URL: https://updown.fun/lvgKGxn238Qn/file
Submission: On July 21 via api from US — Scanned from US

Summary

This website contacted 9 IPs in 1 countries across 7 domains to perform 30 HTTP transactions. The main IP is 2606:4700:3032::6815:30db, located in United States and belongs to CLOUDFLARENET, US. The main domain is updown.fun.
TLS certificate: Issued by WE1 on July 4th 2024. Valid for: 3 months.
This is the only time updown.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
19 updown.fun
updown.fun
456 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 10
961 B
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 157
52 KB
2 gstatic.com
fonts.gstatic.com
www.gstatic.com
239 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
3 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
101 KB
30 7
Domain Requested by
19 updown.fun updown.fun
3 www.google.com updown.fun
www.gstatic.com
2 pagead2.googlesyndication.com updown.fun
2 fonts.googleapis.com updown.fun
1 www.google-analytics.com www.googletagmanager.com
1 www.gstatic.com www.google.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.googletagmanager.com updown.fun
30 8

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
wa.me
pinterest.com
Subject Issuer Validity Valid
updown.fun
WE1
2024-07-04 -
2024-10-02
3 months crt.sh
upload.video.google.com
WR2
2024-06-24 -
2024-09-16
3 months crt.sh
*.google-analytics.com
WR2
2024-06-24 -
2024-09-16
3 months crt.sh
*.google.com
WR2
2024-06-24 -
2024-09-16
3 months crt.sh
*.gstatic.com
WR2
2024-06-24 -
2024-09-16
3 months crt.sh
*.g.doubleclick.net
WR2
2024-06-24 -
2024-09-16
3 months crt.sh

This page contains 3 frames:

Primary Page: https://updown.fun/lvgKGxn238Qn/file
Frame ID: 6F6B5EA497B6B21D576A0D2CFA19CE65
Requests: 28 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeZiwYqAAAAAId06riILcVlfLc_swowpjPf2i6o&co=aHR0cHM6Ly91cGRvd24uZnVuOjQ0Mw..&hl=en&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=normal&cb=my7olrf89pr8
Frame ID: AB65FDDBE873908A169CEAA06504FA74
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=rKbTvxTxwcw5VqzrtN-ICwWt&k=6LeZiwYqAAAAAId06riILcVlfLc_swowpjPf2i6o
Frame ID: 4999331801D18392A384883CC91111B9
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Updown.fun — Download — Cheaterclub

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • <div[^>]+class="g-recaptcha"
  • /recaptcha/api\.js

Page Statistics

30
Requests

100 %
HTTPS

100 %
IPv6

7
Domains

8
Subdomains

9
IPs

1
Countries

853 kB
Transfer

2129 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request file
updown.fun/lvgKGxn238Qn/
28 KB
10 KB
Document
General
Full URL
https://updown.fun/lvgKGxn238Qn/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:30db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86fdf7262a2623f0a4b36c76786d199186cb4d2f9212177f78c6d319695bd8a7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8a6ad4bfff724304-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 21 Jul 2024 11:25:34 GMT
expires
-1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4aQEySw14u5kKDVujO98etqSrwDt8o2VPEGZYRwnejYTkIgsrlYiT77NJjYlk5aNvgInr8XbOPLBHzNzARguhemHhRKhgV%2FUBGpccx52eJPJPJKOba54PV4BGeMtQ7UdC5FUMB4wmewt"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
x-cache-status
MISS
bootstrap.min.css
updown.fun/vendor/libs/bootstrap/
159 KB
24 KB
Stylesheet
General
Full URL
https://updown.fun/vendor/libs/bootstrap/bootstrap.min.css
Requested by
Host: updown.fun
URL: https://updown.fun/lvgKGxn238Qn/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:30db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
457d42dfc58373e2b07655f896ed685ba9729c2111684fd6eb02bf3697634939

Request headers

Referer
https://updown.fun/lvgKGxn238Qn/file
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 11:25:34 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1430930
x-cache-status
BYPASS
alt-svc
h3=":443"; ma=86400
content-length
23849
last-modified
Thu, 12 Oct 2023 01:11:40 GMT
server
cloudflare
etag
"27b73-6077a9f488b00-gzip"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jbQtZED9tZMM%2F%2BsjgepBy%2FsU%2BMZctRmtsm1u8whIsdplMMHgr3%2FA%2Fufheh9M5fLWShJ%2BXLefGbNrNHlVt1nN9TIEJy2F00d2nTblvQOf42Oyyu%2BpnTbrRgCmEE9D3D9q9rkzntikXcCm"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
8a6ad4c44b2e4304-EWR
expires
Sat, 03 Aug 2024 21:56:44 GMT
fontawesome.min.css
updown.fun/vendor/libs/fontawesome/
98 KB
21 KB
Stylesheet
General
Full URL
https://updown.fun/vendor/libs/fontawesome/fontawesome.min.css
Requested by
Host: updown.fun
URL: https://updown.fun/lvgKGxn238Qn/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:30db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
188a706590dc9e898c5c90a1da8346a9bc732cad28884386fbf20b05f4e83594

Request headers

Referer
https://updown.fun/lvgKGxn238Qn/file
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 11:25:34 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1430930
x-cache-status
BYPASS
alt-svc
h3=":443"; ma=86400
content-length
20557
last-modified
Sun, 17 Jul 2022 16:22:02 GMT
server
cloudflare
etag
"18972-5e402a6bc9e80-gzip"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z5lbubqVMvBgyvSKj1YqbZ0rRkMntDP1rpn47odVr54xQCEgFG%2FgAkT1ayU0%2BE5lKPeKnSCqyQ1f4OJJOSRRvJIHbQpR%2FXbu%2F%2FDst6mCoF9cMYX0YQZ53L7wFPM83mIcXgNuaxaBr3%2BJ"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
8a6ad4c44b304304-EWR
expires
Sat, 03 Aug 2024 21:56:44 GMT
vironeer-toastr.min.css
updown.fun/vendor/libs/vironeer/toastr/css/
7 KB
2 KB
Stylesheet
General
Full URL
https://updown.fun/vendor/libs/vironeer/toastr/css/vironeer-toastr.min.css
Requested by
Host: updown.fun
URL: https://updown.fun/lvgKGxn238Qn/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:30db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dccacdf65a58081f0d11f508b3ca8735df46dd53ad7f6839a240493a26ac597

Request headers

Referer
https://updown.fun/lvgKGxn238Qn/file
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 11:25:34 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
238310
x-cache-status
BYPASS
alt-svc
h3=":443"; ma=86400
content-length
1876
last-modified
Thu, 12 Oct 2023 20:26:58 GMT
server
cloudflare
etag
"1c24-6078ac2f54880-gzip"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TbTicjNfw%2BMKGASBJdQ1%2Bzmblxsf3JdRZ6R9ZJEEnRRBeoE%2BSE2o992m%2FSgw4f4Bo%2BUVEMEHl2T6lbe%2B%2FtFFZQuoRGbOT7%2Blv99uSKShENmwfh4%2BdWaXpz7CcbQfFjM8lskSPSHV3GCk"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
8a6ad4c44b324304-EWR
expires
Sat, 17 Aug 2024 17:13:44 GMT
colors.css
updown.fun/themes/basic/assets/css/
268 B
669 B
Stylesheet
General
Full URL
https://updown.fun/themes/basic/assets/css/colors.css
Requested by
Host: updown.fun
URL: https://updown.fun/lvgKGxn238Qn/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:30db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b61ca0a855574122c31da4722ca0a2cde64ab714ab456e32b7c1bf791f64bb46

Request headers

Referer
https://updown.fun/lvgKGxn238Qn/file
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 11:25:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
238310
cf-polished
origSize=299
x-cache-status
BYPASS
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 05 Jul 2024 20:02:44 GMT
server
cloudflare
etag
W/"12b-61c858bf1161d-gzip"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CZcshJeAefga3QlPw28RZ8jX9jBNVu6mUqgckHDUt%2FkZxxKxf%2BpkUsupKkll9qlFn0zqOowB4hpVAwlIjveRh4cc5uDUen4f3E1pJfVJsEnNlIvM6lMsqy9vPQvQWWyOGljIxKwyJwXk"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
8a6ad4c44b374304-EWR
expires
Sat, 17 Aug 2024 17:13:44 GMT
app.css
updown.fun/themes/basic/assets/css/
92 KB
15 KB
Stylesheet
General
Full URL
https://updown.fun/themes/basic/assets/css/app.css
Requested by
Host: updown.fun
URL: https://updown.fun/lvgKGxn238Qn/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:30db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
899d37d16eb5aca9ef09b36137278482714583285ae98a81d5e5b5181c952d8f

Request headers

Referer
https://updown.fun/lvgKGxn238Qn/file
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 11:25:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1430930
cf-polished
origSize=119526
x-cache-status
BYPASS
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 16 Oct 2023 15:51:17 GMT
server
cloudflare
etag
W/"1d2e6-607d760672740-gzip"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UT6Bayr%2FtpmqFyVn3AGry7hN2W%2BmCY8isQK3r4qfi%2FJdjbBWLznHptQaW4jo90ZxCaQOCa%2BuD8uK4ju8lEYEyK%2BvuRV4rBC2%2Bs0jZclEfQL5z%2BdWkRMxTNzuvGBdQprcNyLLrnsTBf2k"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
8a6ad4c44b384304-EWR
expires
Sat, 03 Aug 2024 21:56:44 GMT
custom.css
updown.fun/themes/basic/assets/css/
0
517 B
Stylesheet
General
Full URL
https://updown.fun/themes/basic/assets/css/custom.css
Requested by
Host: updown.fun
URL: https://updown.fun/lvgKGxn238Qn/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:30db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://updown.fun/lvgKGxn238Qn/file
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 11:25:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1430930
x-cache-status
BYPASS
alt-svc
h3=":443"; ma=86400
content-length
0
cf-bgj
minify
last-modified
Fri, 06 Oct 2023 00:32:35 GMT
server
cloudflare
etag
"0-6070160766ec0"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7G%2FertHQp%2BaSfMh%2FROP%2BW4IRixG1A%2FIaHnyo6d2ASoL5JNpQnBqFKL3wU1GayfB72EHv%2BXFioKEcLzdbMTDKzbmTmb5vmUAYLMvn6%2B%2BiRzwJpVVx7aYrb%2BOgAiFa%2B53sHGxjf8n7cnFE"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
8a6ad4c44b394304-EWR
expires
Sat, 03 Aug 2024 21:56:44 GMT
logo-dark.png
updown.fun/themes/basic/images/
17 KB
18 KB
Image
General
Full URL
https://updown.fun/themes/basic/images/logo-dark.png
Requested by
Host: updown.fun
URL: https://updown.fun/lvgKGxn238Qn/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:30db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97201a142a3afc89ed1ac7a866b28fcbc877f07eabbd1071b3104b25af091d9a

Request headers

Referer
https://updown.fun/lvgKGxn238Qn/file
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 11:25:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1430930
x-cache-status
BYPASS
alt-svc
h3=":443"; ma=86400
content-length
17784
last-modified
Thu, 04 Jul 2024 19:56:09 GMT
server
cloudflare
etag
"4578-61c71568c8f63"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Iw3J%2Bp2LzbgDHC8DzYT1%2BdfZvOi9QB%2BTdFAc0jjv9nn5tfPl0mRZ5tgiNx6sPZFKvYSW%2Bvzif9A%2Fm6Qd0f72eraIN7H%2Bx6iSOuzqIS0ZlB4OOmOniNH4K1V3%2FxyzqO5DlsGzpU2aaIiF"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8a6ad4c44b3a4304-EWR
expires
Fri, 04 Jul 2025 21:56:44 GMT
en.png
updown.fun/images/languages/
567 B
1 KB
Image
General
Full URL
https://updown.fun/images/languages/en.png
Requested by
Host: updown.fun
URL: https://updown.fun/lvgKGxn238Qn/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:30db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
941ba21a55ec94d6378d654a9c712fe2c191edd16ee1a802697715ada1cd0cc6

Request headers

Referer
https://updown.fun/lvgKGxn238Qn/file
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 11:25:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1430930
x-cache-status
BYPASS
alt-svc
h3=":443"; ma=86400
content-length
567
last-modified
Sat, 28 Jan 2023 17:20:43 GMT
server
cloudflare
etag
"237-5f35633a8f0c0"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gd9fEriAGoJMRp0nnCL2V6hB%2Bq2J6Bw9cGNG2J%2FfNLy0QGdfFCjizYAXt5XTKSILa7hlxCEwf5Jim9j9N3%2F6MGMr1%2FJYUDH8dvLnT4K9V8PeCYaMpCyOCIsOSzT0qO7XyFth8Bm9wKSr"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8a6ad4c44b3b4304-EWR
expires
Fri, 04 Jul 2025 21:56:44 GMT
ru.png
updown.fun/images/languages/
552 B
1 KB
Image
General
Full URL
https://updown.fun/images/languages/ru.png
Requested by
Host: updown.fun
URL: https://updown.fun/lvgKGxn238Qn/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:30db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4250a7a8bace76e55d3f940c431cc31a925ef183faaea8499d4da8889df9d2f7

Request headers

Referer
https://updown.fun/lvgKGxn238Qn/file
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 11:25:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1430930
x-cache-status
BYPASS
alt-svc
h3=":443"; ma=86400
content-length
552
last-modified
Wed, 03 Jul 2024 16:33:55 GMT
server
cloudflare
etag
"228-61c5a657b7be9"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HIENG87mX7XRAGiZsrwZ1aO1ypFRS9CJNnURU2eGimGHYm6jxSA%2BLNvHbTJllY17Qe8iaEr%2FvH1XzXKeSBdGGqTr61%2FomcZ8OJUMbplw5qtffSljQ3Q9%2FJydPKJsnOD6gPt3FhyJ7wRr"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8a6ad4c46b504304-EWR
expires
Fri, 04 Jul 2025 21:56:44 GMT
tr.png
updown.fun/images/languages/
21 KB
22 KB
Image
General
Full URL
https://updown.fun/images/languages/tr.png
Requested by
Host: updown.fun
URL: https://updown.fun/lvgKGxn238Qn/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:30db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
373669430b4ff3da1a6f4e7fa1549d20f282b6206f87a1edfc3e363ac4818550

Request headers

Referer
https://updown.fun/lvgKGxn238Qn/file
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 11:25:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
909029
x-cache-status
BYPASS
alt-svc
h3=":443"; ma=86400
content-length
21884
last-modified
Wed, 03 Jul 2024 10:49:49 GMT
server
cloudflare
etag
"557c-61c5596e83801"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YVMXQPffUMb94VbR1uYjmAAKlm%2FXsNDlN%2Bt4J4wz7r4AfyvOM1jcsO3DtG98WnsyxtlYodWMSAgO1%2B%2BudwzD0dch9d6S0W2f28BdkuEuPjqBiNYqxh8kw7jU%2FQub1m8L2WGX13tQwONI"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8a6ad4c46b524304-EWR
expires
Thu, 10 Jul 2025 22:55:05 GMT
rocket-loader.min.js
updown.fun/cdn-cgi/scripts/7d0fa10a/cloudflare-static/
12 KB
4 KB
Script
General
Full URL
https://updown.fun/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: updown.fun
URL: https://updown.fun/lvgKGxn238Qn/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:30db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://updown.fun/lvgKGxn238Qn/file
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 11:25:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2024 17:12:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6696a9e8-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QEsHa5%2FGoq88UAMQFh%2FU4SI8ldL9MsFK9NB5Na6D3qtNKnpGRmoEdy0s4eWxoxB3Q0NIVe4JcF0nd0%2Fc1%2BdG7TpiliGIQLsLLLcy%2BOBJCzkPcoFJUU%2FtGqWLrZ3VR16ymKw8cE3aqcfE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
8a6ad4c46b534304-EWR
expires
Tue, 23 Jul 2024 11:25:34 GMT
css2
fonts.googleapis.com/
16 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700;800;900&display=swap
Requested by
Host: updown.fun
URL: https://updown.fun/vendor/libs/vironeer/toastr/css/vironeer-toastr.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0e::5f Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f1e4c18549167223af672ff319ac7293d52e09fd02544d08d4166078b5f36c4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://updown.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 21 Jul 2024 11:25:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 21 Jul 2024 11:15:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 21 Jul 2024 11:25:35 GMT
css2
fonts.googleapis.com/
31 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;1,100&family=Plus+Jakarta+Sans:wght@200;300;400;500;600;700;800&display=swap&family=Almarai:wght@300;400;700;800&display=swap
Requested by
Host: updown.fun
URL: https://updown.fun/themes/basic/assets/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0e::5f Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ce937fd256c0c14466ed1104d33567c34bd8787abe060dd2207462daffc98baf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://updown.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 21 Jul 2024 11:25:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 21 Jul 2024 11:25:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 21 Jul 2024 11:25:35 GMT
app.js
updown.fun/themes/basic/assets/js/
18 KB
6 KB
Script
General
Full URL
https://updown.fun/themes/basic/assets/js/app.js
Requested by
Host: updown.fun
URL: https://updown.fun/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:30db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dfa41264bc484592ebec666be5a2d333d8e5dae6cffb8c4ddbbbf9e5c49f729

Request headers

Referer
https://updown.fun/lvgKGxn238Qn/file
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 11:25:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
51237
cf-polished
origSize=29537
x-cache-status
BYPASS
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 12 Oct 2023 01:14:57 GMT
server
cloudflare
etag
W/"7361-6077aab068640-gzip"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LPZHTXqxCDIztNwOayQmWB56c30ftkArnYHMiIPSSvAVQ10Hn6fnB%2BpLvzqE3tCogHUX4Hy5tVRZlF26hnMjR2IbWNx3oIW23yLFdH6D4pq0Qn4GHeRSSEooGjR0MRygAAzpiBNvbike"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
8a6ad4c80dff4304-EWR
expires
Sun, 21 Jul 2024 21:11:38 GMT
vironeer-toastr.min.js
updown.fun/vendor/libs/vironeer/toastr/js/
3 KB
1 KB
Script
General
Full URL
https://updown.fun/vendor/libs/vironeer/toastr/js/vironeer-toastr.min.js
Requested by
Host: updown.fun
URL: https://updown.fun/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:30db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e69ea651ffbd11346d2d9c2429f65762e64d371f611d0705e4828199abff6148

Request headers

Referer
https://updown.fun/lvgKGxn238Qn/file
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 11:25:35 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
51237
x-cache-status
BYPASS
alt-svc
h3=":443"; ma=86400
content-length
916
last-modified
Thu, 12 Oct 2023 20:26:58 GMT
server
cloudflare
etag
"abe-6078ac2f54880-gzip"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DdGud37K1wwp9u6jlsNzNVEs%2F6hz9EZQ9PxCtNqG0xRjgilwsifzVsLxk19P7guW5Wkvuh4kPRlKUAXUCr%2FaLs0NzlyZJdUIE60T2nWULiTmKzGZsCjLutLtm99OXNPp6EhVCOQSsGdI"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
8a6ad4c80e004304-EWR
expires
Sun, 21 Jul 2024 21:11:38 GMT
bootstrap.bundle.min.js
updown.fun/vendor/libs/bootstrap/
77 KB
22 KB
Script
General
Full URL
https://updown.fun/vendor/libs/bootstrap/bootstrap.bundle.min.js
Requested by
Host: updown.fun
URL: https://updown.fun/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:30db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e5bcbef6de2733340d0a5a46e17adefa2f86fa89f5275c05c63831b011b88cc

Request headers

Referer
https://updown.fun/lvgKGxn238Qn/file
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 11:25:35 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
55598
x-cache-status
BYPASS
alt-svc
h3=":443"; ma=86400
content-length
22451
last-modified
Thu, 12 Oct 2023 01:11:33 GMT
server
cloudflare
etag
"13253-6077a9eddbb40-gzip"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VQswm2aKmjtrqgAnWaf5k0zOsqMP5iBy4F3HXWL5duR%2FwOlgPPRy2U%2BOxzTxLbxA5U54ZNM8jtTCd5jTnBBEni10M9rly8RVo75IRLNfSWsV9Z6FoBN7KHidgghHuMv4aXhqql3MEoDE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
8a6ad4c80e014304-EWR
expires
Sun, 21 Jul 2024 19:58:57 GMT
jquery.min.js
updown.fun/vendor/libs/jquery/
85 KB
30 KB
Script
General
Full URL
https://updown.fun/vendor/libs/jquery/jquery.min.js
Requested by
Host: updown.fun
URL: https://updown.fun/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:30db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f764efbb2cdb303e3019325d811225ead27d656f8b40390de427db1415dc56a

Request headers

Referer
https://updown.fun/lvgKGxn238Qn/file
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 11:25:35 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
55598
x-cache-status
BYPASS
alt-svc
h3=":443"; ma=86400
content-length
30335
last-modified
Thu, 01 Jun 2023 04:21:33 GMT
server
cloudflare
etag
"155a5-5fd09c5770d40-gzip"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lEDRiR27iMq3wn5CKhVoED5zLuFa8S1rEU3ZrdRNp9g09J%2BmCeSaKH7i2T5GGjklfviKwcuIQWNkmrC7YmAOvsDcql5tBvz%2Bm6lJcfsj6yQRyL%2BWwq6u2f6o%2FxsrPjbCBMuu32G8JRPx"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
8a6ad4c80e034304-EWR
expires
Sun, 21 Jul 2024 19:58:57 GMT
js
www.googletagmanager.com/gtag/
305 KB
101 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NJWSM9V4VG
Requested by
Host: updown.fun
URL: https://updown.fun/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c01::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e0cba1d52a17d4541482476fa1ca0f6b5d842657e1fcc8515fef3206ef9556bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://updown.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 11:25:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103491
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 21 Jul 2024 11:25:35 GMT
api.js
www.google.com/recaptcha/
1 KB
961 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?hl=en
Requested by
Host: updown.fun
URL: https://updown.fun/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c0d::69 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cfce45fef72ed85dc66c57fd1fa7262f9686b08188832fbfce26a7a467d455b0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://updown.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 11:25:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sun, 21 Jul 2024 11:25:35 GMT
LDIoaomQNQcsA88c7O9yZ4KMCoOg4Ko20yw.woff2
fonts.gstatic.com/s/plusjakartasans/v8/
27 KB
27 KB
Font
General
Full URL
https://fonts.gstatic.com/s/plusjakartasans/v8/LDIoaomQNQcsA88c7O9yZ4KMCoOg4Ko20yw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;1,100&family=Plus+Jakarta+Sans:wght@200;300;400;500;600;700;800&display=swap&family=Almarai:wght@300;400;700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0d::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1262bff0591c36094d058ab102b84ce34eb1e547e8ff00557bf8d55449e58e40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://updown.fun
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 07:07:11 GMT
x-content-type-options
nosniff
age
101904
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27444
x-xss-protection
0
last-modified
Thu, 22 Jun 2023 14:14:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 20 Jul 2025 07:07:11 GMT
fa-solid-900.woff2
updown.fun/vendor/libs/fontawesome/webfonts/
151 KB
151 KB
Font
General
Full URL
https://updown.fun/vendor/libs/fontawesome/webfonts/fa-solid-900.woff2
Requested by
Host: updown.fun
URL: https://updown.fun/vendor/libs/fontawesome/fontawesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:30db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d76fb4e841748a3f6bc63efa23156e02631c283bf41f84efcbdaf339ea3e1b73

Request headers

Referer
https://updown.fun/vendor/libs/fontawesome/fontawesome.min.css
Origin
https://updown.fun
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 11:25:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
55338
x-cache-status
BYPASS
alt-svc
h3=":443"; ma=86400
content-length
154228
last-modified
Tue, 22 Mar 2022 13:08:02 GMT
server
cloudflare
etag
"25a74-5dace4d817080"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SxQykRnMh4RKhra98sktdbhmji7WYBkQwxs7SAOAhRo2eBelTODjCoXGjWW9xki37PMaz3MNw6Vu1Y9eSVUa3vtQ%2F%2FiiVoc51JmllQyaCObhZnxXNwD61L%2BAfY9wiK8D2E1p6nOJsWSp"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
8a6ad4c82e154304-EWR
expires
Sun, 21 Jul 2024 20:03:17 GMT
fa-brands-400.woff2
updown.fun/vendor/libs/fontawesome/webfonts/
103 KB
104 KB
Font
General
Full URL
https://updown.fun/vendor/libs/fontawesome/webfonts/fa-brands-400.woff2
Requested by
Host: updown.fun
URL: https://updown.fun/vendor/libs/fontawesome/fontawesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:30db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
404c746c8f7e3f9b7611a8f23d908c1a32a5c972236b9d89bb68b05d9bf4b905

Request headers

Referer
https://updown.fun/vendor/libs/fontawesome/fontawesome.min.css
Origin
https://updown.fun
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 11:25:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
51238
x-cache-status
BYPASS
alt-svc
h3=":443"; ma=86400
content-length
105536
last-modified
Tue, 22 Mar 2022 13:08:02 GMT
server
cloudflare
etag
"19c40-5dace4d817080"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uPKJDcmwLaAVRnyGpsD1k2dEPa56VSHPIC%2FkKR%2FAUPUig8%2FK1jCvJeg1THpl5%2B82a15hU0MMPp1Vr6JSdemPN6e07ilNeHfjvwZhb6sNYE%2BFf%2BcxpyVloUW2v0P8m47g1o5erUSo5sIh"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
8a6ad4c82e164304-EWR
expires
Sun, 21 Jul 2024 21:11:37 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
160 KB
52 KB
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: updown.fun
URL: https://updown.fun/lvgKGxn238Qn/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
14ff610ffb1d112a121b470fc7628fb5a687a37b3868c201ba4f2b17b8ac789b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://updown.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 11:25:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53458
x-xss-protection
0
server
cafe
etag
8718703154505146230
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sun, 21 Jul 2024 11:25:36 GMT
favicon.png
updown.fun/themes/basic/images/
23 KB
23 KB
Other
General
Full URL
https://updown.fun/themes/basic/images/favicon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:30db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70a0cbd5da8ffd00e18fc33a560acbb80e71accab5b59b1e3ccf5e2f96d16401

Request headers

Referer
https://updown.fun/lvgKGxn238Qn/file
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 11:25:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1428170
x-cache-status
BYPASS
alt-svc
h3=":443"; ma=86400
content-length
23356
last-modified
Thu, 04 Jul 2024 19:50:45 GMT
server
cloudflare
etag
"5b3c-61c7143470616"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WZhsD%2B7KViVD2P%2FRYJQLai3JoofIEJRU40qAsIED9TI3QAZrOSZaQJHMKQ0bdrGuekCzqCfFaYVLZD1rxo22Eu1uNyIHFwI3G1MYh3joFzx4OJ38O8SfCEPiu%2BUqxg3MhvOwkq%2Fi8txO"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8a6ad4cb78954304-EWR
expires
Fri, 04 Jul 2025 22:42:45 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
160 KB
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: updown.fun
URL: https://updown.fun/themes/basic/assets/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
14ff610ffb1d112a121b470fc7628fb5a687a37b3868c201ba4f2b17b8ac789b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://updown.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 11:25:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53458
x-xss-protection
0
server
cafe
etag
8718703154505146230
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sun, 21 Jul 2024 11:25:36 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/
534 KB
212 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c04::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ec782544506a0aea967ea044659c633e1ee735b79e5172cb263797cc5cefe3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://updown.fun/
Origin
https://updown.fun
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 05:46:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20359
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
216123
x-xss-protection
0
last-modified
Sun, 23 Jun 2024 08:01:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 21 Jul 2025 05:46:17 GMT
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-NJWSM9V4VG&gtm=45je47h0v9189126678za200&_p=1721561135850&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=278769714.1721561136&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1721561136&sct=1&seg=0&dl=https%3A%2F%2Fupdown.fun%2FlvgKGxn238Qn%2Ffile&dt=Updown.fun%20%E2%80%94%20Download%20%E2%80%94%20Cheaterclub&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2522&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NJWSM9V4VG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://updown.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jul 2024 11:25:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://updown.fun
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame AB65
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeZiwYqAAAAAId06riILcVlfLc_swowpjPf2i6o&co=aHR0cHM6Ly91cGRvd24uZnVuOjQ0Mw..&hl=en&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=normal&cb=my7olrf89pr8
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c0d::63 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NiA9JONSymGmB1FlWGf1mQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://updown.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-NiA9JONSymGmB1FlWGf1mQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 21 Jul 2024 11:25:37 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
bframe
www.google.com/recaptcha/api2/ Frame 4999
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=rKbTvxTxwcw5VqzrtN-ICwWt&k=6LeZiwYqAAAAAId06riILcVlfLc_swowpjPf2i6o
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c0d::63 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2SzkWYVCmBUaNQOzRHlPgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://updown.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-2SzkWYVCmBUaNQOzRHlPgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 21 Jul 2024 11:25:38 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| __cfQR function| protection function| gtag object| dataLayer function| $ function| jQuery number| uidEvent object| bootstrap function| copy function| recaptchaCallback boolean| __cfRLUnblockHandlers object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| recaptcha object| closure_lm_844791

5 Cookies

Domain/Path Name / Value
updown.fun/ Name: XSRF-TOKEN
Value: eyJpdiI6Ik9FWEJLK0t6Q0UvOXpTQkp1NFM1NkE9PSIsInZhbHVlIjoiZnQzL3ZTYnJpNnRDK3k2a0xxNXNzR0huR085VkFqMDlxVThwSUV2ajhsQS9wMlRnUUhKUlJmZXQ3SGozNXRCa2xNekdxN0pETldiaDlod0haZ1hpMTVQVnJWRFBtU2l2RXdLRDRDeThIaGZUUmUxM05VUys2UmxkVnpOZzhQdXciLCJtYWMiOiIzN2U2YmEzM2U0MmMzMGE0ZDgxMGY0ZDQ3NTI3MzZmNzliNDVmNmQ0N2JlODM1OWVmYTFkMTU2NTgzZTc0YzMyIiwidGFnIjoiIn0%3D
updown.fun/ Name: updownfun_user_session
Value: eyJpdiI6ImFDZlVJNFY5TGxleDVxSjFNY3p1Unc9PSIsInZhbHVlIjoiaklLV3ZETVZmaWpaaEZqUEFXZE8yV2J5OWE3REZMTjh6amNJUG96S012VzRQTGpCSDBkQmxrdW9pSnF2MFd6UUhKR0hFT1hlM0ZTYWlxMzdabnlNblRPdTJLYVd4VXJOcm1laGNJNDZlRVNBL21BQWJGSEIxcDZjdGdkWEIrK1MiLCJtYWMiOiI0ZDc0OWIyZTdjMDAxZDZlOGQ1MWE0OTFiMTE0OTY5OTVhOGZlODQ0Y2RhOGU1ZDNiYzhkODMyYmRkMTg4NDkxIiwidGFnIjoiIn0%3D
updown.fun/ Name: adb
Value: 1
.updown.fun/ Name: _ga_NJWSM9V4VG
Value: GS1.1.1721561136.1.0.1721561136.0.0.0
.updown.fun/ Name: _ga
Value: GA1.1.278769714.1721561136

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
pagead2.googlesyndication.com
updown.fun
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
2001:4860:4802:36::178
2606:4700:3032::6815:30db
2607:f8b0:4004:c07::9d
2607:f8b0:400d:c01::61
2607:f8b0:400d:c04::5e
2607:f8b0:400d:c0d::5e
2607:f8b0:400d:c0d::63
2607:f8b0:400d:c0d::69
2607:f8b0:400d:c0e::5f
0ec782544506a0aea967ea044659c633e1ee735b79e5172cb263797cc5cefe3a
1262bff0591c36094d058ab102b84ce34eb1e547e8ff00557bf8d55449e58e40
14ff610ffb1d112a121b470fc7628fb5a687a37b3868c201ba4f2b17b8ac789b
188a706590dc9e898c5c90a1da8346a9bc732cad28884386fbf20b05f4e83594
2dfa41264bc484592ebec666be5a2d333d8e5dae6cffb8c4ddbbbf9e5c49f729
373669430b4ff3da1a6f4e7fa1549d20f282b6206f87a1edfc3e363ac4818550
3e5bcbef6de2733340d0a5a46e17adefa2f86fa89f5275c05c63831b011b88cc
404c746c8f7e3f9b7611a8f23d908c1a32a5c972236b9d89bb68b05d9bf4b905
4250a7a8bace76e55d3f940c431cc31a925ef183faaea8499d4da8889df9d2f7
457d42dfc58373e2b07655f896ed685ba9729c2111684fd6eb02bf3697634939
70a0cbd5da8ffd00e18fc33a560acbb80e71accab5b59b1e3ccf5e2f96d16401
7dccacdf65a58081f0d11f508b3ca8735df46dd53ad7f6839a240493a26ac597
86fdf7262a2623f0a4b36c76786d199186cb4d2f9212177f78c6d319695bd8a7
899d37d16eb5aca9ef09b36137278482714583285ae98a81d5e5b5181c952d8f
8f764efbb2cdb303e3019325d811225ead27d656f8b40390de427db1415dc56a
941ba21a55ec94d6378d654a9c712fe2c191edd16ee1a802697715ada1cd0cc6
97201a142a3afc89ed1ac7a866b28fcbc877f07eabbd1071b3104b25af091d9a
b61ca0a855574122c31da4722ca0a2cde64ab714ab456e32b7c1bf791f64bb46
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ce937fd256c0c14466ed1104d33567c34bd8787abe060dd2207462daffc98baf
cfce45fef72ed85dc66c57fd1fa7262f9686b08188832fbfce26a7a467d455b0
d76fb4e841748a3f6bc63efa23156e02631c283bf41f84efcbdaf339ea3e1b73
e0cba1d52a17d4541482476fa1ca0f6b5d842657e1fcc8515fef3206ef9556bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e69ea651ffbd11346d2d9c2429f65762e64d371f611d0705e4828199abff6148
f1e4c18549167223af672ff319ac7293d52e09fd02544d08d4166078b5f36c4d