theweeklyupside.com Open in urlscan Pro
2606:4700:3033::6815:7f8 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ktgcr.link/VTy97
Effective URL:
https://theweeklyupside.com/4/ca-surv/index.html?session=4126d43074f8fd999bb62e7b01ec36b2&fluxf=1968300579035115903&fluxffn=...
Submission Tags: @phish_report
Submission: On September 07 via api (September 7th 2023, 6:44:01 am UTC) from FI — Scanned from FI

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 6 domains to perform 16 HTTP transactions. The main IP is 2606:4700:3033::6815:7f8, located in United States and belongs to CLOUDFLARENET, US. The main domain is theweeklyupside.com.
TLS certificate: Issued by GTS CA 1P5 on July 14th 2023. Valid for: 3 months.

This is the only time theweeklyupside.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3033::6815:41e0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700:303... 2606:4700:3030::ac43:9cfe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2606:4700:303... 2606:4700:3033::6815:7f8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:e4:... 2606:4700:e4::ac40:a21b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
16	5

1 2606:4700:3033::6815:41e0 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ktgcr.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3030::ac43:9cfe (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cuberacer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:3033::6815:7f8 (United States)

ASN13335 (CLOUDFLARENET, US)

theweeklyupside.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e4::ac40:a21b (United States)

ASN13335 (CLOUDFLARENET, US)

k.chasingglitters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	theweeklyupside.com theweeklyupside.com	442 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 249	91 KB
2	cuberacer.net 1 redirects cuberacer.net — Cisco Umbrella Rank: 365977	2 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 58
1	chasingglitters.com k.chasingglitters.com — Cisco Umbrella Rank: 265219	8 KB
1	ktgcr.link 1 redirects ktgcr.link	1 KB
16	6

	Domain	Requested by
9	theweeklyupside.com	theweeklyupside.com
4	cdnjs.cloudflare.com	theweeklyupside.com
2	cuberacer.net	1 redirects
1	fonts.googleapis.com	theweeklyupside.com
1	k.chasingglitters.com	theweeklyupside.com
1	ktgcr.link	1 redirects
16	6

This site contains no links.

Subject Issuer	Validity	Valid
cuberacer.net GTS CA 1P5	`2023-08-22` - `2023-11-20`	3 months	crt.sh
theweeklyupside.com GTS CA 1P5	`2023-07-14` - `2023-10-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
chasingglitters.com GTS CA 1P5	`2023-07-20` - `2023-10-18`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://theweeklyupside.com/4/ca-surv/index.html?session=4126d43074f8fd999bb62e7b01ec36b2&fluxf=1968300579035115903&fluxffn=1969036069150003357&ffdomain=cuberacer.net&firstname=Stephane&surname=&city=&ts=1551669368174036377&tt=tkIutNBrjVvrxk15EC3YslyIQtNFBHcb1zKeHFl-ijAbiNwy3Iibg7E424fhCv115TsNsB6moomQecc6JgXYhA&pageid=1969035692222415235
Frame ID: F590B5362DB49142627B2A1D31D57425
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Survey Rewards!

Page URL History Show full URLs

http://ktgcr.link/VTy97 HTTP 302
https://cuberacer.net/?flux_fts=tapoxzzlcazxlttlazxetlltppaxpotcizxpxccff051&link_id=6608&schedule... HTTP 307
https://cuberacer.net/go/4/ca-surv/index.html?session=4126d43074f8fd999bb62e7b01ec36b2&fluxf=19683... Page URL
https://theweeklyupside.com/4/ca-surv/index.html?session=4126d43074f8fd999bb62e7b01ec36b2&fluxf=19683005... Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

16
Requests

100 %
HTTPS

100 %
IPv6

6
Domains

6
Subdomains

5
IPs

2
Countries

543 kB
Transfer

792 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ktgcr.link/VTy97 HTTP 302
https://cuberacer.net/?flux_fts=tapoxzzlcazxlttlazxetlltppaxpotcizxpxccff051&link_id=6608&schedule_id=60784&message_id=374594&firstname=Stephane&surname=&city=&token=445136665&ss=&class=red&su=&tt=tkIutNBrjVvrxk15EC3YslyIQtNFBHcb1zKeHFl-ijAbiNwy3Iibg7E424fhCv115TsNsB6moomQecc6JgXYhA%3D%3D&phone=9057031284&email=Sbalogh392%40gmail.com&source= HTTP 307
https://cuberacer.net/go/4/ca-surv/index.html?session=4126d43074f8fd999bb62e7b01ec36b2&fluxf=1968300579035115903&fluxffn=1969036069150003357&ffdomain=cuberacer.net&firstname=Stephane&surname=&city=&ts=1551669368174036377&tt=tkIutNBrjVvrxk15EC3YslyIQtNFBHcb1zKeHFl-ijAbiNwy3Iibg7E424fhCv115TsNsB6moomQecc6JgXYhA&pageid=1969035692222415235 Page URL
https://theweeklyupside.com/4/ca-surv/index.html?session=4126d43074f8fd999bb62e7b01ec36b2&fluxf=1968300579035115903&fluxffn=1969036069150003357&ffdomain=cuberacer.net&firstname=Stephane&surname=&city=&ts=1551669368174036377&tt=tkIutNBrjVvrxk15EC3YslyIQtNFBHcb1zKeHFl-ijAbiNwy3Iibg7E424fhCv115TsNsB6moomQecc6JgXYhA&pageid=1969035692222415235 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://ktgcr.link/VTy97 HTTP 302
https://cuberacer.net/?flux_fts=tapoxzzlcazxlttlazxetlltppaxpotcizxpxccff051&link_id=6608&schedule_id=60784&message_id=374594&firstname=Stephane&surname=&city=&token=445136665&ss=&class=red&su=&tt=tkIutNBrjVvrxk15EC3YslyIQtNFBHcb1zKeHFl-ijAbiNwy3Iibg7E424fhCv115TsNsB6moomQecc6JgXYhA%3D%3D&phone=9057031284&email=Sbalogh392%40gmail.com&source= HTTP 307
https://cuberacer.net/go/4/ca-surv/index.html?session=4126d43074f8fd999bb62e7b01ec36b2&fluxf=1968300579035115903&fluxffn=1969036069150003357&ffdomain=cuberacer.net&firstname=Stephane&surname=&city=&ts=1551669368174036377&tt=tkIutNBrjVvrxk15EC3YslyIQtNFBHcb1zKeHFl-ijAbiNwy3Iibg7E424fhCv115TsNsB6moomQecc6JgXYhA&pageid=1969035692222415235

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

index.html
cuberacer.net/go/4/ca-surv/
Redirect Chain

http://ktgcr.link/VTy97
https://cuberacer.net/?flux_fts=tapoxzzlcazxlttlazxetlltppaxpotcizxpxccff051&link_id=6608&schedule_id=60784&message_id=374594&firstname=Stephane&surname=&city=&token=445136665&ss=&class=red&su=&tt=...
https://cuberacer.net/go/4/ca-surv/index.html?session=4126d43074f8fd999bb62e7b01ec36b2&fluxf=1968300579035115903&fluxffn=1969036069150003357&ffdomain=cuberacer.net&firstname=Stephane&surname=&city=...

1 KB
791 B

97ms
96ms

Document
text/html

2606:4700:3030::ac43:9cfe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cuberacer.net/go/4/ca-surv/index.html?session=4126d43074f8fd999bb62e7b01ec36b2&fluxf=1968300579035115903&fluxffn=1969036069150003357&ffdomain=cuberacer.net&firstname=Stephane&surname=&city=&ts=1551669368174036377&tt=tkIutNBrjVvrxk15EC3YslyIQtNFBHcb1zKeHFl-ijAbiNwy3Iibg7E424fhCv115TsNsB6moomQecc6JgXYhA&pageid=1969035692222415235
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:9cfe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 802cfae8aa01d8fe-HEL
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 07 Sep 2023 06:43:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c9ifUBEvhtFJycFhrXONAA6mP0oHAxuEw%2BrMnY4ie43Pm9II15Lg7jnjEZZsxGT%2FwqGX0pyHLBxcpgJ2DVhPpiCWOqxr%2FG5l7DtegN8syA%2FbKQ%2BLwL7oDW8f1spJynwgNQ7ERBw2psELK9OG"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.3.33

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 802cfae79ffdd8fe-HEL
content-type: text/html; charset=utf-8
date: Thu, 07 Sep 2023 06:43:54 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://cuberacer.net/go/4/ca-surv/index.html?session=4126d43074f8fd999bb62e7b01ec36b2&fluxf=1968300579035115903&fluxffn=1969036069150003357&ffdomain=cuberacer.net&firstname=Stephane&surname=&city=&ts=1551669368174036377&tt=tkIutNBrjVvrxk15EC3YslyIQtNFBHcb1zKeHFl-ijAbiNwy3Iibg7E424fhCv115TsNsB6moomQecc6JgXYhA&pageid=1969035692222415235
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="This is not a P3P policy"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nt6k0QBw0fUeheXwAPY2Yodw55%2FhLo1uudvER3pjhtjAJoIFYbPjkbydrM%2BPlNUft80QTjGtho%2FWDGOpQtBB35Xe4Lsx%2B4lPs7H9j71XrIbQJlOvZ6LSMR8ZCmurgnHKz9INB%2ByDmVyy1Wk4"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.3.33
x-robots-tag: noindex, noarchive, nofollow

GET
H2 200 Primary Request index.html Show response
theweeklyupside.com/4/ca-surv/ 3 KB
2 KB 206ms
88ms Document
text/html 2606:4700:3033::6815:7f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theweeklyupside.com/4/ca-surv/index.html?session=4126d43074f8fd999bb62e7b01ec36b2&fluxf=1968300579035115903&fluxffn=1969036069150003357&ffdomain=cuberacer.net&firstname=Stephane&surname=&city=&ts=1551669368174036377&tt=tkIutNBrjVvrxk15EC3YslyIQtNFBHcb1zKeHFl-ijAbiNwy3Iibg7E424fhCv115TsNsB6moomQecc6JgXYhA&pageid=1969035692222415235
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:7f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af96e054baeb0c313738c0f4faef0768f2b1bd145c37575a25f1e8f6ceb0f56c

Request headers

Referer: https://cuberacer.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 802cfaea5e554c80-HEL
content-encoding: br
content-type: text/html
date: Thu, 07 Sep 2023 06:43:54 GMT
last-modified: Tue, 05 Sep 2023 09:54:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5I3eDAedoo7QeX6lSXhyzTB5N09qAmY6WuoYHbaoT0OVYEREE0JoydEOU8ctc8vhqunJVBBUCvjie%2FmopKxCxclMEpoNUhzsIriHFCyr7wsTXQuUxtJ8GhzDLPkF4w2NYTi2FjO975RRXegTK9I0vXxw"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 styles.css
theweeklyupside.com/4/ca-surv/css/ 12 KB
4 KB 96ms
37ms Stylesheet
text/css 2606:4700:3033::6815:7f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theweeklyupside.com/4/ca-surv/css/styles.css
Requested by: Host: theweeklyupside.com
URL: https://theweeklyupside.com/4/ca-surv/index.html?session=4126d43074f8fd999bb62e7b01ec36b2&fluxf=1968300579035115903&fluxffn=1969036069150003357&ffdomain=cuberacer.net&firstname=Stephane&surname=&city=&ts=1551669368174036377&tt=tkIutNBrjVvrxk15EC3YslyIQtNFBHcb1zKeHFl-ijAbiNwy3Iibg7E424fhCv115TsNsB6moomQecc6JgXYhA&pageid=1969035692222415235
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:7f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fc6be0cf47ddda07babc6a764562f2b024b0a5e744fd0d3615a73005ae02ae6

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theweeklyupside.com/4/ca-surv/index.html?session=4126d43074f8fd999bb62e7b01ec36b2&fluxf=1968300579035115903&fluxffn=1969036069150003357&ffdomain=cuberacer.net&firstname=Stephane&surname=&city=&ts=1551669368174036377&tt=tkIutNBrjVvrxk15EC3YslyIQtNFBHcb1zKeHFl-ijAbiNwy3Iibg7E424fhCv115TsNsB6moomQecc6JgXYhA&pageid=1969035692222415235
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 07 Sep 2023 06:43:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 05 Sep 2023 09:54:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 65
etag: W/"64f6fac8-3144"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HJj0%2F%2FM6zM0xkpdXvo7lZjDtc8U1hpn3tsvnNcT6ATWVWvc6ngycxY0h2CVEO2nj9iMGnsF2LDIH3pI6ObxvQutEHDYiq5NkdE6RAr%2FZImL5vdqPWosFroI0eIem%2FyaxRO5xcB6DI67KuLrXdsAnKeSv"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 802cfaeb48cf4c80-HEL
alt-svc: h3=":443"; ma=86400

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.11.2/ 69 KB
25 KB 186ms
46ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.11.2/gsap.min.js

Requested by

Host: theweeklyupside.com
URL: https://theweeklyupside.com/4/ca-surv/index.html?session=4126d43074f8fd999bb62e7b01ec36b2&fluxf=1968300579035115903&fluxffn=1969036069150003357&ffdomain=cuberacer.net&firstname=Stephane&surname=&city=&ts=1551669368174036377&tt=tkIutNBrjVvrxk15EC3YslyIQtNFBHcb1zKeHFl-ijAbiNwy3Iibg7E424fhCv115TsNsB6moomQecc6JgXYhA&pageid=1969035692222415235

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06f66c7beb4164979a2bc183462dbbb4a148d374d6aca4dc0b0548d8aeae8387

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theweeklyupside.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 07 Sep 2023 06:43:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5580399
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 25107
last-modified: Tue, 27 Sep 2022 06:04:22 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "63329266-6213"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P5OV7y3joVj3490urrPj%2F7zpMXlM%2BjmNfok%2F0cauR7pgZWlWjOgxq3lC3YISJZ3bKhLuVVSf0a4cQ17SVjjdfe1aFj9hnStjIMI8utqDqbotz%2BMxYVgi8a02znUmkvrS498FVMRT1bCY0Uk8mpYtJK8u"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 802cfaebed7cd973-HEL
expires: Tue, 27 Aug 2024 06:43:54 GMT

GET
H2 200 swiper-bundle.min.js Show response
cdnjs.cloudflare.com/ajax/libs/Swiper/8.4.2/ 140 KB
34 KB 193ms
54ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/Swiper/8.4.2/swiper-bundle.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b371923804cb98c5b848471f8b716055d223cd8c331bc2bd21ce87a1767dfa9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theweeklyupside.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 07 Sep 2023 06:43:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4289644
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 34580
last-modified: Thu, 22 Jun 2023 10:42:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "649425b2-8714"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PryFZV6THUvHgBOnshTmLhYNYiistZsynrm1wqmCTUr2fTviInDhhbVBa63AlHC%2BHuoRmQJtQ0ZHcDdkJ%2BrILFzEc1PIALZh1r7OAJ%2FjDXhknas46FTRQ9i6iLi1BRp4nRYZ34ylRKyJ3KjctTus7%2BvA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 802cfaebed7ad973-HEL
expires: Tue, 27 Aug 2024 06:43:54 GMT

GET
H2 200 swiper-bundle.css
cdnjs.cloudflare.com/ajax/libs/Swiper/8.4.2/ 19 KB
5 KB 184ms
45ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/Swiper/8.4.2/swiper-bundle.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d54bb44558b70147d4a4b996ee7492e685004d837d0ac66a10a723f774133941

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theweeklyupside.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 07 Sep 2023 06:43:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 53777
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4226
last-modified: Thu, 22 Jun 2023 10:42:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "649425b2-1082"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Qpx9ax7HDnIzZmXszObbiB1R49UsmwzK8kZpsSD0c2fn3MTb%2FSYZIn2XRQQ70iZiyADlQxTxKn6tZaho%2B%2Bn8orvRweWcYr4ZolXSIL%2Bwdvhh5qdrE1%2BS8VZLWs%2BF6naNRCDuLQyGyhCNXZXr3g4pNPA"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 802cfaebed74d973-HEL
expires: Tue, 27 Aug 2024 06:43:54 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 87 KB
28 KB 64ms
63ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theweeklyupside.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 07 Sep 2023 06:43:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1863856
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27967
last-modified: Thu, 22 Jun 2023 11:06:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942b1e-6d3f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5jSV9BHtNKynmujkb7z1ayJTsW%2FgSQ%2BDvyrsC%2BxTScLABveW4p6opmSANEoDqaEi643TaPDzp1U93xzTVtltT7cMiFjjvmi674ZXgBLlxUJfHB4F65UNj8F1sOqagmiudGrmP8tz4K7DZDeyOr0E2lER"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 802cfaec5f24d973-HEL
expires: Tue, 27 Aug 2024 06:43:54 GMT

GET
H3 200 txt.js Show response
theweeklyupside.com/4/ca-surv/js/ 3 KB
2 KB 58ms
58ms Script
application/javascript 2606:4700:3033::6815:7f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theweeklyupside.com/4/ca-surv/js/txt.js
Requested by: Host: theweeklyupside.com
URL: https://theweeklyupside.com/4/ca-surv/index.html?session=4126d43074f8fd999bb62e7b01ec36b2&fluxf=1968300579035115903&fluxffn=1969036069150003357&ffdomain=cuberacer.net&firstname=Stephane&surname=&city=&ts=1551669368174036377&tt=tkIutNBrjVvrxk15EC3YslyIQtNFBHcb1zKeHFl-ijAbiNwy3Iibg7E424fhCv115TsNsB6moomQecc6JgXYhA&pageid=1969035692222415235
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:7f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34c5fd0a62a87baf672eb1049c56fb861f7e0bb688538e16a06468645ab3efb6

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theweeklyupside.com/4/ca-surv/index.html?session=4126d43074f8fd999bb62e7b01ec36b2&fluxf=1968300579035115903&fluxffn=1969036069150003357&ffdomain=cuberacer.net&firstname=Stephane&surname=&city=&ts=1551669368174036377&tt=tkIutNBrjVvrxk15EC3YslyIQtNFBHcb1zKeHFl-ijAbiNwy3Iibg7E424fhCv115TsNsB6moomQecc6JgXYhA&pageid=1969035692222415235
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 07 Sep 2023 06:43:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 05 Sep 2023 09:54:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 66
etag: W/"64f6faca-db9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R50v%2F%2FPUiZ6AsY%2FByZ6aay7qx3vOfWvBcWpuagbpnzCqKtmsxY95EG4GIKz9p3TnJuEzN2et87ksfusYwd27iAyyrAXKKVUkje9HMZoGgtesCP0j86WV3yLVjMy2iorTfmHfC5hIvwPMGGmsRgyaMNCQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 802cfaecff4bd926-HEL
alt-svc: h3=":443"; ma=86400

GET
H3 200 main.js Show response
theweeklyupside.com/4/ca-surv/js/ 3 KB
1 KB 41ms
39ms Script
application/javascript 2606:4700:3033::6815:7f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theweeklyupside.com/4/ca-surv/js/main.js
Requested by: Host: theweeklyupside.com
URL: https://theweeklyupside.com/4/ca-surv/index.html?session=4126d43074f8fd999bb62e7b01ec36b2&fluxf=1968300579035115903&fluxffn=1969036069150003357&ffdomain=cuberacer.net&firstname=Stephane&surname=&city=&ts=1551669368174036377&tt=tkIutNBrjVvrxk15EC3YslyIQtNFBHcb1zKeHFl-ijAbiNwy3Iibg7E424fhCv115TsNsB6moomQecc6JgXYhA&pageid=1969035692222415235
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:7f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d9043151062c2c8b2748ab74ca5ea7cf5dd5313a9d3b8160354aff927aa374f

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theweeklyupside.com/4/ca-surv/index.html?session=4126d43074f8fd999bb62e7b01ec36b2&fluxf=1968300579035115903&fluxffn=1969036069150003357&ffdomain=cuberacer.net&firstname=Stephane&surname=&city=&ts=1551669368174036377&tt=tkIutNBrjVvrxk15EC3YslyIQtNFBHcb1zKeHFl-ijAbiNwy3Iibg7E424fhCv115TsNsB6moomQecc6JgXYhA&pageid=1969035692222415235
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 07 Sep 2023 06:43:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 05 Sep 2023 09:54:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 66
etag: W/"64f6faca-bf6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dKWAeQ284QUyOMzA5O56qciBhmRTivo7QChYQXARocukLemh%2F7%2F%2FOzZfNA0GREdX0alfsovNrofDI%2FCOgTZPtR4T5N%2B%2FUhId3lK%2FQSQD04bZg2T1QVQmEidEhYoXoTmk50s8fccVxBuNHi3DmBLipB1e"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 802cfaed6814d926-HEL
alt-svc: h3=":443"; ma=86400

GET
H3 200 logo.png
theweeklyupside.com/4/ca-surv/img/ 7 KB
8 KB 48ms
47ms Image
image/png 2606:4700:3033::6815:7f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theweeklyupside.com/4/ca-surv/img/logo.png
Requested by: Host: theweeklyupside.com
URL: https://theweeklyupside.com/4/ca-surv/index.html?session=4126d43074f8fd999bb62e7b01ec36b2&fluxf=1968300579035115903&fluxffn=1969036069150003357&ffdomain=cuberacer.net&firstname=Stephane&surname=&city=&ts=1551669368174036377&tt=tkIutNBrjVvrxk15EC3YslyIQtNFBHcb1zKeHFl-ijAbiNwy3Iibg7E424fhCv115TsNsB6moomQecc6JgXYhA&pageid=1969035692222415235
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:7f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 983fe47291b6ef3da0b3fa55c5e49bcedae394163ad3626a3620a654ef55fc3b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theweeklyupside.com/4/ca-surv/index.html?session=4126d43074f8fd999bb62e7b01ec36b2&fluxf=1968300579035115903&fluxffn=1969036069150003357&ffdomain=cuberacer.net&firstname=Stephane&surname=&city=&ts=1551669368174036377&tt=tkIutNBrjVvrxk15EC3YslyIQtNFBHcb1zKeHFl-ijAbiNwy3Iibg7E424fhCv115TsNsB6moomQecc6JgXYhA&pageid=1969035692222415235
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 07 Sep 2023 06:43:55 GMT
cf-cache-status: HIT
last-modified: Tue, 05 Sep 2023 09:54:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 66
etag: "64f6fac9-1d7f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w2La9L7XK3ZEh%2Bk5XdPBp0%2F%2FQhdmNq6zvR36KQPa%2FdDlf7ccN572JxBLu5Q2p6ufWyQr%2FpxPbWSPjICLPo2G4ZesZI96RH2wO4WED0TFgptg761JI3Ti892Ljxso0fdDg2GbXxn04AoQiPpkK04rVz8Z"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 802cfaed9880d926-HEL
alt-svc: h3=":443"; ma=86400
content-length: 7551

GET
H3 200 mainImg.png
theweeklyupside.com/4/ca-surv/img/ 310 KB
311 KB 60ms
59ms Image
image/png 2606:4700:3033::6815:7f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theweeklyupside.com/4/ca-surv/img/mainImg.png
Requested by: Host: theweeklyupside.com
URL: https://theweeklyupside.com/4/ca-surv/index.html?session=4126d43074f8fd999bb62e7b01ec36b2&fluxf=1968300579035115903&fluxffn=1969036069150003357&ffdomain=cuberacer.net&firstname=Stephane&surname=&city=&ts=1551669368174036377&tt=tkIutNBrjVvrxk15EC3YslyIQtNFBHcb1zKeHFl-ijAbiNwy3Iibg7E424fhCv115TsNsB6moomQecc6JgXYhA&pageid=1969035692222415235
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:7f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb913b6a5b60c9813d978b00ccdb9e7534cb8df50ab527d2354fcaf34a5421d1

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theweeklyupside.com/4/ca-surv/index.html?session=4126d43074f8fd999bb62e7b01ec36b2&fluxf=1968300579035115903&fluxffn=1969036069150003357&ffdomain=cuberacer.net&firstname=Stephane&surname=&city=&ts=1551669368174036377&tt=tkIutNBrjVvrxk15EC3YslyIQtNFBHcb1zKeHFl-ijAbiNwy3Iibg7E424fhCv115TsNsB6moomQecc6JgXYhA&pageid=1969035692222415235
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 07 Sep 2023 06:43:55 GMT
cf-cache-status: HIT
last-modified: Tue, 05 Sep 2023 09:54:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 66
etag: "64f6fac9-4d87d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2FlCKZzEl0QpbsICmyEHUYEEAmVe3bJHrRhcNcy5URSK7j4SNoyPFf%2BqeHkhoJxKnLxRAYfHanFwLXSh14nmWtSuwNWEKmhwCKSfXCPwOW0kqBsDy4w9wQDbG%2BohAo3UH2PS9oNCc6Kjwj0hYMrZEEbL"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 802cfaed9885d926-HEL
alt-svc: h3=":443"; ma=86400
content-length: 317565

GET
H3 200 pers.png
theweeklyupside.com/4/ca-surv/img/ 355 B
821 B 42ms
41ms Image
image/png 2606:4700:3033::6815:7f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theweeklyupside.com/4/ca-surv/img/pers.png
Requested by: Host: theweeklyupside.com
URL: https://theweeklyupside.com/4/ca-surv/index.html?session=4126d43074f8fd999bb62e7b01ec36b2&fluxf=1968300579035115903&fluxffn=1969036069150003357&ffdomain=cuberacer.net&firstname=Stephane&surname=&city=&ts=1551669368174036377&tt=tkIutNBrjVvrxk15EC3YslyIQtNFBHcb1zKeHFl-ijAbiNwy3Iibg7E424fhCv115TsNsB6moomQecc6JgXYhA&pageid=1969035692222415235
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:7f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ee89758a642f99089b4952d11553ff8a672246383901d1f95b934e4c92e0049

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theweeklyupside.com/4/ca-surv/index.html?session=4126d43074f8fd999bb62e7b01ec36b2&fluxf=1968300579035115903&fluxffn=1969036069150003357&ffdomain=cuberacer.net&firstname=Stephane&surname=&city=&ts=1551669368174036377&tt=tkIutNBrjVvrxk15EC3YslyIQtNFBHcb1zKeHFl-ijAbiNwy3Iibg7E424fhCv115TsNsB6moomQecc6JgXYhA&pageid=1969035692222415235
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 07 Sep 2023 06:43:55 GMT
cf-cache-status: HIT
last-modified: Tue, 05 Sep 2023 09:54:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 66
etag: "64f6fac9-163"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XbMC3y83dWaR3Z1y7R2Oivoy0pZQUPQpcr6dACd16xMvpuwqTRPwNpZY2BQq54mA7aJIyy9tuxUB3WLWUKJjIJaZNj%2BN7Bw47hlriwvL1tsmZ%2F169j8IIVZjK7Bs18HT74WhjUjvk3JYJWMd9rmKYTwg"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 802cfaed9888d926-HEL
alt-svc: h3=":443"; ma=86400
content-length: 355

GET
H2 200 embed.js Show response
k.chasingglitters.com/ 22 KB
8 KB 198ms
54ms Script
application/javascript 2606:4700:e4::ac40:a21b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://k.chasingglitters.com/embed.js
Requested by: Host: theweeklyupside.com
URL: https://theweeklyupside.com/4/ca-surv/index.html?session=4126d43074f8fd999bb62e7b01ec36b2&fluxf=1968300579035115903&fluxffn=1969036069150003357&ffdomain=cuberacer.net&firstname=Stephane&surname=&city=&ts=1551669368174036377&tt=tkIutNBrjVvrxk15EC3YslyIQtNFBHcb1zKeHFl-ijAbiNwy3Iibg7E424fhCv115TsNsB6moomQecc6JgXYhA&pageid=1969035692222415235
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a21b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6575b6aa7cd10f1ea8d43bc8577c45afd3964d1d423c79c7c77d0dbf4ad136d3

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theweeklyupside.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 07 Sep 2023 06:43:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 06 Dec 2021 10:35:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2334
etag: W/"61ade779-58b1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2FOh2FYjhYJeAC6jYDF0wu9gVxsjTX7aXy%2BzcodzqVfpijfN94sxp4JxKLbdE9OHSnU1IGi1%2FYNf%2FQ%2FmKJZjl569R0su5rph8Uqo3WLnQV0GvUDUOXiQ%2FtVAto7Vm8vihSC950nLpcaPpPpDgJJpXFHUoYA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 802cfaee7ba42d69-ARN
alt-svc: h3=":443"; ma=86400

GET
H2 400 css2
fonts.googleapis.com/ 0
0 270ms
90ms Stylesheet
text/html 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.googleapis.com/css2?family=DM+Serif+Display:wght@600&family=Lato:wght@400;400&family=Montserrat:wght@400;500;600;700;800&display=swap
Requested by: Host: theweeklyupside.com
URL: https://theweeklyupside.com/4/ca-surv/css/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theweeklyupside.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

GET
H3 200 bg.jpg
theweeklyupside.com/4/ca-surv/img/ 65 KB
65 KB 277ms
277ms Image
image/jpeg 2606:4700:3033::6815:7f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theweeklyupside.com/4/ca-surv/img/bg.jpg
Requested by: Host: theweeklyupside.com
URL: https://theweeklyupside.com/4/ca-surv/css/styles.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:7f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4dfd554a21d50b5f5308c095b7942a305d6ca75744b18070aead8c8520c83da

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theweeklyupside.com/4/ca-surv/css/styles.css
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 07 Sep 2023 06:43:55 GMT
cf-cache-status: HIT
last-modified: Tue, 05 Sep 2023 09:54:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 66
etag: "64f6fac9-10328"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m9E7gx1kY1z7jBogS%2BFB06ycNzDOFyzyUgTDjwIgdsCueaG3BghVIu1bJuEpVQkQflzgmwSgnWdMD9Bqf21SLs2rIDrU9sw4zzFer%2ByM%2BTCRxh97CdGXehsfjWVXXNNCwVOTeaYYc2lOqunMHKtzneUq"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 802cfaeda89bd926-HEL
alt-svc: h3=":443"; ma=86400
content-length: 66344

GET
H3 200 bg2.jpg
theweeklyupside.com/4/ca-surv/img/ 48 KB
49 KB 306ms
306ms Image
image/jpeg 2606:4700:3033::6815:7f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theweeklyupside.com/4/ca-surv/img/bg2.jpg
Requested by: Host: theweeklyupside.com
URL: https://theweeklyupside.com/4/ca-surv/css/styles.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:7f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bc1d3d8ff05c23eae4bd7e65fb2beceb1b1e9ec1dcb0ca99e572ffccdc8cd8d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theweeklyupside.com/4/ca-surv/css/styles.css
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 07 Sep 2023 06:43:55 GMT
cf-cache-status: HIT
last-modified: Tue, 05 Sep 2023 09:54:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 66
etag: "64f6fac9-c1db"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A0HchrsNSun5BOneZbNdKxYtHCB5UlCJn7XE2Y1K9qbsl88eX3gRWJUkr3IGDOGCSJVOqUriyFnmhi0jH58WUX1piGCZwNCsVB104hSW3jz9SPT27jyTKCKfY8pvy6OQm1GVsyeqfdwfRDnK8t9zMg14"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 802cfaeda89fd926-HEL
alt-svc: h3=":443"; ma=86400
content-length: 49627

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			cuberacer.net/	1970-01-20 14:35:55	Name: PHPSESSID Value: 4126d43074f8fd999bb62e7b01ec36b2
			cuberacer.net/	1970-01-20 23:20:05	Name: csid3 Value: 4126d43074f8fd999bb62e7b01ec36b2

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://fonts.googleapis.com/css2?family=DM+Serif+Display:wght@600&family=Lato:wght@400;400&family=Montserrat:wght@400;500;600;700;800&display=swap Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
cuberacer.net
fonts.googleapis.com
k.chasingglitters.com
ktgcr.link
theweeklyupside.com
2606:4700:3030::ac43:9cfe
2606:4700:3033::6815:41e0
2606:4700:3033::6815:7f8
2606:4700::6811:180e
2606:4700:e4::ac40:a21b
2a00:1450:4001:811::200a
06f66c7beb4164979a2bc183462dbbb4a148d374d6aca4dc0b0548d8aeae8387
2d9043151062c2c8b2748ab74ca5ea7cf5dd5313a9d3b8160354aff927aa374f
34c5fd0a62a87baf672eb1049c56fb861f7e0bb688538e16a06468645ab3efb6
3bc1d3d8ff05c23eae4bd7e65fb2beceb1b1e9ec1dcb0ca99e572ffccdc8cd8d
4b371923804cb98c5b848471f8b716055d223cd8c331bc2bd21ce87a1767dfa9
6575b6aa7cd10f1ea8d43bc8577c45afd3964d1d423c79c7c77d0dbf4ad136d3
6ee89758a642f99089b4952d11553ff8a672246383901d1f95b934e4c92e0049
6fc6be0cf47ddda07babc6a764562f2b024b0a5e744fd0d3615a73005ae02ae6
983fe47291b6ef3da0b3fa55c5e49bcedae394163ad3626a3620a654ef55fc3b
af96e054baeb0c313738c0f4faef0768f2b1bd145c37575a25f1e8f6ceb0f56c
b4dfd554a21d50b5f5308c095b7942a305d6ca75744b18070aead8c8520c83da
bb913b6a5b60c9813d978b00ccdb9e7534cb8df50ab527d2354fcaf34a5421d1
d54bb44558b70147d4a4b996ee7492e685004d837d0ac66a10a723f774133941
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

theweeklyupside.com Open in urlscan Pro 2606:4700:3033::6815:7f8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

100 %IPv6

6 Domains

6 Subdomains

5 IPs

2 Countries

543 kBTransfer

792 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

2 Cookies

1 Console Messages

Indicators

theweeklyupside.com Open in urlscan Pro
2606:4700:3033::6815:7f8 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

100 %
IPv6

6
Domains

6
Subdomains

5
IPs

2
Countries

543 kB
Transfer

792 kB
Size

2
Cookies

16 HTTP transactions
0 data transactions