhbl.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:9e9a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
688a19b3d27111cbd009ced47470cb943871fed095564ab3660f89d290333ae0

Request headers

Referer
https://vup.to/embed-fa8nalczjhbl.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 06 Jan 2020 16:13:36 GMT
content-encoding
br
cdn-cache-hit
1
cf-cache-status
REVALIDATED
status
200
cdn-node
FRA1-SO03001
last-modified
Thu, 28 Feb 2019 21:10:41 GMT
server
cloudflare
etag
W/"5c784e51-10b7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
550efaf12d33c277-FRA
cdn-cache
HIT
expires
Mon, 06 Jan 2020 16:13:36 GMT
videojs-contrib-hls.min.js
cdn.vup.to/player_hola/ 		205 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.vup.to/player_hola/videojs-contrib-hls.min.js
Requested by
Host: vup.to
URL: https://vup.to/embed-fa8nalczjhbl.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:9e9a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fab55c17047e5f272d76bd485705ab08864238ec024af42665953ab6ddf6fbf3

Request headers

Referer
https://vup.to/embed-fa8nalczjhbl.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 06 Jan 2020 16:13:36 GMT
content-encoding
br
cdn-cache-hit
1
cf-cache-status
REVALIDATED
status
200
cdn-node
FRA1-SO03001
last-modified
Thu, 28 Feb 2019 21:10:41 GMT
server
cloudflare
etag
W/"5c784e51-3327d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
550efaf14dbdc277-FRA
cdn-cache
HIT
expires
Mon, 06 Jan 2020 16:13:36 GMT
videojs-brand.min.js
cdn.vup.to/player_hola/ 		2 KB
944 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.vup.to/player_hola/videojs-brand.min.js
Requested by
Host: vup.to
URL: https://vup.to/embed-fa8nalczjhbl.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:9e9a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
552a49495203e48a3bf0068405062c3cde218ef10e1936acd9eec0f15a3d04a7

Request headers

Referer
https://vup.to/embed-fa8nalczjhbl.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 06 Jan 2020 16:13:36 GMT
content-encoding
br
cdn-cache-hit
1
cf-cache-status
REVALIDATED
status
200
cdn-node
FRA1-SO03001
last-modified
Tue, 30 Jul 2019 11:49:03 GMT
server
cloudflare
etag
W/"5d402eaf-7db"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
550efaf14dc0c277-FRA
cdn-cache
HIT
expires
Mon, 06 Jan 2020 16:13:36 GMT
videojs-chromecast.css
cdn.vup.to/player_hola/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.vup.to/player_hola/videojs-chromecast.css
Requested by
Host: vup.to
URL: https://vup.to/embed-fa8nalczjhbl.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:9e9a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4211532d4efae12dd95b670e72e326f6f5a906ac7ca64c6ab2feb3fd417284a7

Request headers

Referer
https://vup.to/embed-fa8nalczjhbl.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 06 Jan 2020 16:13:36 GMT
content-encoding
br
cdn-cache-hit
1
cf-cache-status
REVALIDATED
status
200
cdn-node
FRA1-SO03001
last-modified
Tue, 30 Jul 2019 12:18:30 GMT
server
cloudflare
etag
W/"5d403596-13f4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
550efaf16e23c277-FRA
cdn-cache
HIT
expires
Mon, 06 Jan 2020 16:13:36 GMT
videojs-brand.css
cdn.vup.to/player_hola/ 		491 B
350 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.vup.to/player_hola/videojs-brand.css
Requested by
Host: vup.to
URL: https://vup.to/embed-fa8nalczjhbl.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:9e9a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
548c0531ddce755744c28e79d6c2fe257192191dabbe7d3607269368ba83f444

Request headers

Referer
https://vup.to/embed-fa8nalczjhbl.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 06 Jan 2020 16:13:36 GMT
content-encoding
br
cdn-cache-hit
1
cf-cache-status
REVALIDATED
status
200
cdn-node
FRA1-SO03001
last-modified
Tue, 30 Jul 2019 12:00:26 GMT
server
cloudflare
etag
W/"1eb-58ee4c10b8a80-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
text/css
access-control-allow-origin
*
x-accel-version
0.01
cache-control
public, max-age=14400, must-revalidate
cf-ray
550efaf18ebac277-FRA
cdn-cache
HIT
expires
Mon, 06 Jan 2020 16:13:36 GMT
videojs-chromecast.min.js
cdn.vup.to/player_hola/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.vup.to/player_hola/videojs-chromecast.min.js
Requested by
Host: vup.to
URL: https://vup.to/embed-fa8nalczjhbl.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:9e9a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
97ea5755f0133dbd54dc8424efe98b429b145efbee6b0cb3408c5c1011c3a01a

Request headers

Referer
https://vup.to/embed-fa8nalczjhbl.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 06 Jan 2020 16:13:36 GMT
content-encoding
br
cdn-cache-hit
1
cf-cache-status
REVALIDATED
status
200
cdn-node
FRA1-SO03001
last-modified
Mon, 15 May 2017 07:25:42 GMT
server
cloudflare
etag
W/"591957f6-481d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
550efaf18ebec277-FRA
cdn-cache
HIT
expires
Mon, 06 Jan 2020 16:13:36 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ 		1 KB
810 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Requested by
Host: vup.to
URL: https://vup.to/embed-fa8nalczjhbl.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
87abd10ff4dde54aa21a9acf3dfd863f6ff99e35f74b9ab3987cf2e36b817bff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vup.to/embed-fa8nalczjhbl.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 06 Jan 2020 15:42:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 31 Jan 2019 17:53:10 GMT
server
sffe
age
1857
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
680
x-xss-protection
0
expires
Mon, 06 Jan 2020 16:32:39 GMT
pop.js
vup.to/ads/ 		75 B
173 B 		Script
General
Check archive.org
Download Go to
Full URL
https://vup.to/ads/pop.js
Requested by
Host: vup.to
URL: https://vup.to/embed-fa8nalczjhbl.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:9e9a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ea0b5729bd07f93c48263885c373ad53a231248266e9b28b851e98d6b117af0

Request headers

Referer
https://vup.to/embed-fa8nalczjhbl.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 06 Jan 2020 16:13:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 07 Oct 2019 13:14:21 GMT
x-accel-version
0.01
age
1021
etag
W/"4b-59451d473da46-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
550efaf1af53c277-FRA
server
cloudflare
pop.js
c1.popads.net/ 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1.popads.net/pop.js
Requested by
Host: vup.to
URL: https://vup.to/embed-fa8nalczjhbl.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.170.17 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-15.cdn77.com
Software
CDN77-Turbo /
Resource Hash
5f7dfb159c9213a481ed748e06e270486e24def0aa5b2221781306fa708ca96c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://vup.to/embed-fa8nalczjhbl.html
Origin
https://vup.to

Response headers

date
Mon, 06 Jan 2020 16:13:38 GMT
content-encoding
br
last-modified
Thu, 12 Dec 2019 21:50:35 GMT
server
CDN77-Turbo
access-control-allow-origin
*
x-edge-location
frankfurtDE
etag
W/"5df2b62b-7bef"
x-cache
HIT
content-type
application/javascript
status
200
x-edge-ip
195.181.170.15
x-age
5873
alt-svc
quic="195.181.170.15:443"; ma=2592000; v="44,43,39"
compatibility.js
fbcdn2.com/script/ 		12 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fbcdn2.com/script/compatibility.js
Requested by
Host: vup.to
URL: https://vup.to/embed-fa8nalczjhbl.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6811:c16b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
424c22882d902d767bff802920ee13a2ad43a10a5d80933359e0908c38f9b75c

Request headers

Referer
https://vup.to/embed-fa8nalczjhbl.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 06 Jan 2020 16:13:37 GMT
content-encoding
gzip
cf-cache-status
HIT
age
3144
status
200
x-guploader-uploadid
AEnB2UrgdZkOAbXMoCRAqD-fCeg-fPWRylx6iDgei-fLniXa5MbUK5gewwwYmSzIjS5gb0uarhpKONdXeeSy99W7wNsB8MIY1A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Thu, 14 Nov 2019 10:12:19 GMT
server
cloudflare
etag
W/"4798f8dea4e1699c741550414944af68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=bUD+ww==, md5=R5j43qThaZx0FVBBSUSvaA==
content-type
application/javascript
x-goog-generation
1573726339118281
cache-control
public, max-age=14400
x-goog-stored-content-length
12119
cf-ray
550efaf70f8cd6b9-FRA
expires
Mon, 06 Jan 2020 20:13:37 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-126741147-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://vup.to/embed-fa8nalczjhbl.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
2123
date
Mon, 06 Jan 2020 15:38:14 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Mon, 06 Jan 2020 17:38:14 GMT
license_init
perr.h-cdn.com/hola_player/ 		2 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://perr.h-cdn.com/hola_player/license_init?v=1.0.165&hls=1.0.165&hosted=true&url=https%3A%2F%2Fvup.to%2Fembed-fa8nalczjhbl.html
Requested by
Host: cdn.vup.to
URL: https://cdn.vup.to/player_hola/hola_player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.23.178.66 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-23-23-178-66.compute-1.amazonaws.com
Software
nginx/1.15.9 (Ubuntu) /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://vup.to/embed-fa8nalczjhbl.html
Origin
https://vup.to

Response headers

Date
Mon, 06 Jan 2020 16:13:38 GMT
Server
nginx/1.15.9 (Ubuntu)
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Range, Date, ETag, X-Cache, X-Hola-Resp, X-Date, X-Hola-Fullsize, Content-Length
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
2
css
fonts.googleapis.com/ 		4 KB
677 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500
Requested by
Host: cdn.vup.to
URL: https://cdn.vup.to/player_hola/hola_player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
efe95cb2cc312e0132b0ce914c642ecee0534223df3f1d47579cdabe6cc070cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://vup.to/embed-fa8nalczjhbl.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 06 Jan 2020 16:13:37 GMT
server
ESF
access-control-allow-origin
*
date
Mon, 06 Jan 2020 16:13:37 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Mon, 06 Jan 2020 16:13:37 GMT
master.m3u8
cdn10.megaupload.to/hls/4ib573z6hmi7bh3jeofaijfkfokphvdf5v4lbu72q,mm7hqwk5odzhcouifca,um7hqwk5od6yg63qbja,.urlset/ 		0
0
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		715 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fefd5c42d249823c4ed9ad5d1a8bf05321644a1fcc4c215ce1d030b4c90aeda2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Origin
https://vup.to

Response headers

Content-Type
application/font-woff;charset=utf-8
6xKtdSZaM9iE8KbpRA_hK1QNYuDyPw.woff2
fonts.gstatic.com/s/quicksand/v19/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/quicksand/v19/6xKtdSZaM9iE8KbpRA_hK1QNYuDyPw.woff2
Requested by
Host: cdn.vup.to
URL: https://cdn.vup.to/js/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b47478ebfad192488b281cb20b85ef93444ff24c547c4a03511e400defb38aa5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Quicksand:400,500,700
Origin
https://vup.to

Response headers

date
Wed, 20 Nov 2019 01:05:34 GMT
x-content-type-options
nosniff
last-modified
Mon, 21 Oct 2019 23:05:45 GMT
server
sffe
age
4115283
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
26160
x-xss-protection
0
expires
Thu, 19 Nov 2020 01:05:34 GMT
fac.php
deloplen.com/ Frame 0AE3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://deloplen.com/fac.php
Requested by
Host: deloplen.com
URL: https://deloplen.com/apu.php?zoneid=2798451
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
88.85.66.195 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Host
deloplen.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://vup.to/embed-fa8nalczjhbl.html
Accept-Encoding
gzip, deflate, br
Cookie
OAID=8ef00285299347c1952218d692395c7c; oaidts=1578327216
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://vup.to/embed-fa8nalczjhbl.html

Response headers

Server
nginx
Date
Mon, 06 Jan 2020 16:13:37 GMT
Content-Type
text/html; charset=utf8
Content-Length
197
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding
Pragma
no-cache
Cache-Control
no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires
Tue, 11 Jan 1994 10:00:00 GMT
X-Trace-Id
dcb9b79a989fb4636c1cdba480b3738d
Strict-Transport-Security
max-age=1
X-Content-Type-Options
nosniff
Timing-Allow-Origin
*
dl
vup.to/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vup.to/dl?op=get_slides&length=7509.78&url=https://img.vup.to/54/01/00076/v5rx53l2q1q60000.jpg
Requested by
Host: cdn.vup.to
URL: https://cdn.vup.to/player_hola/hola_player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:9e9a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f93350ff62c3f475b8d6b30da6bc28b059d55f0065fdf7e2458f4d0178db7540

Request headers

Referer
https://vup.to/embed-fa8nalczjhbl.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 06 Jan 2020 16:13:37 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
text/vtt
status
200
cf-ray
550efaf79bb1c277-FRA
empty.vtt
vup.to/srt/ 		10 B
223 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vup.to/srt/empty.vtt
Requested by
Host: cdn.vup.to
URL: https://cdn.vup.to/player_hola/hola_player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:9e9a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6780f75f27ae7bc4ad240abd1c65cc15d28aa1c0b6e732700a9d9e8614e5b336

Request headers

Referer
https://vup.to/embed-fa8nalczjhbl.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 06 Jan 2020 16:13:37 GMT
cf-cache-status
DYNAMIC
last-modified
Fri, 26 Jul 2019 15:12:01 GMT
x-accel-version
0.01
etag
"a-58e96f6d5d240"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent
content-type
text/vtt; charset=utf-8
status
200
accept-ranges
bytes
cf-ray
550efaf7abc1c277-FRA
content-length
10
server
cloudflare
identify.html
ufpcdn.com/script/ Frame B104 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ufpcdn.com/script/identify.html?frmt=0
Requested by
Host: vup.to
URL: https://vup.to/embed-fa8nalczjhbl.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3647 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
ufpcdn.com
:scheme
https
:path
/script/identify.html?frmt=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://vup.to/embed-fa8nalczjhbl.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://vup.to/embed-fa8nalczjhbl.html

Response headers

status
200
date
Mon, 06 Jan 2020 16:13:38 GMT
content-type
text/html
set-cookie
__cfduid=da72e5e26e1f69df77058f3111a220a061578327217; expires=Wed, 05-Feb-20 16:13:37 GMT; path=/; domain=.ufpcdn.com; HttpOnly; SameSite=Lax
last-modified
Tue, 15 May 2018 06:39:25 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
550efaf7db049724-FRA
content-encoding
br
collect
www.google-analytics.com/r/ 		35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1046637024&t=pageview&_s=1&dl=https%3A%2F%2Fvup.to%2Fembed-fa8nalczjhbl.html&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=717220371&gjid=1344473481&cid=1542492606.1578327218&tid=UA-126741147-1&_gid=362940818.1578327218&_r=1&gtm=2ouc61&z=995840188
Requested by
Host: vup.to
URL: https://vup.to/embed-fa8nalczjhbl.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://vup.to/embed-fa8nalczjhbl.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Jan 2020 16:13:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
suurl.php
onclicksuper.com/script/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onclicksuper.com/script/suurl.php?r=2242523&cbrandom=0.513801846347083&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=&cbref=&cbdescription=&cbkeywords=&cbcdn=fbcdn2.com&ufp=8806669758934675921872572100
Requested by
Host: vup.to
URL: https://vup.to/embed-fa8nalczjhbl.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.8.27 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
27.8.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
543080df6bd6eff2bfd45acd546aec43aa2be88654e4e10bce3319959f601b06

Request headers

Referer
https://vup.to/embed-fa8nalczjhbl.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Jan 2020 16:13:38 GMT
content-encoding
gzip
referrer-policy
no-referrer
content-type
text/html; charset=utf-8
server
openresty
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
status
200
cache-control
no-store, no-cache, no-transform, must-revalidate, max-age=0, post-check=0, pre-check=0
x-robots-tag
noindex
alt-svc
clear
via
1.1 google
expires
Sat, 26 Jul 1997 05:00:00 GMT
chrome.js
fbcdn2.com/script/ 		18 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fbcdn2.com/script/chrome.js
Requested by
Host: vup.to
URL: https://vup.to/embed-fa8nalczjhbl.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6811:c16b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd185dfbf9ab9c108d634166de89aed49aa428db7b7a50d7eb8e23faf81196ca

Request headers

Referer
https://vup.to/embed-fa8nalczjhbl.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 06 Jan 2020 16:13:38 GMT
content-encoding
gzip
cf-cache-status
HIT
age
266
status
200
x-guploader-uploadid
AEnB2Uruf3_5tjXQNKmxm9uRwkyLPbCT1YECAh0gCzDZl-nietgwn0kXa7U5nd36vra49SOebcLfPU6pJJOIitFO6iGYQuLvpA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Thu, 31 Oct 2019 10:14:31 GMT
server
cloudflare
etag
W/"2990eae17895f67de9f4fbca62475041"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=hVwIww==, md5=KZDq4XiV9n3p9PvKYkdQQQ==
content-type
application/javascript
x-goog-generation
1572516871888329
cache-control
public, max-age=14400
x-goog-stored-content-length
18777
cf-ray
550efaf8ee83d6b9-FRA
expires
Mon, 06 Jan 2020 20:13:38 GMT
/
c.adsco.re/ 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.adsco.re/
Requested by
Host: c1.popads.net
URL: https://c1.popads.net/pop.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b66e0ae4a3a7b8e6a280d5b512ba4dcf43afb3ae8862fed33266a038cbe1f154

Request headers

Referer
https://vup.to/embed-fa8nalczjhbl.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 06 Jan 2020 16:13:38 GMT
content-encoding
gzip
cf-cache-status
HIT
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server
cloudflare
age
1356587
etag
"a73Qdnp6tbMta3RY0Wgotw=="
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
status
200
cache-control
max-age=43200,public,immutable,no-transform
cf-ray
550efafb2f132766-FRA
link
<//adsco.re>;rel=preconnect,<//6.adsco.re>;rel=prefetch
expires
Sun, 22 Dec 2019 11:23:51 GMT
/
6.adsco.re/ 		0
241 B 		Other
General
Check archive.org
Download Go to
Full URL
https://6.adsco.re/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vup.to/embed-fa8nalczjhbl.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 06 Jan 2020 16:13:38 GMT
content-encoding
br
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/plain;charset=UTF-8
status
200
access-control-max-age
2592000
cache-control
max-age=600,public,immutable
cf-ray
550efafb3f2b2766-FRA
access-control-allow-headers
Content-Type
t
adsco.re/ 		67 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adsco.re/t
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS - Total Uptime Technologies, LLC, US),
Reverse DNS
Software
/
Resource Hash
d30037802015657dc95ee75b39f5da5965682adb0016df0ec4aa045e54f5ce67

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://vup.to/embed-fa8nalczjhbl.html
Origin
https://vup.to

Response headers

Date
Mon, 06 Jan 2020 16:13:38 GMT
Access-Control-Max-Age
2592000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://vup.to
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
/
6.adsco.re/ 		53 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://6.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
12f310d36e9a9d454ad40ff78184fb0418ce74134dda23efe7f4244a5dd651d8

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://vup.to/embed-fa8nalczjhbl.html
Origin
https://vup.to

Response headers

date
Mon, 06 Jan 2020 16:13:38 GMT
content-encoding
br
server
cloudflare
access-control-allow-headers
Content-Type
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://vup.to
access-control-max-age
2592000
cache-control
max-age=600,public,immutable
cf-ray
550efafc2a90d6f9-FRA
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
/
xcc1rvttryco.l.adsco.re/ 		0
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://xcc1rvttryco.l.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.200.118.90 London, United Kingdom, ASN9009 (M247, GB),
Reverse DNS
adscore.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://vup.to/embed-fa8nalczjhbl.html
Origin
https://vup.to

Response headers

Date
Mon, 06 Jan 2020 16:13:38 GMT
Last-Modified
Tue, 31 Jul 2018 22:16:15 GMT
ETag
"5b60dfaf-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
xcc1rvttryco.n.adsco.re/ 		0
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://xcc1rvttryco.n.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.132.109.186 New York, United States, ASN9009 (M247, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://vup.to/embed-fa8nalczjhbl.html
Origin
https://vup.to

Response headers

Date
Mon, 06 Jan 2020 16:13:38 GMT
Last-Modified
Mon, 30 Jul 2018 15:32:42 GMT
ETag
"5b5f2f9a-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
xcc1rvttryco.s.adsco.re/ 		0
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://xcc1rvttryco.s.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.200.116.90 Singapore, Singapore, ASN9009 (M247, GB),
Reverse DNS
no-mans-land.m247.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://vup.to/embed-fa8nalczjhbl.html
Origin
https://vup.to

Response headers

Date
Mon, 06 Jan 2020 16:13:39 GMT
Last-Modified
Mon, 30 Jul 2018 15:38:01 GMT
ETag
"5b5f30d9-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
c.adsco.re/ Frame 3F8E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://c.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
c.adsco.re
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://vup.to/embed-fa8nalczjhbl.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://vup.to/embed-fa8nalczjhbl.html

Response headers

status
200
date
Mon, 06 Jan 2020 16:13:38 GMT
content-type
text/html
cache-control
max-age=43200,public,immutable,no-transform
link
<//adsco.re>;rel=preconnect,<//6.adsco.re>;rel=prefetch
expires
Sun, 22 Dec 2019 11:23:51 GMT
etag
"a73Qdnp6tbMta3RY0Wgotw=="
content-encoding
gzip
cf-cache-status
HIT
age
1356587
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server
cloudflare
cf-ray
550efafbffbe2766-FRA
p
adsco.re/ 		259 B
758 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adsco.re/p
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS - Total Uptime Technologies, LLC, US),
Reverse DNS
Software
/
Resource Hash
f7cae01e2233f65f307bf0f98e47dea017db48f493107b5278d7d5c146e89583

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://vup.to/embed-fa8nalczjhbl.html
Origin
https://vup.to

Response headers

AS-P-G
OK
Date
Mon, 06 Jan 2020 16:13:39 GMT
AS-P-7
OK
AS-P-9
OK
AS-P-C
OK
Transfer-Encoding
chunked
AS-P-5
OK
AS-P-F
OK
Connection
keep-alive
Content-Encoding
gzip
AS-P-2
OK
AS-P-D
OK
AS-P-6
OK
AS-P-B
OK
AS-P-4
OK
AS-P-A
OK
Access-Control-Max-Age
2592000
AS-P-1
OK
Access-Control-Allow-Origin
https://vup.to
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
AS-P-8
OK
Content-Type
text/html; charset=UTF-8
AS-P-E
OK
AS-P-3
OK
c
serve.popads.net/ 		0
202 B 		Script
General
Check archive.org
Download Go to
Full URL
https://serve.popads.net/c?_=BAoAXhNcswFeE1yzgAGBAcAAINHDc_5xo7xBlSK3V9GXzuBabNtqAF3qA2IVnwgZa1jpwQAgF5CQhsZ20xF5EZ8K8aS11gDEtuguhh033pRzG8WG8Z3CACBOVDBayLUWJq5NTTZvLMS4FYbWAlwSUsckI76cJRa6ScQAECoBBPgBklQUAAAAAAAAAALFABAnrJMfWaRg5JQ6GVwm3fHLwwAggNc53EvNGgioSw1U4sOE1RF89QAsq5R-nbKB35IB4-c&v=4&siteId=3060964&minBid=&popundersPerIP=&blockedCountries=&documentRef=&s=1600,1200,1,1600,1200
Requested by
Host: c1.popads.net
URL: https://c1.popads.net/pop.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
216.21.13.17 , United States, ASN53334 (TUT-AS - Total Uptime Technologies, LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vup.to/embed-fa8nalczjhbl.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 06 Jan 2020 16:13:39 GMT
PopAds-EC
ASB
Connection
Keep-Alive
Content-Length
0
PopAds-CI
93
Content-Type
text/html; charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn10.megaupload.to
URL
https://cdn10.megaupload.to/hls/4ib573z6hmi7bh3jeofaijfkfokphvdf5v4lbu72q,mm7hqwk5odzhcouifca,um7hqwk5od6yg63qbja,.urlset/master.m3u8

Verdicts & Comments Add Verdict or Comment

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery number| show_fname_chars undefined| form_action undefined| UID undefined| interval undefined| enccx function| $$ function| fileSelected function| openStatusWindow function| StartUpload function| checkExt function| fixLength function| getFormAction function| setFormAction function| InitUploadSelector function| findPos function| changeUploadType function| jah function| scaleImg function| OpenWin function| player_start function| copy function| download_video function| convertSeconds function| convertSize function| SP function| progressUpdate function| encStatus function| gtag object| dataLayer object| _0xbc13 object| zfgformats function| setImmediate function| clearImmediate function| _bjxxwc function| _zmemhvon object| _pop object| adcashMacros object| zoneSett object| urls object| _0x8317 function| acPrefetch object| CTABPu object| google_tag_manager string| GoogleAnalyticsObject function| ga string| k object| _zr4ma63yyd function| onClickTrigger boolean| zfgloadedpopup function| videojs function| Hls function| hola_player object| videojs_hotkeys function| videojsBrand object| video boolean| xRds boolean| cRAds boolean| xadV boolean| xads object| holaplayer object| vttjs function| WebVTT object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome object| _0x9379 function| ufpAttach object| CTAMAT object| adcashUfp object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| _0x10e2 object| Cnac object| stamat function| NqPnfu2547151688718181 function| NqPnfu object| NqpnfuVfNOrggreArgjbex boolean| _0x90aa object| popjs object| Base64 function| pafban object| detectZoom object| PopAds object| _pao object| _adas_v211fa function| jonIUBFjnvJDNvluc0.7146575742216037 function| AdscoreInit number| a function| ed number| t number| newTime number| r number| g number| b string| bt

10 Cookies

Domain/Path Name / Value
ufpcdn.com/ Name: adcashufpv3
Value: 8806669758934675921872572100
deloplen.com/ Name: oaidts
Value: 1578327216
vup.to/ Name: adcashufpv3
Value: 8806669758934675921872572100
.vup.to/ Name: _ga
Value: GA1.2.1542492606.1578327218
deloplen.com/ Name: OAID
Value: 8ef00285299347c1952218d692395c7c
vup.to/ Name: aff
Value: 2359
.vup.to/ Name: __cfduid
Value: d5828dfa38057f332ee377fd62e720ff11578327216
vup.to/ Name: file_id
Value: 391995
.vup.to/ Name: _gat_gtag_UA_126741147_1
Value: 1
.vup.to/ Name: _gid
Value: GA1.2.362940818.1578327218

6 Console Messages

Source Level URL
Text
console-api log URL: https://cdn.vup.to/player_hola/hola_player.js(Line 51)
Message:
HolaProviderHLS registered as %s SourceHandler Html5
console-api warning URL: https://cdn.vup.to/player_hola/hola_player.js(Line 32)
Message:
VIDEOJS: WARN: The Osmf tech was registered as a component. It should instead be registered using videojs.registerTech(name, tech)
console-api log URL: https://cdn.vup.to/player_hola/hola_player.js(Line 51)
Message:
init hola/hls provider v1.0.165 hls v1.0.165 hap v1.0.150
console-api warning URL: https://cdn.vup.to/player_hola/hola_player.js(Line 32)
Message:
VIDEOJS: WARN: this.options() has been deprecated and will be moved to the constructor in 6.0
console-api log URL: https://c.adsco.re/(Line 13)
Message:
console-api log URL: https://c1.popads.net/pop.js(Line 44)
Message:
CI BAoAXhNcswFeE1yzgAGBAcAAINHDc_5xo7xBlSK3V9GXzuBabNtqAF3qA2IVnwgZa1jpwQAgF5CQhsZ20xF5EZ8K8aS11gDEtuguhh033pRzG8WG8Z3CACBOVDBayLUWJq5NTTZvLMS4FYbWAlwSUsckI76cJRa6ScQAECoBBPgBklQUAAAAAAAAAALFABAnrJMfWaRg5JQ6GVwm3fHLwwAggNc53EvNGgioSw1U4sOE1RF89QAsq5R-nbKB35IB4-c

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6.adsco.re
adsco.re
c.adsco.re
c1.popads.net
cdn.vup.to
cdn10.megaupload.to
dadsecz.com
deloplen.com
fbcdn2.com
fonts.googleapis.com
fonts.gstatic.com
img.vup.to
onclicksuper.com
perr.h-cdn.com
serve.popads.net
ufpcdn.com
use.fontawesome.com
vup.to
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
xcc1rvttryco.l.adsco.re
xcc1rvttryco.n.adsco.re
xcc1rvttryco.s.adsco.re
cdn10.megaupload.to
162.252.214.5
185.200.116.90
185.200.118.90
195.181.170.17
198.134.112.241
216.21.13.17
23.111.9.35
23.23.178.66
2606:4700:30::6812:3647
2606:4700:30::681b:9e9a
2606:4700::6811:a6ba
2606:4700::6811:a7ba
2606:4700::6811:c16b
2a00:1450:4001:815::2003
2a00:1450:4001:816::200e
2a00:1450:4001:818::2003
2a00:1450:4001:821::2008
2a00:1450:4001:824::200a
35.190.8.27
38.132.109.186
88.85.66.195
12f310d36e9a9d454ad40ff78184fb0418ce74134dda23efe7f4244a5dd651d8
238803147293f6c158c157b0d3d9aac3e290df325f71ff07cdcd39b7fff76606
2d4dc69af7a3da2f98d3b7734996a69899a702109859eae84d77b46a16579713
4211532d4efae12dd95b670e72e326f6f5a906ac7ca64c6ab2feb3fd417284a7
424c22882d902d767bff802920ee13a2ad43a10a5d80933359e0908c38f9b75c
47f851dd764d7df93abda40518fe798e8fe603ede35dfcc5b5e10c1de22d9b8b
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
543080df6bd6eff2bfd45acd546aec43aa2be88654e4e10bce3319959f601b06
548c0531ddce755744c28e79d6c2fe257192191dabbe7d3607269368ba83f444
552a49495203e48a3bf0068405062c3cde218ef10e1936acd9eec0f15a3d04a7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5bf9a3ab98f863dac9b71012d072902453aa6c4e16f5b11ce33f1bb4f51d5ed7
5f7dfb159c9213a481ed748e06e270486e24def0aa5b2221781306fa708ca96c
6780f75f27ae7bc4ad240abd1c65cc15d28aa1c0b6e732700a9d9e8614e5b336
688a19b3d27111cbd009ced47470cb943871fed095564ab3660f89d290333ae0
6ea0b5729bd07f93c48263885c373ad53a231248266e9b28b851e98d6b117af0
75aef2e95ea7f3a70999396fba0c2ab866f4ff06313cf1b07780d800a5fc1ebc
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87abd10ff4dde54aa21a9acf3dfd863f6ff99e35f74b9ab3987cf2e36b817bff
8b6ad945b300c48a534e36962be6c12e3357f6eecb6abc0e18f51a00fea3c400
8cb270b4d9485a93b31df98113fda8723ffc067fa7bfa90cedd47b76f7b10be1
97ea5755f0133dbd54dc8424efe98b429b145efbee6b0cb3408c5c1011c3a01a
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
b47478ebfad192488b281cb20b85ef93444ff24c547c4a03511e400defb38aa5
b66e0ae4a3a7b8e6a280d5b512ba4dcf43afb3ae8862fed33266a038cbe1f154
ca86d1521cb178b94ec15bd3828c23413edd8e502aaee5ad3b9ad0095adb3afc
cd185dfbf9ab9c108d634166de89aed49aa428db7b7a50d7eb8e23faf81196ca
d30037802015657dc95ee75b39f5da5965682adb0016df0ec4aa045e54f5ce67
d511847c0cae53cd06d1ac02b8bb1d388c9e1da319d0562fc30e94c211be235f
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
efe95cb2cc312e0132b0ce914c642ecee0534223df3f1d47579cdabe6cc070cd
f6e4e7eb25d120d67b4c8aec58809a8e7c8024ad8f3257e1ea7c7a33ec4dac93
f7cae01e2233f65f307bf0f98e47dea017db48f493107b5278d7d5c146e89583
f93350ff62c3f475b8d6b30da6bc28b059d55f0065fdf7e2458f4d0178db7540
fab55c17047e5f272d76bd485705ab08864238ec024af42665953ab6ddf6fbf3
fefd5c42d249823c4ed9ad5d1a8bf05321644a1fcc4c215ce1d030b4c90aeda2