urlscan.io logo urlscan.io
SecurityTrails logo

gu4.xyz Open in urlscan Pro
45.77.107.145  Public Scan

Go To Rescan Add Verdict Report
URL: https://gu4.xyz/
Submission: On October 03 via api from BE — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 6 domains to perform 46 HTTP transactions. The main IP is 45.77.107.145, located in Piscataway, United States and belongs to AS-VULTR, US. The main domain is gu4.xyz.
TLS certificate: Issued by R11 on September 29th 2024. Valid for: 3 months.
This is the only time gu4.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains		 Transfer
30 gu4.xyz
gu4.xyz
11 MB
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
5 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
77 KB
2 uoil.top
uoil.top
468 B
0 snyc.xyz Failed
snyc.xyz Failed
0 coincollege.club Failed
coincollege.club Failed
46 6
Domain Requested by
30 gu4.xyz gu4.xyz
6 www.facebook.com gu4.xyz
4 connect.facebook.net gu4.xyz
connect.facebook.net
2 uoil.top gu4.xyz
0 snyc.xyz Failed
0 coincollege.club Failed gu4.xyz
46 6

This site contains no links.

Subject Issuer Validity Valid
gu4.xyz
R11		 2024-09-29 -
2024-12-28		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-07-12 -
2024-10-10		 3 months crt.sh
uoil.top
WE1		 2024-09-08 -
2024-12-07		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://gu4.xyz/
Frame ID: 06DD3AB39C41A7438BB601B55F4BC81F
Requests: 45 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Digital Currency Center

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Page Statistics

46
Requests

91 %
HTTPS

75 %
IPv6

6
Domains

6
Subdomains

5
IPs

2
Countries

11309 kB
Transfer

12220 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
gu4.xyz/ 		196 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gu4.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.77.107.145 Piscataway, United States, ASN20473 (AS-VULTR, US),
Reverse DNS
45.77.107.145.vultrusercontent.com
Software
nginx /
Resource Hash
09302b21ce3c6e6163fb50facf4941ad516939f735416f5c011d047d0e95d0b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Thu, 03 Oct 2024 09:18:22 GMT
ETag
W/"65f119da-31178"
Last-Modified
Wed, 13 Mar 2024 03:13:30 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
index.css
gu4.xyz/static/css/ 		114 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gu4.xyz/static/css/index.css
Requested by
Host: gu4.xyz
URL: https://gu4.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.77.107.145 Piscataway, United States, ASN20473 (AS-VULTR, US),
Reverse DNS
45.77.107.145.vultrusercontent.com
Software
nginx /
Resource Hash
daf39ee0bc04d006b19056c1f748eaa5cb013f7e5b5010e34f51490615ade21f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gu4.xyz/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
Cache-Control
max-age=43200
Content-Encoding
gzip
ETag
W/"65f119da-1c760"
Connection
keep-alive
Expires
Thu, 03 Oct 2024 21:18:23 GMT
Date
Thu, 03 Oct 2024 09:18:23 GMT
Content-Type
text/css
Last-Modified
Wed, 13 Mar 2024 03:13:30 GMT
Server
nginx
Vary
Accept-Encoding
802998155206172.js
gu4.xyz/static/js/ 		61 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gu4.xyz/static/js/802998155206172.js
Requested by
Host: gu4.xyz
URL: https://gu4.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.77.107.145 Piscataway, United States, ASN20473 (AS-VULTR, US),
Reverse DNS
45.77.107.145.vultrusercontent.com
Software
nginx /
Resource Hash
aec9c07d0c7a43509c278f77fe8341463e627aa2724c012b6210a983546e94bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gu4.xyz/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
Cache-Control
max-age=43200
Content-Encoding
gzip
ETag
W/"65f119da-f319"
Connection
keep-alive
Expires
Thu, 03 Oct 2024 21:18:23 GMT
Date
Thu, 03 Oct 2024 09:18:23 GMT
Content-Type
application/javascript
Last-Modified
Wed, 13 Mar 2024 03:13:30 GMT
Server
nginx
Vary
Accept-Encoding
fbevents.js
gu4.xyz/static/js/ 		215 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gu4.xyz/static/js/fbevents.js
Requested by
Host: gu4.xyz
URL: https://gu4.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.77.107.145 Piscataway, United States, ASN20473 (AS-VULTR, US),
Reverse DNS
45.77.107.145.vultrusercontent.com
Software
nginx /
Resource Hash
50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gu4.xyz/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
Cache-Control
max-age=43200
Content-Encoding
gzip
ETag
W/"65f119da-35acf"
Connection
keep-alive
Expires
Thu, 03 Oct 2024 21:18:24 GMT
Date
Thu, 03 Oct 2024 09:18:24 GMT
Content-Type
application/javascript
Last-Modified
Wed, 13 Mar 2024 03:13:30 GMT
Server
nginx
Vary
Accept-Encoding
spz-carousel-0.1.js
gu4.xyz/static/js/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gu4.xyz/static/js/spz-carousel-0.1.js
Requested by
Host: gu4.xyz
URL: https://gu4.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.77.107.145 Piscataway, United States, ASN20473 (AS-VULTR, US),
Reverse DNS
45.77.107.145.vultrusercontent.com
Software
nginx /
Resource Hash
2b93faa828a91efe59911ffc991a19caba7ee900163ed49530474637aa22dca5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gu4.xyz/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
Cache-Control
max-age=43200
Content-Encoding
gzip
ETag
W/"65f119da-79e4"
Connection
keep-alive
Expires
Thu, 03 Oct 2024 21:18:24 GMT
Date
Thu, 03 Oct 2024 09:18:24 GMT
Content-Type
application/javascript
Last-Modified
Wed, 13 Mar 2024 03:13:30 GMT
Server
nginx
Vary
Accept-Encoding
spz-interact-observer-0.1.js
gu4.xyz/static/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gu4.xyz/static/js/spz-interact-observer-0.1.js
Requested by
Host: gu4.xyz
URL: https://gu4.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.77.107.145 Piscataway, United States, ASN20473 (AS-VULTR, US),
Reverse DNS
45.77.107.145.vultrusercontent.com
Software
nginx /
Resource Hash
5925cc2a2b927f86f5682a089f6a8bb562dc7e43369451a4053b9385bbf8c32f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gu4.xyz/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
Cache-Control
max-age=43200
Content-Encoding
gzip
ETag
W/"65f119da-39f8"
Connection
keep-alive
Expires
Thu, 03 Oct 2024 21:18:24 GMT
Date
Thu, 03 Oct 2024 09:18:24 GMT
Content-Type
application/javascript
Last-Modified
Wed, 13 Mar 2024 03:13:30 GMT
Server
nginx
Vary
Accept-Encoding
spz-tabs-0.1.js
gu4.xyz/static/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gu4.xyz/static/js/spz-tabs-0.1.js
Requested by
Host: gu4.xyz
URL: https://gu4.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.77.107.145 Piscataway, United States, ASN20473 (AS-VULTR, US),
Reverse DNS
45.77.107.145.vultrusercontent.com
Software
nginx /
Resource Hash
0a8a8b437c3da0a3cf67a929135f878f8476799070f1471be5fbf31a9334f024
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gu4.xyz/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
Cache-Control
max-age=43200
Content-Encoding
gzip
ETag
W/"65f119da-1484"
Connection
keep-alive
Expires
Thu, 03 Oct 2024 21:18:24 GMT
Date
Thu, 03 Oct 2024 09:18:24 GMT
Content-Type
application/javascript
Last-Modified
Wed, 13 Mar 2024 03:13:30 GMT
Server
nginx
Vary
Accept-Encoding
spz-odometer-0.1.js
gu4.xyz/static/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gu4.xyz/static/js/spz-odometer-0.1.js
Requested by
Host: gu4.xyz
URL: https://gu4.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.77.107.145 Piscataway, United States, ASN20473 (AS-VULTR, US),
Reverse DNS
45.77.107.145.vultrusercontent.com
Software
nginx /
Resource Hash
f24f7c0d5c6941afb17936731a48d43d3368c6b4b533dc5c7fac05646e612052
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gu4.xyz/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
Cache-Control
max-age=43200
Content-Encoding
gzip
ETag
W/"65f119da-1e96"
Connection
keep-alive
Expires
Thu, 03 Oct 2024 21:18:24 GMT
Date
Thu, 03 Oct 2024 09:18:24 GMT
Content-Type
application/javascript
Last-Modified
Wed, 13 Mar 2024 03:13:30 GMT
Server
nginx
Vary
Accept-Encoding
m=el_main_css
coincollege.club/dfdf/Digital%20Currency%20Center_files/ 		0
0
v0.js
gu4.xyz/static/js/ 		171 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gu4.xyz/static/js/v0.js
Requested by
Host: gu4.xyz
URL: https://gu4.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.77.107.145 Piscataway, United States, ASN20473 (AS-VULTR, US),
Reverse DNS
45.77.107.145.vultrusercontent.com
Software
nginx /
Resource Hash
63192aefe583655a8e0e362bda3be40a99ecc5aae79424ce2d324b5421ebbdea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gu4.xyz/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
Cache-Control
max-age=43200
Content-Encoding
gzip
ETag
W/"65f119da-2ac9d"
Connection
keep-alive
Expires
Thu, 03 Oct 2024 21:18:23 GMT
Date
Thu, 03 Oct 2024 09:18:23 GMT
Content-Type
application/javascript
Last-Modified
Wed, 13 Mar 2024 03:13:30 GMT
Server
nginx
Vary
Accept-Encoding
0ff7784184af761d38db3013a4d1584e.gif
gu4.xyz/static/picture/ 		5 MB
5 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gu4.xyz/static/picture/0ff7784184af761d38db3013a4d1584e.gif
Requested by
Host: gu4.xyz
URL: https://gu4.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.77.107.145 Piscataway, United States, ASN20473 (AS-VULTR, US),
Reverse DNS
45.77.107.145.vultrusercontent.com
Software
nginx /
Resource Hash
b930156fb7c388cf128891508024d13f0316bc38b61299c766d3ff1b9aabfa0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gu4.xyz/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
Cache-Control
max-age=2592000
Content-Encoding
gzip
ETag
W/"65f119cc-526559"
Connection
keep-alive
Expires
Sat, 02 Nov 2024 09:18:23 GMT
Date
Thu, 03 Oct 2024 09:18:23 GMT
Content-Type
image/gif
Last-Modified
Wed, 13 Mar 2024 03:13:16 GMT
Server
nginx
Vary
Accept-Encoding
b95e383e5eec1be24416e6246b8a603d.webp
gu4.xyz/static/picture/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gu4.xyz/static/picture/b95e383e5eec1be24416e6246b8a603d.webp
Requested by
Host: gu4.xyz
URL: https://gu4.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.77.107.145 Piscataway, United States, ASN20473 (AS-VULTR, US),
Reverse DNS
45.77.107.145.vultrusercontent.com
Software
nginx /
Resource Hash
5159efbe008c0a89ec961b8cedcbdb31998184ad3b5be010fb0abf0f2b618e9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gu4.xyz/

Response headers

Strict-Transport-Security
max-age=31536000
ETag
"65f119bc-7398"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29592
Date
Thu, 03 Oct 2024 09:18:23 GMT
Content-Type
image/webp
Last-Modified
Wed, 13 Mar 2024 03:13:00 GMT
Server
nginx
537.jpg
gu4.xyz/static/picture/ 		120 KB
120 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gu4.xyz/static/picture/537.jpg
Requested by
Host: gu4.xyz
URL: https://gu4.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.77.107.145 Piscataway, United States, ASN20473 (AS-VULTR, US),
Reverse DNS
45.77.107.145.vultrusercontent.com
Software
nginx /
Resource Hash
12118012530ebc1ef651485c2168969bc8b397e31f396c83560f37cdcf7254ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gu4.xyz/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
Cache-Control
max-age=2592000
Content-Encoding
gzip
ETag
W/"65f119be-1e0ba"
Connection
keep-alive
Expires
Sat, 02 Nov 2024 09:18:23 GMT
Date
Thu, 03 Oct 2024 09:18:23 GMT
Content-Type
image/jpeg
Last-Modified
Wed, 13 Mar 2024 03:13:02 GMT
Server
nginx
Vary
Accept-Encoding
ea57bd473ccfc9ea42f3b0b0bce6a224.webp
gu4.xyz/static/picture/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gu4.xyz/static/picture/ea57bd473ccfc9ea42f3b0b0bce6a224.webp
Requested by
Host: gu4.xyz
URL: https://gu4.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.77.107.145 Piscataway, United States, ASN20473 (AS-VULTR, US),
Reverse DNS
45.77.107.145.vultrusercontent.com
Software
nginx /
Resource Hash
cfd289a060c55ceea81b5801958f5d46190bc434920114cedefa7772e2a19e42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gu4.xyz/

Response headers

Strict-Transport-Security
max-age=31536000
ETag
"65f119bc-24a6"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9382
Date
Thu, 03 Oct 2024 09:18:24 GMT
Content-Type
image/webp
Last-Modified
Wed, 13 Mar 2024 03:13:00 GMT
Server
nginx
31058f73226b70fbca266cdc34d25b2c.webp
gu4.xyz/static/picture/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gu4.xyz/static/picture/31058f73226b70fbca266cdc34d25b2c.webp
Requested by
Host: gu4.xyz
URL: https://gu4.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.77.107.145 Piscataway, United States, ASN20473 (AS-VULTR, US),
Reverse DNS
45.77.107.145.vultrusercontent.com
Software
nginx /
Resource Hash
ad776e95f4dbef5022246579142bbb745e50979e4904075a9e250f423ae5ac1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gu4.xyz/

Response headers

Strict-Transport-Security
max-age=31536000
ETag
"65f119bc-245e"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9310
Date
Thu, 03 Oct 2024 09:18:24 GMT
Content-Type
image/webp
Last-Modified
Wed, 13 Mar 2024 03:13:00 GMT
Server
nginx
43661456748fd5eda49b37d5c55ddf69.webp
gu4.xyz/static/picture/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gu4.xyz/static/picture/43661456748fd5eda49b37d5c55ddf69.webp
Requested by
Host: gu4.xyz
URL: https://gu4.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.77.107.145 Piscataway, United States, ASN20473 (AS-VULTR, US),
Reverse DNS
45.77.107.145.vultrusercontent.com
Software
nginx /
Resource Hash
56ac4cce1d5c2230623968200ac058dc1b134fb4b399b0afb97c0f38bea288f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gu4.xyz/

Response headers

Strict-Transport-Security
max-age=31536000
ETag
"65f119be-2310"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8976
Date
Thu, 03 Oct 2024 09:18:24 GMT
Content-Type
image/webp
Last-Modified
Wed, 13 Mar 2024 03:13:02 GMT
Server
nginx
247eeb5b6a8f437a7fc0a3ff574863ea.webp
gu4.xyz/static/picture/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gu4.xyz/static/picture/247eeb5b6a8f437a7fc0a3ff574863ea.webp
Requested by
Host: gu4.xyz
URL: https://gu4.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.77.107.145 Piscataway, United States, ASN20473 (AS-VULTR, US),
Reverse DNS
45.77.107.145.vultrusercontent.com
Software
nginx /
Resource Hash
362ca47498dae4c3af3b20a5aaa8bf67b45e82a8ec0aebd0b16fe680e9cfbec3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gu4.xyz/

Response headers

Strict-Transport-Security
max-age=31536000
ETag
"65f119be-acc4"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
44228
Date
Thu, 03 Oct 2024 09:18:24 GMT
Content-Type
image/webp
Last-Modified
Wed, 13 Mar 2024 03:13:02 GMT
Server
nginx
a094ec14405ca0e2ec2a3a6f8bb1423c.webp
gu4.xyz/static/picture/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gu4.xyz/static/picture/a094ec14405ca0e2ec2a3a6f8bb1423c.webp
Requested by
Host: gu4.xyz
URL: https://gu4.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.77.107.145 Piscataway, United States, ASN20473 (AS-VULTR, US),
Reverse DNS
45.77.107.145.vultrusercontent.com
Software
nginx /
Resource Hash
4526be4dff2c2d504d8ec5bed50f9283cd81e6c5f68126a41e5ecfd5c120269d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gu4.xyz/

Response headers

Strict-Transport-Security
max-age=31536000
ETag
"65f119be-303e"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12350
Date
Thu, 03 Oct 2024 09:18:24 GMT
Content-Type
image/webp
Last-Modified
Wed, 13 Mar 2024 03:13:02 GMT
Server
nginx
1d3b994a156350798979414771cfb5e2.webp
gu4.xyz/static/picture/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gu4.xyz/static/picture/1d3b994a156350798979414771cfb5e2.webp
Requested by
Host: gu4.xyz
URL: https://gu4.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.77.107.145 Piscataway, United States, ASN20473 (AS-VULTR, US),
Reverse DNS
45.77.107.145.vultrusercontent.com
Software
nginx /
Resource Hash
b441259d05b33b29be4dff4b57eca5d404d1d357eb39f21ea12f805a638c5c75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gu4.xyz/

Response headers

Strict-Transport-Security
max-age=31536000
ETag
"65f119be-c3a0"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
50080
Date
Thu, 03 Oct 2024 09:18:24 GMT
Content-Type
image/webp
Last-Modified
Wed, 13 Mar 2024 03:13:02 GMT
Server
nginx
f7447adffd1609dfc56fa9ed15eef37c.webp
gu4.xyz/static/picture/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gu4.xyz/static/picture/f7447adffd1609dfc56fa9ed15eef37c.webp
Requested by
Host: gu4.xyz
URL: https://gu4.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.77.107.145 Piscataway, United States, ASN20473 (AS-VULTR, US),
Reverse DNS
45.77.107.145.vultrusercontent.com
Software
nginx /
Resource Hash
9a97e171cae784264e89a286f4582560a4a3804bd6256778d2dd05725a2b1d8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gu4.xyz/

Response headers

Strict-Transport-Security
max-age=31536000
ETag
"65f119be-17f4"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6132
Date
Thu, 03 Oct 2024 09:18:24 GMT
Content-Type
image/webp
Last-Modified
Wed, 13 Mar 2024 03:13:02 GMT
Server
nginx
916d853431361595fb5492350000d9f8.webp
gu4.xyz/static/picture/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gu4.xyz/static/picture/916d853431361595fb5492350000d9f8.webp
Requested by
Host: gu4.xyz
URL: https://gu4.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.77.107.145 Piscataway, United States, ASN20473 (AS-VULTR, US),
Reverse DNS
45.77.107.145.vultrusercontent.com
Software
nginx /
Resource Hash
151545343f6fba10cd8d4b8c254c8343d3ee56e0db22b0c7004214a859912e99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gu4.xyz/

Response headers

Strict-Transport-Security
max-age=31536000
ETag
"65f119be-5f9c"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24476
Date
Thu, 03 Oct 2024 09:18:24 GMT
Content-Type
image/webp
Last-Modified
Wed, 13 Mar 2024 03:13:02 GMT
Server
nginx
aa53506cc02bd9b9ce5bb828bc26b243.webp
gu4.xyz/static/picture/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gu4.xyz/static/picture/aa53506cc02bd9b9ce5bb828bc26b243.webp
Requested by
Host: gu4.xyz
URL: https://gu4.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.77.107.145 Piscataway, United States, ASN20473 (AS-VULTR, US),
Reverse DNS
45.77.107.145.vultrusercontent.com
Software
nginx /
Resource Hash
70fc163a7e07505826d0808d0486ec2346b545b9678d6c1325f06a7628870473
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gu4.xyz/

Response headers

Strict-Transport-Security
max-age=31536000
ETag
"65f119be-1336"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4918
Date
Thu, 03 Oct 2024 09:18:24 GMT
Content-Type
image/webp
Last-Modified
Wed, 13 Mar 2024 03:13:02 GMT
Server
nginx
702f8cdf5a7c42b50b547e820f6bc295.webp
gu4.xyz/static/picture/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gu4.xyz/static/picture/702f8cdf5a7c42b50b547e820f6bc295.webp
Requested by
Host: gu4.xyz
URL: https://gu4.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.77.107.145 Piscataway, United States, ASN20473 (AS-VULTR, US),
Reverse DNS
45.77.107.145.vultrusercontent.com
Software
nginx /
Resource Hash
ceb08a456f3e9463dcd985f09fcfb8fecc5b3a67740a148053eaf9cdc15b45c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gu4.xyz/

Response headers

Strict-Transport-Security
max-age=31536000
ETag
"65f119be-85a4"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34212
Date
Thu, 03 Oct 2024 09:18:24 GMT
Content-Type
image/webp
Last-Modified
Wed, 13 Mar 2024 03:13:02 GMT
Server
nginx
05de0605b80b23f00601a2d2382f3f63.webp
gu4.xyz/static/picture/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gu4.xyz/static/picture/05de0605b80b23f00601a2d2382f3f63.webp
Requested by
Host: gu4.xyz
URL: https://gu4.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.77.107.145 Piscataway, United States, ASN20473 (AS-VULTR, US),
Reverse DNS
45.77.107.145.vultrusercontent.com
Software
nginx /
Resource Hash
1a325848b60c1b56cd5c061ff866825eeec6e2d128abd2bd4173a43e8de4eb71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gu4.xyz/

Response headers

Strict-Transport-Security
max-age=31536000
ETag
"65f119be-7e34"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
32308
Date
Thu, 03 Oct 2024 09:18:24 GMT
Content-Type
image/webp
Last-Modified
Wed, 13 Mar 2024 03:13:02 GMT
Server
nginx
5581b67104ec0b7ccc58f8a059ba2fdc.webp
gu4.xyz/static/picture/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gu4.xyz/static/picture/5581b67104ec0b7ccc58f8a059ba2fdc.webp
Requested by
Host: gu4.xyz
URL: https://gu4.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.77.107.145 Piscataway, United States, ASN20473 (AS-VULTR, US),
Reverse DNS
45.77.107.145.vultrusercontent.com
Software
nginx /
Resource Hash
ddfcc4f7de6ca292b65d3745c93c827b60424d68220704947e3d714fc3cb4345
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gu4.xyz/

Response headers

Strict-Transport-Security
max-age=31536000
ETag
"65f119c0-ae86"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
44678
Date
Thu, 03 Oct 2024 09:18:24 GMT
Content-Type
image/webp
Last-Modified
Wed, 13 Mar 2024 03:13:04 GMT
Server
nginx
6ad3d7026f77e61c117632da15f1ac9b.webp
gu4.xyz/static/picture/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gu4.xyz/static/picture/6ad3d7026f77e61c117632da15f1ac9b.webp
Requested by
Host: gu4.xyz
URL: https://gu4.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.77.107.145 Piscataway, United States, ASN20473 (AS-VULTR, US),
Reverse DNS
45.77.107.145.vultrusercontent.com
Software
nginx /
Resource Hash
0dcdb38063d11ac7c5eb2d00984b8219565b80002a8cc269bed04692c83a712a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gu4.xyz/

Response headers

Strict-Transport-Security
max-age=31536000
ETag
"65f119c0-bfca"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
49098
Date
Thu, 03 Oct 2024 09:18:24 GMT
Content-Type
image/webp
Last-Modified
Wed, 13 Mar 2024 03:13:04 GMT
Server
nginx
index.js
gu4.xyz/static/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gu4.xyz/static/js/index.js
Requested by
Host: gu4.xyz
URL: https://gu4.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.77.107.145 Piscataway, United States, ASN20473 (AS-VULTR, US),
Reverse DNS
45.77.107.145.vultrusercontent.com
Software
nginx /
Resource Hash
934f739744c15103d848a75f31820da0de1feca7df37e535a89236d31f819bbb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gu4.xyz/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
Cache-Control
max-age=43200
Content-Encoding
gzip
ETag
W/"65f119da-1450"
Connection
keep-alive
Expires
Thu, 03 Oct 2024 21:18:24 GMT
Date
Thu, 03 Oct 2024 09:18:24 GMT
Content-Type
application/javascript
Last-Modified
Wed, 13 Mar 2024 03:13:30 GMT
Server
nginx
Vary
Accept-Encoding
spz-lightbox-0.1.js
coincollege.club/dfdf/2/static/js/ 		0
0
spz-lightbox-0.1.js
coincollege.club/dfdf/2/undefined/ 		0
0
fbevents.js
connect.facebook.net/en_US/ 		226 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: gu4.xyz
URL: https://gu4.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
48ba1993011db4834882d81b2153753437607292f704a6543d4466c0f6d1372a
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gu4.xyz/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
edge-control
cache-maxage=10m
date
Thu, 03 Oct 2024 09:18:24 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
MODERATE; q=0.3, rtt=292, rtx=0, c=29, mss=1232, tbw=13257, tp=20, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
jqrNYv0waXuZNfMgDW26LCRcyMfP8eFkOsctP6l+Y4pLSK38mofuRDwuUfQ9now41Rr5wGWt8hYWk7R316hcyA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
59131
x-xss-protection
0
origin-agent-cluster
?1
spz-lightbox-0.1.js
gu4.xyz/undefined/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://gu4.xyz/undefined/spz-lightbox-0.1.js
Requested by
Host: gu4.xyz
URL: https://gu4.xyz/static/js/v0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.77.107.145 Piscataway, United States, ASN20473 (AS-VULTR, US),
Reverse DNS
45.77.107.145.vultrusercontent.com
Software
nginx /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gu4.xyz/

Response headers

Content-Length
548
Date
Thu, 03 Oct 2024 09:18:24 GMT
Content-Type
text/html
Server
nginx
Connection
keep-alive
227072590431691
connect.facebook.net/signals/config/ 		68 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/227072590431691?v=2.9.170&r=stable&domain=gu4.xyz&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1cd0a9f65539b807b49825ec9d3b73dea79bc6d3b6cd365adb83ca0cb83d25c9
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gu4.xyz/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
edge-control
cache-maxage=10m
date
Thu, 03 Oct 2024 09:18:24 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=51, rtx=0, c=76, mss=1232, tbw=76057, tp=73, tpl=0, uplat=295, ullat=0
pragma
public
x-fb-debug
rEXwwS4YiaGYmU5oQic+upOK6q547J+Ek66vEUmj1Ts2j66GI35W1cGn0dGt7yGF6kX/sk8UJhAyltdaQRmf8A==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
k3k6o8UDI-1M0wlSV9XAw6lQkqWY8Q82sJaRE-NWIDdgffTT0zRZ9xdp.woff2
gu4.xyz/static/font/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gu4.xyz/static/font/k3k6o8UDI-1M0wlSV9XAw6lQkqWY8Q82sJaRE-NWIDdgffTT0zRZ9xdp.woff2
Requested by
Host: gu4.xyz
URL: https://gu4.xyz/static/css/index.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.77.107.145 Piscataway, United States, ASN20473 (AS-VULTR, US),
Reverse DNS
45.77.107.145.vultrusercontent.com
Software
nginx /
Resource Hash
7f5ded81ae7e2cfdaf326834c06b0194f4c7b2f266240f0664ab33bbadc8d1c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://gu4.xyz
Referer
https://gu4.xyz/static/css/index.css

Response headers

Strict-Transport-Security
max-age=31536000
ETag
"65f119b8-38c2"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14530
Date
Thu, 03 Oct 2024 09:18:24 GMT
Content-Type
font/woff2
Last-Modified
Wed, 13 Mar 2024 03:12:56 GMT
Server
nginx
J7aRnpd8CGxBHpUutLM.woff2
gu4.xyz/static/font/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gu4.xyz/static/font/J7aRnpd8CGxBHpUutLM.woff2
Requested by
Host: gu4.xyz
URL: https://gu4.xyz/static/css/index.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.77.107.145 Piscataway, United States, ASN20473 (AS-VULTR, US),
Reverse DNS
45.77.107.145.vultrusercontent.com
Software
nginx /
Resource Hash
c92eb310a3c8189248f9ff8a6089e081f0fd70bee95d9143cc008c5a559e39b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://gu4.xyz
Referer
https://gu4.xyz/static/css/index.css

Response headers

Strict-Transport-Security
max-age=31536000
ETag
"65f119ba-5dcb"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24011
Date
Thu, 03 Oct 2024 09:18:24 GMT
Content-Type
font/woff2
Last-Modified
Wed, 13 Mar 2024 03:12:58 GMT
Server
nginx
727458799471631
connect.facebook.net/signals/config/ 		25 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/727458799471631?v=2.9.170&r=stable&domain=gu4.xyz&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112%2C199%2C198%2C200%2C205%2C206%2C207%2C203%2C195%2C131%2C162%2C194%2C196%2C121%2C156%2C144%2C150%2C188%2C189%2C128%2C231%2C115%2C126%2C232%2C164%2C118%2C234%2C165%2C135%2C122%2C153%2C147%2C113%2C127
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bda93eee0918663d1b94810e0731ae69757d89bbd6f9c8bfbb31d501593ab953
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gu4.xyz/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
edge-control
cache-maxage=10m
date
Thu, 03 Oct 2024 09:18:25 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=48, rtx=0, c=87, mss=1232, tbw=90073, tp=87, tpl=0, uplat=215, ullat=1
pragma
public
x-fb-debug
Kn+kv5fJ5UgK929FUWgARVhKb2iSjkRPePPPgyq+NGm4D+kFXdXQQj/2PWPZv8YWgmmZdMnlbzLN7iFuhX2nLA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=227072590431691&ev=PageView&dl=https%3A%2F%2Fgu4.xyz%2F&rl=&if=false&ts=1727947105212&sw=1600&sh=1200&v=2.9.148&r=stable&ec=0&o=4126&fbp=fb.1.1727947105177.74905287623847744&ler=empty&cdl=API_unavailable&it=1727947104400&coo=false&rqm=GET
Requested by
Host: gu4.xyz
URL: https://gu4.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gu4.xyz/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=16, rtx=0, c=10, mss=1392, tbw=2905, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 03 Oct 2024 09:18:25 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=227072590431691&ev=PageView&dl=https%3A%2F%2Fgu4.xyz%2F&rl=&if=false&ts=1727947105212&sw=1600&sh=1200&v=2.9.148&r=stable&ec=0&o=4126&fbp=fb.1.1727947105177.74905287623847744&ler=empty&cdl=API_unavailable&it=1727947104400&coo=false&rqm=FGET
Requested by
Host: gu4.xyz
URL: https://gu4.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gu4.xyz/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7421476305343308443"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 03 Oct 2024 09:18:25 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
I1daZTrSlV/CCtheKH7oT912GGBtTu+eoXLxezB3w+V+RNpsshX/Nvnr9uT07WDdN70QMKo61HbrhA59VJzRhA==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7421476305343308443", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=17, rtx=0, c=10, mss=1392, tbw=3418, tp=-1, tpl=-1, uplat=222, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
933604441380886
connect.facebook.net/signals/config/ 		25 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/933604441380886?v=2.9.170&r=stable&domain=gu4.xyz&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112%2C199%2C198%2C200%2C205%2C206%2C207%2C203%2C195%2C131%2C162%2C194%2C196%2C121%2C156%2C144%2C150%2C188%2C189%2C128%2C231%2C115%2C126%2C232%2C164%2C118%2C234%2C165%2C135%2C122%2C153%2C147%2C113%2C127
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d3791ac038f38061e4b8d8efa19d842640c96639ef219502089880990f9abb9d
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gu4.xyz/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
edge-control
cache-maxage=10m
date
Thu, 03 Oct 2024 09:18:25 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=54, rtx=0, c=90, mss=1232, tbw=93401, tp=91, tpl=0, uplat=274, ullat=0
pragma
public
x-fb-debug
j/WrGiqH9MtykYTX0RCUOKk4DjFyuXiH3sme52EmBlefgGVWaLf/59wjM4VrIMZ4HEn7MkbKMmq5Anc4M9o3Bw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
/
www.facebook.com/tr/ 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=727458799471631&ev=PageView&dl=https%3A%2F%2Fgu4.xyz%2F&rl=&if=false&ts=1727947105523&sw=1600&sh=1200&v=2.9.148&r=stable&ec=0&o=4126&fbp=fb.1.1727947105177.74905287623847744&ler=empty&cdl=API_unavailable&it=1727947104400&coo=false&rqm=GET
Requested by
Host: gu4.xyz
URL: https://gu4.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gu4.xyz/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=18, rtx=0, c=10, mss=1392, tbw=3271, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 03 Oct 2024 09:18:25 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=727458799471631&ev=PageView&dl=https%3A%2F%2Fgu4.xyz%2F&rl=&if=false&ts=1727947105523&sw=1600&sh=1200&v=2.9.148&r=stable&ec=0&o=4126&fbp=fb.1.1727947105177.74905287623847744&ler=empty&cdl=API_unavailable&it=1727947104400&coo=false&rqm=FGET
Requested by
Host: gu4.xyz
URL: https://gu4.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gu4.xyz/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7421476305910851033"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 03 Oct 2024 09:18:25 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
vbsLIV7aA6Yq/FAt5J48E0qvVV1XutkyYQhfDRgwg+onPF+TB/WEEept6qDvlOYnW9s93cJHk5g/CKpitBROkQ==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7421476305910851033", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=23, rtx=0, c=10, mss=1392, tbw=6647, tp=-1, tpl=-1, uplat=138, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
/
www.facebook.com/tr/ 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=933604441380886&ev=PageView&dl=https%3A%2F%2Fgu4.xyz%2F&rl=&if=false&ts=1727947106009&sw=1600&sh=1200&v=2.9.148&r=stable&ec=0&o=4126&fbp=fb.1.1727947105177.74905287623847744&ler=empty&cdl=API_unavailable&it=1727947104400&coo=false&rqm=GET
Requested by
Host: gu4.xyz
URL: https://gu4.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gu4.xyz/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=23, mss=1232, tbw=5727, tp=11, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 03 Oct 2024 09:18:26 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=933604441380886&ev=PageView&dl=https%3A%2F%2Fgu4.xyz%2F&rl=&if=false&ts=1727947106009&sw=1600&sh=1200&v=2.9.148&r=stable&ec=0&o=4126&fbp=fb.1.1727947105177.74905287623847744&ler=empty&cdl=API_unavailable&it=1727947104400&coo=false&rqm=FGET
Requested by
Host: gu4.xyz
URL: https://gu4.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gu4.xyz/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7421476309730240266"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 03 Oct 2024 09:18:27 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
kOkBwJf99JIAkE1TOd/EmFAgMsYFRjLuAmCbXP4u10CbKJ2rIl0tPDJQvsHQac3hhfSKQzQ/WW72f1Coc0S0dQ==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7421476309730240266", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=23, mss=1232, tbw=6143, tp=15, tpl=0, uplat=988, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
/
snyc.xyz/tmp/M101YG/ 		0
0
0ff7784184af761d38db3013a4d1584e_1024x.png
gu4.xyz/static/image/ 		5 MB
5 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gu4.xyz/static/image/0ff7784184af761d38db3013a4d1584e_1024x.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.77.107.145 Piscataway, United States, ASN20473 (AS-VULTR, US),
Reverse DNS
45.77.107.145.vultrusercontent.com
Software
nginx /
Resource Hash
b930156fb7c388cf128891508024d13f0316bc38b61299c766d3ff1b9aabfa0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gu4.xyz/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
Cache-Control
max-age=2592000
Content-Encoding
gzip
ETag
W/"65f119da-526559"
Connection
keep-alive
Expires
Sat, 02 Nov 2024 09:18:28 GMT
Date
Thu, 03 Oct 2024 09:18:28 GMT
Content-Type
image/png
Last-Modified
Wed, 13 Mar 2024 03:13:30 GMT
Server
nginx
Vary
Accept-Encoding
/
uoil.top/user/getMineInfo/ 		24 B
468 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://uoil.top/user/getMineInfo/
Requested by
Host: gu4.xyz
URL: https://gu4.xyz/static/js/index.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:19d6 -, , ASN (),
Reverse DNS
Software
cloudflare / Express
Resource Hash
db6091343f1e5fa1615ab8547126c69c6412d39c2ce36f6494b5a0e4d575e341

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://gu4.xyz/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
etag
W/"18-yqLqnpoWrGYl1YB94ddsqSKCdFo"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=StaBM4fe3bsmSXBylaO%2F%2BRskWbT0WVzuuQBLUGfvhjlTGmrgLRlfd0ZMdcL6OvvzD78zBWNpJFLPY9804kxlHfexXJMcYSyOetBB5NL2F0ujhZKskX0CErTy3qdi%2FwkbKvno9j5iqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ccbd8647c264170-LHR
access-control-allow-origin
*
content-length
24
date
Thu, 03 Oct 2024 09:18:31 GMT
content-type
application/json; charset=utf-8
x-powered-by
Express
server
cloudflare
/
uoil.top/user/getMineInfo/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://uoil.top/user/getMineInfo/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:19d6 -, , ASN (),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://gu4.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8ccbd861981b4170-LHR
date
Thu, 03 Oct 2024 09:18:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ieZSXjuxwQyGe8uKnVFQE2QaI84SR9UnedJXd7%2BHxOPOy4nHskq7b3mKtx%2B3TmdELN6rJFazIHxPgyAyS31ZlhlGLpS%2BaZIs2j7CUuQkwqG0rXi7NRinKt8cedFbghorJbTla%2BxMVA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Access-Control-Request-Headers
x-powered-by
Express

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
coincollege.club
URL
https://coincollege.club/dfdf/Digital%20Currency%20Center_files/m=el_main_css
Domain
coincollege.club
URL
https://coincollege.club/dfdf/2/static/js/spz-lightbox-0.1.js
Domain
coincollege.club
URL
https://coincollege.club/dfdf/2/undefined/spz-lightbox-0.1.js
Domain
snyc.xyz
URL
https://snyc.xyz/tmp/M101YG/?uoil_id=238

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| pako function| fbq function| _fbq object| SPZ object| __SPZ_LOG object| __SPZ_ERRORS function| __SPZ_REPORT_ERROR object| __SPZ_TOP object| __SPZ_SERVICES object| __SPZ_MODE boolean| __SPZ_TAG object| SPZCore object| SPZUtils function| SPZServices object| __SPZ_DECLARE_EXTENSION object| __SPZ_EXTENDED_ELEMENTS function| __SPZ_BASE_CE_CLASS object| __SPZ_DOC string| link function| showline boolean| __SPZ_WAIT_FOR_CHILD function| ilean function| resetTime

1 Cookies

Domain/Path Name / Value
.gu4.xyz/ Name: _fbp
Value: fb.1.1727947105177.74905287623847744

16 Console Messages

Source Level URL
Text
network error URL: https://coincollege.club/dfdf/Digital%20Currency%20Center_files/m=el_main_css
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://coincollege.club/dfdf/2/undefined/spz-lightbox-0.1.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://coincollege.club/dfdf/2/static/js/spz-lightbox-0.1.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other warning URL: https://gu4.xyz/
Message:
Failed to decode downloaded font: https://gu4.xyz/static/font/k3k6o8UDI-1M0wlSV9XAw6lQkqWY8Q82sJaRE-NWIDdgffTT0zRZ9xdp.woff2
other warning URL: https://gu4.xyz/
Message:
OTS parsing error: Failed to convert WOFF 2.0 font to SFNT
other warning URL: https://gu4.xyz/
Message:
Failed to decode downloaded font: https://gu4.xyz/static/font/k3k6o8UDI-1M0wlSV9XAw6lQkqWY8Q82sJaRE-NWIDdgffTT0zRZ9xdp.woff2
other warning URL: https://gu4.xyz/
Message:
OTS parsing error: Failed to convert WOFF 2.0 font to SFNT
other warning URL: https://gu4.xyz/
Message:
Failed to decode downloaded font: https://gu4.xyz/static/font/J7aRnpd8CGxBHpUutLM.woff2
other warning URL: https://gu4.xyz/
Message:
OTS parsing error: Failed to convert WOFF 2.0 font to SFNT
other warning URL: https://gu4.xyz/
Message:
Failed to decode downloaded font: https://gu4.xyz/static/font/J7aRnpd8CGxBHpUutLM.woff2
other warning URL: https://gu4.xyz/
Message:
OTS parsing error: Failed to convert WOFF 2.0 font to SFNT
other warning URL: https://gu4.xyz/static/js/v0.js
Message:
Failed to decode downloaded font: https://gu4.xyz/static/font/J7aRnpd8CGxBHpUutLM.woff2
other warning URL: https://gu4.xyz/static/js/v0.js
Message:
OTS parsing error: Failed to convert WOFF 2.0 font to SFNT
other warning URL: https://gu4.xyz/static/js/v0.js
Message:
Failed to decode downloaded font: https://gu4.xyz/static/font/k3k6o8UDI-1M0wlSV9XAw6lQkqWY8Q82sJaRE-NWIDdgffTT0zRZ9xdp.woff2
other warning URL: https://gu4.xyz/static/js/v0.js
Message:
OTS parsing error: Failed to convert WOFF 2.0 font to SFNT
network error URL: https://gu4.xyz/undefined/spz-lightbox-0.1.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

coincollege.club
connect.facebook.net
gu4.xyz
snyc.xyz
uoil.top
www.facebook.com
coincollege.club
snyc.xyz
2606:4700:3032::6815:19d6
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
45.77.107.145
09302b21ce3c6e6163fb50facf4941ad516939f735416f5c011d047d0e95d0b9
0a8a8b437c3da0a3cf67a929135f878f8476799070f1471be5fbf31a9334f024
0dcdb38063d11ac7c5eb2d00984b8219565b80002a8cc269bed04692c83a712a
12118012530ebc1ef651485c2168969bc8b397e31f396c83560f37cdcf7254ce
151545343f6fba10cd8d4b8c254c8343d3ee56e0db22b0c7004214a859912e99
1a325848b60c1b56cd5c061ff866825eeec6e2d128abd2bd4173a43e8de4eb71
1cd0a9f65539b807b49825ec9d3b73dea79bc6d3b6cd365adb83ca0cb83d25c9
2b93faa828a91efe59911ffc991a19caba7ee900163ed49530474637aa22dca5
362ca47498dae4c3af3b20a5aaa8bf67b45e82a8ec0aebd0b16fe680e9cfbec3
4526be4dff2c2d504d8ec5bed50f9283cd81e6c5f68126a41e5ecfd5c120269d
48ba1993011db4834882d81b2153753437607292f704a6543d4466c0f6d1372a
50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5
5159efbe008c0a89ec961b8cedcbdb31998184ad3b5be010fb0abf0f2b618e9b
56ac4cce1d5c2230623968200ac058dc1b134fb4b399b0afb97c0f38bea288f1
5925cc2a2b927f86f5682a089f6a8bb562dc7e43369451a4053b9385bbf8c32f
63192aefe583655a8e0e362bda3be40a99ecc5aae79424ce2d324b5421ebbdea
70fc163a7e07505826d0808d0486ec2346b545b9678d6c1325f06a7628870473
7f5ded81ae7e2cfdaf326834c06b0194f4c7b2f266240f0664ab33bbadc8d1c2
934f739744c15103d848a75f31820da0de1feca7df37e535a89236d31f819bbb
9a97e171cae784264e89a286f4582560a4a3804bd6256778d2dd05725a2b1d8e
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ad776e95f4dbef5022246579142bbb745e50979e4904075a9e250f423ae5ac1f
aec9c07d0c7a43509c278f77fe8341463e627aa2724c012b6210a983546e94bd
b441259d05b33b29be4dff4b57eca5d404d1d357eb39f21ea12f805a638c5c75
b930156fb7c388cf128891508024d13f0316bc38b61299c766d3ff1b9aabfa0b
bda93eee0918663d1b94810e0731ae69757d89bbd6f9c8bfbb31d501593ab953
c92eb310a3c8189248f9ff8a6089e081f0fd70bee95d9143cc008c5a559e39b7
ceb08a456f3e9463dcd985f09fcfb8fecc5b3a67740a148053eaf9cdc15b45c5
cfd289a060c55ceea81b5801958f5d46190bc434920114cedefa7772e2a19e42
d3791ac038f38061e4b8d8efa19d842640c96639ef219502089880990f9abb9d
daf39ee0bc04d006b19056c1f748eaa5cb013f7e5b5010e34f51490615ade21f
db6091343f1e5fa1615ab8547126c69c6412d39c2ce36f6494b5a0e4d575e341
ddfcc4f7de6ca292b65d3745c93c827b60424d68220704947e3d714fc3cb4345
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f24f7c0d5c6941afb17936731a48d43d3368c6b4b533dc5c7fac05646e612052