Report - www.up-4ever.net/3d5u9e52e4i3

Report Overview

Visited public
2024-06-28 12:46:27
Tags
URL
www.up-4ever.net/3d5u9e52e4i3
Finishing URL
www.up-4ever.net/3d5u9e52e4i3
IP / ASN
172.67.216.188
#13335 CLOUDFLARENET
Title
Download CWindows10User Manual Ed222024 pdf

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
o.pki.goog	unknown	2016-06-13	2024-04-24 13:44:57	2024-06-27 18:15:52	975 B	2.1 kB	142.250.74.131
gn.metallcorrupt.com	unknown	2023-06-26	2023-06-26 15:20:17	2024-06-20 12:33:37	417 B	1.5 kB	23.109.170.222
pphiresandala.info	unknown	2024-04-01	2024-06-27 16:28:43	2024-06-27 21:46:49	1.6 kB	1.9 kB	104.21.94.226
region1.analytics.google.com	unknown	1997-09-15	2022-03-17 12:26:33	2024-06-27 18:37:39	850 B	447 B	216.239.32.36
www.up-4ever.net	unknown	2018-08-22	2019-05-16 15:28:27	2024-05-15 08:25:13	15 kB	2.2 MB	104.21.24.34
dof9zd9l290mz.cloudfront.net	unknown	2008-04-25	2024-03-27 17:22:34	2024-05-14 15:48:49	1.8 kB	104 kB	54.230.241.5
www.google.no	25607	2001-02-26	2016-04-05 21:50:59	2024-06-27 18:26:53	588 B	578 B	142.250.74.163
youradexchange.com	273384	2012-11-09	2013-02-04 17:25:46	2024-06-28 11:02:12	970 B	1.7 kB	104.21.91.188
dwfupceuqm.com	unknown	2024-06-19	2024-06-28 11:08:45	2024-06-28 11:08:45	421 B	64 kB	188.114.97.1
pogothere.xyz	unknown	2022-08-22	2022-09-04 21:11:25	2024-06-27 22:10:27	1.7 kB	208 kB	188.114.97.1
pubtrky.com	unknown	2023-11-21	2023-11-21 12:12:26	2024-06-28 11:08:45	476 B	560 B	104.21.8.108
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-06-27 18:12:05	654 B	1.8 kB	23.36.77.32
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2024-06-28 03:13:54	423 B	99 kB	142.250.74.168
rsalesrepresw.info	unknown	unknown	No data	No data	2.0 kB	3.7 kB	3.164.240.48
accounts.google.com	81	1997-09-15	2016-03-20 13:44:49	2024-06-27 18:13:54	3.7 kB	21 kB	64.233.164.84

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-06-28	medium	metallcorrupt.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (19)

	URL	From	Size	First Seen	Last Seen
	unknown	Function	37 B	2023-04-11	2025-06-02
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:31 Last Seen2025-06-02 15:11 Times Seen268470 Hash 29d0c84b9d1d8da446a6062c6a840ad9 6d6b3a6065667c7c50d92f3889c85ed65a9ad784 3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1 Loading...

	www.up-4ever.net/assets/js/perfect-scrollbar.min.js	ScriptElement	18 kB	2023-03-07	2025-06-02
Pretty URL www.up-4ever.net/assets/js/perfect-scrollbar.min.js IP 104.21.24.34 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03 Last Seen2025-06-02 08:40 Times Seen2043 Hash 4a10bcfa0a9c9fa9d503b5a498cac31e c4f6c403e99fb37cb496c3844b332823db7c5837 a4ec9d558eeb7bc7359fe7c4820deea2c951fdd8bd34cb0e15727412c7f6c634 Loading...

	www.up-4ever.net/assets/js/jquery-3.3.1.min.js	ScriptElement	87 kB	2023-03-07	2025-06-02
Pretty URL www.up-4ever.net/assets/js/jquery-3.3.1.min.js IP 104.21.24.34 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-02 14:20 Times Seen58838 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	www.up-4ever.net/js/jquery.paging.js	ScriptElement	19 kB	2023-03-07	2025-06-02
Pretty URL www.up-4ever.net/js/jquery.paging.js IP 104.21.24.34 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23 Last Seen2025-06-02 06:31 Times Seen2634 Hash d7a2c1c7af2a004a6d68e1e55b1cfb46 7fd6daa7076c30381880519ad06ef5639b19ee28 c8ecfe747c979fbd87624913200a9237343679923b495885bced089b80fc84f6 Loading...

	www.up-4ever.net/js/paging.js?ver=8	ScriptElement	2.0 kB	2023-03-07	2024-10-29
Pretty URL www.up-4ever.net/js/paging.js?ver=8 IP 104.21.24.34 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:52 Last Seen2024-10-29 14:27 Times Seen199 Hash 72fd099a2f1b24e8ad211308041e48c2 a1d45a105cce69e607050011242dd10f79a181d0 20bc222f73096f80397fe7b936bf6c6ca21f77dc5eb9ae91244154a98a207a64 Loading...

	www.up-4ever.net/z-6683946	ScriptElement	172 kB	2024-08-19	2024-08-19
Pretty URL www.up-4ever.net/z-6683946 IP 104.21.24.34 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 18:55 Last Seen2024-08-19 18:55 Times Seen1 Hash 24f70cfe817a03b39a0b65d9491b0531 55f6b2b107e3abd5a5f91af22e8989b301707394 32ac22453822fd1ff94713737c565f5a0d49f97a70aa89e1d0d13c8d31190ea3 Loading...

	www.up-4ever.net/assets/js/bootstrap.min.js?ver=10	ScriptElement	51 kB	2023-03-07	2025-06-02
Pretty URL www.up-4ever.net/assets/js/bootstrap.min.js?ver=10 IP 104.21.24.34 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-02 15:07 Times Seen100490 Hash 67176c242e1bdc20603c878dee836df3 27a71b00383d61ef3c489326b3564d698fc1227c 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4 Loading...

	www.up-4ever.net/assets/js/interface.js?ver=11	ScriptElement	135 B	2023-03-07	2024-10-29
Pretty URL www.up-4ever.net/assets/js/interface.js?ver=11 IP 104.21.24.34 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:52 Last Seen2024-10-29 14:27 Times Seen199 Hash 2ca9351527112fbc7dca206f84ea5524 2f3d792c91412558c7060080b72a81fd297ef64e 0a61490d8aeb374bac98abdad64f4d036b7117d850c740dc4ebd5be7c0708e22 Loading...

	www.up-4ever.net/js/dialogs.js	ScriptElement	2.2 kB	2023-03-07	2025-06-01
Pretty URL www.up-4ever.net/js/dialogs.js IP 104.21.24.34 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:52 Last Seen2025-06-01 21:43 Times Seen363 Hash 2f96a16e62a9d63834bbb6108f83d90b 7da8c8e56e98e99c6c891f6b44d135fb1276a32c 71fea8e764130d6d3e79297c3c69a3f30ba91e929ef79753dc6fd807d04bc03d Loading...

	www.up-4ever.net/3d5u9e52e4i3	ScriptElement	153 B	2023-10-15	2024-10-29
Pretty URL www.up-4ever.net/3d5u9e52e4i3 IP 104.21.24.34 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-15 17:23 Last Seen2024-10-29 14:27 Times Seen199 Hash 0bc2c454838e48c7f73e104e0d828337 73ba0b3eec7cb4bd4a4baa5e9c3d7930df9700e8 b5e379a52d2a40b8eb52ea0c562b9a961d31cf9eb930391cf0f8a1d79d5edd67 Loading...

	dof9zd9l290mz.cloudfront.net/?dzfod=1038311	ScriptElement	320 kB	2024-08-19	2024-08-19
Pretty URL dof9zd9l290mz.cloudfront.net/?dzfod=1038311 IP 54.230.241.5 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 18:55 Last Seen2024-08-19 18:55 Times Seen1 Hash 88228568d32679c9411021e1a204346a dd02e88fc326299eb33cbc521f6ba6d42482bd95 4c1d44b3a9aab59ca39fb4095b5496aaae8757e87924d1941d6547d8c080445f Loading...

	dwfupceuqm.com/script/ut.js?cb=1719578760245	ScriptElement	63 kB	2024-06-20	2024-08-19
Pretty URL dwfupceuqm.com/script/ut.js?cb=1719578760245 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-20 14:41 Last Seen2024-08-19 19:22 Times Seen443 Hash 70ca0f4c5ac0c7649da94fea551e4268 cf40b29df41cad68e7ce743e0a10df20d99db26c 9ae5a15774f41cd06010649f11ce3ce26db4eb0738917346822077a44f2ef069 Loading...

	www.up-4ever.net/assets/js/mdb.min.js?ver=15	ScriptElement	420 kB	2023-03-07	2024-10-29
Pretty URL www.up-4ever.net/assets/js/mdb.min.js?ver=15 IP 104.21.24.34 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:52 Last Seen2024-10-29 14:27 Times Seen200 Hash 6463535469b0b25b75b2e7a5827ffefa ebd7735850a34a96a130fad72cb395e40772edcf b6e658cbd1f64eba1b117f37d463588e91d21469fbf2cb2332b5d68f4e4b0fee Loading...

	www.up-4ever.net/js/bootstrap-confirm.js	ScriptElement	3.1 kB	2023-03-07	2025-06-01
Pretty URL www.up-4ever.net/js/bootstrap-confirm.js IP 104.21.24.34 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:52 Last Seen2025-06-01 21:43 Times Seen391 Hash ed107aaa46561415692b9d4548c7c615 c23678dd36a64ddd29d8cc102d1b1bebf922875f ecf662e9f1d25bd142e6b4e5618012a3af7af1a2cd7504d67b90d59ca344ef2f Loading...

	www.up-4ever.net/js/jquery.cookie.js	ScriptElement	3.1 kB	2023-03-07	2025-06-02
Pretty URL www.up-4ever.net/js/jquery.cookie.js IP 104.21.24.34 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23 Last Seen2025-06-02 06:31 Times Seen2677 Hash ff14e4812b7f512e620b1ad35542bcfc c40c5f777e7a2f63e7b731b3cdb1fe9c806b23ae c4fb91befcf134b81ecfa1c586e1f9d6426c8f4fc1f6c130ac1fddb49ab5df96 Loading...

	www.up-4ever.net/3d5u9e52e4i3	ScriptElement	194 B	2023-03-07	2024-10-29
Pretty URL www.up-4ever.net/3d5u9e52e4i3 IP 104.21.24.34 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 23:52 Last Seen2024-10-29 14:27 Times Seen199 Hash 7b6bba7d4a9952542fc729c25130c2d4 37a7d946a08461b0c84011c71317555e1293f5ee 3dfbca52099e0c1e4aac2e292e811ea8ff217111b02d2eafae23d584e4e8cf4b Loading...

	gn.metallcorrupt.com/rOKgZvPb1sSRnMu/vGVkM	ScriptElement	0 B	0001-01-01	2025-06-02
Pretty URL gn.metallcorrupt.com/rOKgZvPb1sSRnMu/vGVkM IP 23.109.170.222 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-06-02 15:13 Times Seen4828435 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.googletagmanager.com/gtag/js?id=G-BH3KCF6H24	ScriptElement	282 kB	2024-08-19	2024-08-19
Pretty URL www.googletagmanager.com/gtag/js?id=G-BH3KCF6H24 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 18:55 Last Seen2024-08-19 18:55 Times Seen1 Hash b9007397b679b70ebc3bd9b92679fe6e 8b33e4e305ccb33c7df4824e2efd7ca9f47de2e8 fe16330cbba323f137abfd5273b864aa5740a8b4f91f85ae68f54b297e3979a7 Loading...

	www.up-4ever.net/assets/js/popper.min.js?ver=10	ScriptElement	20 kB	2023-03-07	2025-06-01
Pretty URL www.up-4ever.net/assets/js/popper.min.js?ver=10 IP 104.21.24.34 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:52 Last Seen2025-06-01 07:57 Times Seen278 Hash c055b8c12988ec2b1f7238d85e79f4b4 5958a52438c8d753d692b11b5419bd1490c2655b 58cb6a78afc204b7165e947c965cbce6296ee0e587fbab3e12c0d2b6378e9004 Loading...

HTTP Transactions (60)

URL IP Response Size

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
116ef0f15d988075de9127b4d85aeeac
cd431538d40d2097891757fd0ca8c06b576051e9
7dd2781a8624ca9b8c54539a3c46c44cdd86477de3078e4dab624bfc7ce5b7ae

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "7DD2781A8624CA9B8C54539A3C46C44CDD86477DE3078E4DAB624BFC7CE5B7AE"
Last-Modified: Thu, 27 Jun 2024 11:47:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20332
Expires: Fri, 28 Jun 2024 18:24:51 GMT
Date: Fri, 28 Jun 2024 12:45:59 GMT
Connection: keep-alive

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3fc0045ed4dca38262d66d39526221f0
df47e010b86ea11fd988084c35661d527a5b4743
2bc2dce0e4e1d1bfa63689bd673045754cf71e111c8c518cb68f82a21ca6ae08

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 28 Jun 2024 12:45:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.up-4ever.net/assets/image/logo.png

104.21.24.34

200 OK

4.6 kB

URL GET HTTP/3
www.up-4ever.net/assets/image/logo.png
IP
104.21.24.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/3d5u9e52e4i3
Certificate
IssuerGoogle Trust Services
Subjectup-4ever.net
Fingerprint80:48:F1:5C:A7:FD:26:BA:C0:37:EE:30:29:47:30:49:A4:E5:24:BB
ValidityTue, 18 Jun 2024 19:19:10 GMT - Mon, 16 Sep 2024 19:19:09 GMT

File type
PNG image data, 175 x 45, 8-bit/color RGBA, non-interlaced
Size
4.6 kB (4569 bytes)
Hash
278fb0058ebe4de31a5eb8eb7954b7d8
566b41682c2fc1cd6adcee46b17083c5ebdb5707
a9e78b0bfceeaad1dc5d2a5a1a8a08da46dc4164dd7f3303924741a675f8db79

HTTP Headers

GET /assets/image/logo.png HTTP/1.1
Host: www.up-4ever.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/3d5u9e52e4i3
Cookie: aff=1071420
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 28 Jun 2024 12:45:59 GMT
content-type: image/png
content-length: 4569
last-modified: Thu, 23 May 2019 00:36:03 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 317
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YMJNjLfzXC2YA4p%2BLnJPZcPoc02Yir0SxrRaaXCgAZ3kEKNZjOlIAXASehmo0gZQM5blv7NYmAvqzsS1VcxJw49rbbNjSRJGZbEhd3JOu9dBoQglmNYjjBFoVBDAM76rlC5E"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89adc6f0cfeb10b9-CPH
alt-svc: h3=":443"; ma=86400

gn.metallcorrupt.com/rOKgZvPb1sSRnMu/vGVkM

23.109.170.222

200 OK

20 B

URL GET HTTP/1.1
gn.metallcorrupt.com/rOKgZvPb1sSRnMu/vGVkM
IP
23.109.170.222:443
ASN
#7979 SERVERS-COM

Requested by
https://www.up-4ever.net/3d5u9e52e4i3
Certificate
IssuerLet's Encrypt
Subjectgn.metallcorrupt.com
Fingerprint33:C8:30:BA:6A:CF:51:18:31:EE:A5:F4:07:AA:3A:C7:FD:BF:B7:BB
ValidityFri, 07 Jun 2024 00:46:12 GMT - Thu, 05 Sep 2024 00:46:11 GMT

File type
gzip compressed data, from Unix
Size
20 B (20 bytes)
Hash
7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /rOKgZvPb1sSRnMu/vGVkM HTTP/1.1
Host: gn.metallcorrupt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 28 Jun 2024 12:45:59 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.up-4ever.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Sat, 29-Jun-2024 12:45:59 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Sat, 29-Jun-2024 12:45:59 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

www.up-4ever.net/z-6683946

104.21.24.34

200 OK

172 kB

URL GET HTTP/3
www.up-4ever.net/z-6683946
IP
104.21.24.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/3d5u9e52e4i3
Certificate
IssuerGoogle Trust Services
Subjectup-4ever.net
Fingerprint80:48:F1:5C:A7:FD:26:BA:C0:37:EE:30:29:47:30:49:A4:E5:24:BB
ValidityTue, 18 Jun 2024 19:19:10 GMT - Mon, 16 Sep 2024 19:19:09 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (41614), with NEL line terminators
Size
172 kB (171819 bytes)
Hash
24f70cfe817a03b39a0b65d9491b0531
55f6b2b107e3abd5a5f91af22e8989b301707394
32ac22453822fd1ff94713737c565f5a0d49f97a70aa89e1d0d13c8d31190ea3

HTTP Headers

GET /z-6683946 HTTP/1.1
Host: www.up-4ever.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/3d5u9e52e4i3
Cookie: aff=1071420
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 28 Jun 2024 12:45:59 GMT
content-length: 171819
last-modified: Fri, 28 Jun 2024 12:01:02 GMT
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=haNtVMovq7HM6R%2B53lBl0tt4xlUzc2UVtC%2BMoImY%2FuCa8JAuvqGqcMPirOVQ19sWqt4miJKyqVHcwM8sT%2Fa7Q%2BXcCzJroiaKHmFlRVL4GS2TAPi2R38mtv9y%2Fp6QvIfzEWoF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 89adc6f0cff210b9-CPH
alt-svc: h3=":443"; ma=86400

www.googletagmanager.com/gtag/js?id=G-BH3KCF6H24

142.250.74.168

200 OK

98 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-BH3KCF6H24
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://www.up-4ever.net/3d5u9e52e4i3
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintBA:5D:A9:7F:41:46:B0:37:01:9E:05:B0:92:BA:41:C9:31:5B:4B:4A
ValidityThu, 13 Jun 2024 15:27:14 GMT - Thu, 05 Sep 2024 15:27:13 GMT

File type
JavaScript source, ASCII text, with very long lines (5945)
Size
98 kB (98352 bytes)
Hash
b9007397b679b70ebc3bd9b92679fe6e
8b33e4e305ccb33c7df4824e2efd7ca9f47de2e8
fe16330cbba323f137abfd5273b864aa5740a8b4f91f85ae68f54b297e3979a7

HTTP Headers

GET /gtag/js?id=G-BH3KCF6H24 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 28 Jun 2024 12:45:59 GMT
expires: Fri, 28 Jun 2024 12:45:59 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 98352
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

dof9zd9l290mz.cloudfront.net/?dzfod=1038311

54.230.241.5

200 OK

102 kB

URL GET HTTP/2
dof9zd9l290mz.cloudfront.net/?dzfod=1038311
IP
54.230.241.5:443
ASN
#16509 AMAZON-02

Requested by
https://www.up-4ever.net/3d5u9e52e4i3
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (15945)
Size
102 kB (102171 bytes)
Hash
88228568d32679c9411021e1a204346a
dd02e88fc326299eb33cbc521f6ba6d42482bd95
4c1d44b3a9aab59ca39fb4095b5496aaae8757e87924d1941d6547d8c080445f

HTTP Headers

GET /?dzfod=1038311 HTTP/1.1
Host: dof9zd9l290mz.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 102171
date: Fri, 28 Jun 2024 12:46:00 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5qEzGQcj9PDPoEtIvqh8i5xcVHhtYXpL3fRp0jDAezCiL2eb0e664A==
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3fc0045ed4dca38262d66d39526221f0
df47e010b86ea11fd988084c35661d527a5b4743
2bc2dce0e4e1d1bfa63689bd673045754cf71e111c8c518cb68f82a21ca6ae08

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 28 Jun 2024 12:46:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.up-4ever.net/assets/font/roboto/Roboto-Bold.woff2

104.21.24.34

200 OK

50 kB

URL GET HTTP/3
www.up-4ever.net/assets/font/roboto/Roboto-Bold.woff2
IP
104.21.24.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/3d5u9e52e4i3
Certificate
IssuerGoogle Trust Services
Subjectup-4ever.net
Fingerprint80:48:F1:5C:A7:FD:26:BA:C0:37:EE:30:29:47:30:49:A4:E5:24:BB
ValidityTue, 18 Jun 2024 19:19:10 GMT - Mon, 16 Sep 2024 19:19:09 GMT

File type
Web Open Font Format (Version 2), TrueType, length 49976, version 1.0
Size
50 kB (49976 bytes)
Hash
39b2c3031be6b4ea96e2e3e95d307814
933b866d09c2b087707a98dab64b3888865eeb96
8b84b2abc336ee61f48a28a697b6ace2333ea5f1868aa15d5aeb2c7beac6d716

HTTP Headers

GET /assets/font/roboto/Roboto-Bold.woff2 HTTP/1.1
Host: www.up-4ever.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/assets/css/mdb.min.css?ver=25
Cookie: aff=1071420
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 28 Jun 2024 12:46:00 GMT
content-type: font/woff2
content-length: 49976
last-modified: Thu, 23 May 2019 00:36:35 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 3982
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LlI37lsxCi3iXzHr%2FV9qWTm39KiYWH88n06n31pJJS3EConNX7GY%2BpcEK3p%2BW%2FdmBouWi66SLHVlpddJI7umBDXrXywIe1FmKcMPlWOLta%2Bs%2FH0k%2Fn03ugX%2B1AELcF%2FVAIgi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89adc6f34ba110b9-CPH
alt-svc: h3=":443"; ma=86400

www.up-4ever.net/assets/image/flags.png

104.21.24.34

200 OK

15 kB

URL GET HTTP/3
www.up-4ever.net/assets/image/flags.png
IP
104.21.24.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/3d5u9e52e4i3
Certificate
IssuerGoogle Trust Services
Subjectup-4ever.net
Fingerprint80:48:F1:5C:A7:FD:26:BA:C0:37:EE:30:29:47:30:49:A4:E5:24:BB
ValidityTue, 18 Jun 2024 19:19:10 GMT - Mon, 16 Sep 2024 19:19:09 GMT

File type
PNG image data, 1248 x 11, 8-bit/color RGBA, non-interlaced
Size
15 kB (15180 bytes)
Hash
0e7e0406e09ea913dc344ca9974ec94a
084fcf2d8e96661354a7e563f64801dfd13bead7
0787e30d6145bc8b8b92ed329f664bcc3012162ccba9ef943d7ada480afb74e9

HTTP Headers

GET /assets/image/flags.png HTTP/1.1
Host: www.up-4ever.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/assets/css/style.css?ver=34
Cookie: aff=1071420
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 28 Jun 2024 12:46:00 GMT
content-type: image/png
content-length: 15180
last-modified: Thu, 23 May 2019 00:36:04 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 3568
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lAGa3077qAeH0QcExUZjOdww927MneyOJQRwyCZBEjeuYq%2FZiXwaPsfUL8vu3QKHa5dV%2F74xp8ecHpst%2BNBJ1jqqR8mUAWZe0CJtvRqmI4oXAks%2Bl4m%2BF5iuv65UV%2Bwaf8El"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89adc6f34b9f10b9-CPH
alt-svc: h3=":443"; ma=86400

www.up-4ever.net/assets/css/bootstrap.min.css?ver=20

104.21.24.34

200 OK

72 kB

URL GET HTTP/3
www.up-4ever.net/assets/css/bootstrap.min.css?ver=20
IP
104.21.24.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/3d5u9e52e4i3
Certificate
IssuerGoogle Trust Services
Subjectup-4ever.net
Fingerprint80:48:F1:5C:A7:FD:26:BA:C0:37:EE:30:29:47:30:49:A4:E5:24:BB
ValidityTue, 18 Jun 2024 19:19:10 GMT - Mon, 16 Sep 2024 19:19:09 GMT

File type
ASCII text, with very long lines (65324)
Size
72 kB (72324 bytes)
Hash
f23c6a40ff257fdc38f8d415e98afd72
ca6a4c5791db0a03d30be973d3c6704c3f4a22cb
c9adb52c42b2966ed05d4e7eda2695e67285e19546bccfd14eae3c77ad760d5a

HTTP Headers

GET /assets/css/bootstrap.min.css?ver=20 HTTP/1.1
Host: www.up-4ever.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/3d5u9e52e4i3
Cookie: aff=1071420
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 28 Jun 2024 12:45:59 GMT
content-type: text/css
last-modified: Thu, 23 May 2019 00:35:58 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 317
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hZlH7ovKIb8SUyne%2Fcktp1ybPRqVlTzRIcFT5VjQAZ3bS5Gbulj5d9rjlzxaLhEEX0fU4DqCM4Ax0yePHOa2WGxQFRYaS9L%2BPd9vwqnhnRQ%2FCbXjMLlQCIp5wIHHhpzWL%2F6%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89adc6f0afc710b9-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.up-4ever.net/assets/font/roboto/Roboto-Regular.woff2

104.21.24.34

200 OK

49 kB

URL GET HTTP/3
www.up-4ever.net/assets/font/roboto/Roboto-Regular.woff2
IP
104.21.24.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/3d5u9e52e4i3
Certificate
IssuerGoogle Trust Services
Subjectup-4ever.net
Fingerprint80:48:F1:5C:A7:FD:26:BA:C0:37:EE:30:29:47:30:49:A4:E5:24:BB
ValidityTue, 18 Jun 2024 19:19:10 GMT - Mon, 16 Sep 2024 19:19:09 GMT

File type
Web Open Font Format (Version 2), TrueType, length 49236, version 1.0
Size
49 kB (49236 bytes)
Hash
2751ee43015f9884c3642f103b7f70c9
ed1558b0541f5e01ce48c7db1588371b990eec19
b5c9c23bd12593523a46d79dd0aee80e3226bbde4c9ac05fc30a95e2c1510de0

HTTP Headers

GET /assets/font/roboto/Roboto-Regular.woff2 HTTP/1.1
Host: www.up-4ever.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/assets/css/mdb.min.css?ver=25
Cookie: aff=1071420
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 28 Jun 2024 12:46:00 GMT
content-type: font/woff2
content-length: 49236
last-modified: Thu, 23 May 2019 00:36:13 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 3982
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zO%2F0WxmttzaVhT3LStgG7ILkdrF7c4fXweZLO9lquZbXamYnpOCfXysmLtVA%2BCt5c7ZWsWvHSr49qv%2FMMlt2rdhC1Vr1njPoDA3HT1cdjZwFWVtNf%2BjnjV6rBN7JXzKSjaEC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89adc6f35bac10b9-CPH
alt-svc: h3=":443"; ma=86400

www.up-4ever.net/assets/font/roboto/Roboto-Light.woff2

104.21.24.34

200 OK

49 kB

URL GET HTTP/3
www.up-4ever.net/assets/font/roboto/Roboto-Light.woff2
IP
104.21.24.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/3d5u9e52e4i3
Certificate
IssuerGoogle Trust Services
Subjectup-4ever.net
Fingerprint80:48:F1:5C:A7:FD:26:BA:C0:37:EE:30:29:47:30:49:A4:E5:24:BB
ValidityTue, 18 Jun 2024 19:19:10 GMT - Mon, 16 Sep 2024 19:19:09 GMT

File type
Web Open Font Format (Version 2), TrueType, length 49380, version 1.0
Size
49 kB (49380 bytes)
Hash
69f8a0617ac472f78e45841323a3df9e
bbdc28b887400fcb340b504ec2904993af42a5d7
94a0ac8d73bb60a9cbe27a4fa36669104f6ffa37c8ff2df29313a6c0d3b64a75

HTTP Headers

GET /assets/font/roboto/Roboto-Light.woff2 HTTP/1.1
Host: www.up-4ever.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/assets/css/mdb.min.css?ver=25
Cookie: aff=1071420
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 28 Jun 2024 12:46:00 GMT
content-type: font/woff2
content-length: 49380
last-modified: Thu, 23 May 2019 00:36:13 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 3982
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IBQRf3sHSKuPQ9xzkvdlreAQp%2FLPNqhZv%2B6MaXvjlY%2FK7CmL1z2JhuGsnvS4ZfMAji5CG6RQ9tGK8WdIyQOltc3WAJHVJwCI37pLxW61cjT3DqH1X8rrhZGv%2F%2F6LG%2BEymgDA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89adc6f34ba210b9-CPH
alt-svc: h3=":443"; ma=86400

www.up-4ever.net/assets/packages/fontawesome/webfonts/fa-light-300.woff2

104.21.24.34

200 OK

118 kB

URL GET HTTP/3
www.up-4ever.net/assets/packages/fontawesome/webfonts/fa-light-300.woff2
IP
104.21.24.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/3d5u9e52e4i3
Certificate
IssuerGoogle Trust Services
Subjectup-4ever.net
Fingerprint80:48:F1:5C:A7:FD:26:BA:C0:37:EE:30:29:47:30:49:A4:E5:24:BB
ValidityTue, 18 Jun 2024 19:19:10 GMT - Mon, 16 Sep 2024 19:19:09 GMT

File type
Web Open Font Format (Version 2), TrueType, length 117936, version 1.0
Size
118 kB (117936 bytes)
Hash
548f2ded83a195a98ac3651bdf9a6f2e
825e10e15e3cfc58b1c8f0958f33ea6a738a586d
2fc5ace475076f454c946a32e61011a7b8b0ab6fadfb98a73756906b94a5588d

HTTP Headers

GET /assets/packages/fontawesome/webfonts/fa-light-300.woff2 HTTP/1.1
Host: www.up-4ever.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/assets/packages/fontawesome/css/all.css
Cookie: aff=1071420
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 28 Jun 2024 12:46:00 GMT
content-type: font/woff2
content-length: 117936
last-modified: Thu, 23 May 2019 00:36:21 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 3982
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ltEyhEKtw0Ehm2qKPjMmvqYEMacYkqT%2BCaEGsQ9vHLEMuH7q%2B1yxYkWGIND6NFWOzgqlRng8u5huczDVHrci3G2WCu44TW3p5wUHPv8Nym6UdtEjYdilS5XXFeKQnr%2FpPZIP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89adc6f35bb510b9-CPH
alt-svc: h3=":443"; ma=86400

www.up-4ever.net/assets/packages/fontawesome/webfonts/fa-brands-400.woff2

104.21.24.34

200 OK

65 kB

URL GET HTTP/3
www.up-4ever.net/assets/packages/fontawesome/webfonts/fa-brands-400.woff2
IP
104.21.24.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/3d5u9e52e4i3
Certificate
IssuerGoogle Trust Services
Subjectup-4ever.net
Fingerprint80:48:F1:5C:A7:FD:26:BA:C0:37:EE:30:29:47:30:49:A4:E5:24:BB
ValidityTue, 18 Jun 2024 19:19:10 GMT - Mon, 16 Sep 2024 19:19:09 GMT

File type
Web Open Font Format (Version 2), TrueType, length 65316, version 1.0
Size
65 kB (65316 bytes)
Hash
48461ea4e797c9774dabb4a0440d2f56
024b7f9afa49a3658ebd7eee4e1c536502db51fa
974956f1b7b82cecd8ae88a0b685f0d5dfe5c8534c2784e59abeea719eadbbc4

HTTP Headers

GET /assets/packages/fontawesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: www.up-4ever.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/assets/packages/fontawesome/css/all.css
Cookie: aff=1071420
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 28 Jun 2024 12:46:00 GMT
content-type: font/woff2
content-length: 65316
last-modified: Thu, 23 May 2019 00:36:23 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 3981
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CVHI%2FafEg4%2Fgmw0W8c%2FQ%2BkHdDYgrJCeROZwH5UnXZ7THGa%2FWJ4hv4ZCPCd%2FjL6n8QkGcSUeTNQ%2FehlEnfFOqGJiMq4OvANAyG4mfLK5Ec3mss%2FVcySlOz2ZuA3mleHOOc%2Faj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89adc6f4ee0310b9-CPH
alt-svc: h3=":443"; ma=86400

rsalesrepresw.info/R1RTa20mNjAGUiZpMU0YNThuTl8BcWEtCSgyahEJfjhhUl0qLn0IASghNw0fKDonRQMiIHZZK3caBAMECgI/PC8wLAsxBgIWEQwVKBYFWjsFA2soOS8eFzsrCQIVPjQyEytbPg8TYjolIDAXD1w0GhUDDj0GNAggFgMBIywUPGIiNTc1FBwocTYSOj0mLAI/JQU8BTEsERsXByx0AT89KBEQNzw7ERkLJCsCHwscO2JmFTo/IBoEBj8BFhIxDhc4AiYoLCcqLhV3EBcvPyYRNB8JCQIBJTgPMCAsXC8cElkGIxEVJiwhFQoaPzAaIzw8AhkBKCgWAz9GJw0NAiZeERUFUy8uJBsqXyscGwAOBBMSEwgTFRUcKAEkAD0HPwMSHF0SNWAlDBIzERsvETgAKiUwHAQqPx4fYioiAwE/Uy8+YTEpXiQSBwMOCjUSTQc0Oz0bUDU9GS8VCGYqWw4eOD4xIA

3.164.240.48

200 OK

1.2 kB

URL GET HTTP/2
rsalesrepresw.info/R1RTa20mNjAGUiZpMU0YNThuTl8BcWEtCSgyahEJfjhhUl0qLn0IASghNw0fKDonRQMiIHZZK3caBAMECgI/PC8wLAsxBgIWEQwVKBYFWjsFA2soOS8eFzsrCQIVPjQyEytbPg8TYjolIDAXD1w0GhUDDj0GNAggFgMBIywUPGIiNTc1FBwocTYSOj0mLAI/JQU8BTEsERsXByx0AT89KBEQNzw7ERkLJCsCHwscO2JmFTo/IBoEBj8BFhIxDhc4AiYoLCcqLhV3EBcvPyYRNB8JCQIBJTgPMCAsXC8cElkGIxEVJiwhFQoaPzAaIzw8AhkBKCgWAz9GJw0NAiZeERUFUy8uJBsqXyscGwAOBBMSEwgTFRUcKAEkAD0HPwMSHF0SNWAlDBIzERsvETgAKiUwHAQqPx4fYioiAwE/Uy8+YTEpXiQSBwMOCjUSTQc0Oz0bUDU9GS8VCGYqWw4eOD4xIA
IP
3.164.240.48:443
ASN
#0

Requested by
https://www.up-4ever.net/3d5u9e52e4i3
Certificate
IssuerAmazon
Subjectrsalesrepresw.info
Fingerprint67:F1:6D:E5:C1:C0:B2:84:85:10:6B:B6:16:8D:BE:5B:12:84:A9:37
ValidityWed, 05 Jun 2024 00:00:00 GMT - Fri, 04 Jul 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (3055), with no line terminators
Size
1.2 kB (1204 bytes)
Hash
19314fc99c97d7f71e22736478c73173
5fab2dee96c7d2bb61bab53f458802bfcb7a4341
5e59763d0af9c14e64c54a8997c7d70869016a988ec59432a9b747afce83ee8a

HTTP Headers

GET /R1RTa20mNjAGUiZpMU0YNThuTl8BcWEtCSgyahEJfjhhUl0qLn0IASghNw0fKDonRQMiIHZZK3caBAMECgI/PC8wLAsxBgIWEQwVKBYFWjsFA2soOS8eFzsrCQIVPjQyEytbPg8TYjolIDAXD1w0GhUDDj0GNAggFgMBIywUPGIiNTc1FBwocTYSOj0mLAI/JQU8BTEsERsXByx0AT89KBEQNzw7ERkLJCsCHwscO2JmFTo/IBoEBj8BFhIxDhc4AiYoLCcqLhV3EBcvPyYRNB8JCQIBJTgPMCAsXC8cElkGIxEVJiwhFQoaPzAaIzw8AhkBKCgWAz9GJw0NAiZeERUFUy8uJBsqXyscGwAOBBMSEwgTFRUcKAEkAD0HPwMSHF0SNWAlDBIzERsvETgAKiUwHAQqPx4fYioiAwE/Uy8+YTEpXiQSBwMOCjUSTQc0Oz0bUDU9GS8VCGYqWw4eOD4xIA HTTP/1.1
Host: rsalesrepresw.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html
content-length: 1204
date: Fri, 28 Jun 2024 12:46:00 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 07b1d101035e34f82920833b00a4e896.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P2
x-amz-cf-id: ftJJfgAwktDIGzowj21KZDGHtTsDVUYmMzAYWp-W1Q7faflaFAJb2w==
X-Firefox-Spdy: h2

rsalesrepresw.info/ZG9GeVkFDSUUZgVSJF8sFgN7XGsiSnQ/PQsJfwM9XQN0QGkJFWgaNQsaIh8rCwEyVzcBG2NLH1M8KzMaMAIhCR03GCkvI1AjDBcXPgoqP28COSpOCyAmfj0KHAkILTICNQQaID1eMQ8fJwx+KzA1JwgUPicgF0kqNAMTGBAlInU+IVQgAABhQV0ANmg2FSc7LhMtKEB8Vi0SEAAgIwUVDwYuJQoVMjlxKxopHgUXPTM1AhYALj4qXGsiPyEoLCAWEw8dIAAfMg4DCw1IYRImFDAzIAZyDw08CC0dayY2JEgbHTUuO24xXSJAEglWFxowLS0MOzpSDncJbyMBawltKlw+LgNXXzcbaCYWFjtsEjoXN2o8AhQqOFYbJxw+MQEKKBQIPXU4EDMBNi06ClocHDUqASA/PhcsPDgrIAYTGANXGDMaaDYcIBJtQV0AIWopSSwKNgofeykbJRY1LjUxDhEIb1U

3.164.240.48

200 OK

1.2 kB

URL GET HTTP/2
rsalesrepresw.info/ZG9GeVkFDSUUZgVSJF8sFgN7XGsiSnQ/PQsJfwM9XQN0QGkJFWgaNQsaIh8rCwEyVzcBG2NLH1M8KzMaMAIhCR03GCkvI1AjDBcXPgoqP28COSpOCyAmfj0KHAkILTICNQQaID1eMQ8fJwx+KzA1JwgUPicgF0kqNAMTGBAlInU+IVQgAABhQV0ANmg2FSc7LhMtKEB8Vi0SEAAgIwUVDwYuJQoVMjlxKxopHgUXPTM1AhYALj4qXGsiPyEoLCAWEw8dIAAfMg4DCw1IYRImFDAzIAZyDw08CC0dayY2JEgbHTUuO24xXSJAEglWFxowLS0MOzpSDncJbyMBawltKlw+LgNXXzcbaCYWFjtsEjoXN2o8AhQqOFYbJxw+MQEKKBQIPXU4EDMBNi06ClocHDUqASA/PhcsPDgrIAYTGANXGDMaaDYcIBJtQV0AIWopSSwKNgofeykbJRY1LjUxDhEIb1U
IP
3.164.240.48:443
ASN
#0

Requested by
https://www.up-4ever.net/3d5u9e52e4i3
Certificate
IssuerAmazon
Subjectrsalesrepresw.info
Fingerprint67:F1:6D:E5:C1:C0:B2:84:85:10:6B:B6:16:8D:BE:5B:12:84:A9:37
ValidityWed, 05 Jun 2024 00:00:00 GMT - Fri, 04 Jul 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (3050), with no line terminators
Size
1.2 kB (1200 bytes)
Hash
6717198856603b71578c69146f58062f
8b84c2f4c4d89a91550427feda5bbb7ebd8dd962
541cb3d458d779a0441db74e28d23a3df2527835cc4c7e1fde138db21d32d504

HTTP Headers

GET /ZG9GeVkFDSUUZgVSJF8sFgN7XGsiSnQ/PQsJfwM9XQN0QGkJFWgaNQsaIh8rCwEyVzcBG2NLH1M8KzMaMAIhCR03GCkvI1AjDBcXPgoqP28COSpOCyAmfj0KHAkILTICNQQaID1eMQ8fJwx+KzA1JwgUPicgF0kqNAMTGBAlInU+IVQgAABhQV0ANmg2FSc7LhMtKEB8Vi0SEAAgIwUVDwYuJQoVMjlxKxopHgUXPTM1AhYALj4qXGsiPyEoLCAWEw8dIAAfMg4DCw1IYRImFDAzIAZyDw08CC0dayY2JEgbHTUuO24xXSJAEglWFxowLS0MOzpSDncJbyMBawltKlw+LgNXXzcbaCYWFjtsEjoXN2o8AhQqOFYbJxw+MQEKKBQIPXU4EDMBNi06ClocHDUqASA/PhcsPDgrIAYTGANXGDMaaDYcIBJtQV0AIWopSSwKNgofeykbJRY1LjUxDhEIb1U HTTP/1.1
Host: rsalesrepresw.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html
content-length: 1200
date: Fri, 28 Jun 2024 12:46:00 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 07b1d101035e34f82920833b00a4e896.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P2
x-amz-cf-id: A-pq_DoySfVnyNO4v0ZHlyoVd3WmjC-xqRDs3Dj160pNW3qIiO-CLQ==
X-Firefox-Spdy: h2

www.up-4ever.net/assets/font/roboto/Roboto-Medium.woff

104.21.24.34

200 OK

63 kB

URL GET HTTP/3
www.up-4ever.net/assets/font/roboto/Roboto-Medium.woff
IP
104.21.24.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/3d5u9e52e4i3
Certificate
IssuerGoogle Trust Services
Subjectup-4ever.net
Fingerprint80:48:F1:5C:A7:FD:26:BA:C0:37:EE:30:29:47:30:49:A4:E5:24:BB
ValidityTue, 18 Jun 2024 19:19:10 GMT - Mon, 16 Sep 2024 19:19:09 GMT

File type
Web Open Font Format, TrueType, length 62980, version 2.980
Size
63 kB (62980 bytes)
Hash
fc78759e93a6cac50458610e3d9d63a0
d45f84922131364989ad6578c7a06b6b4fc22c34
72841a4c4171b13ab1edf2c8f8046f0958f2ff608ce4e0d568dd5c6319f8a933

HTTP Headers

GET /assets/font/roboto/Roboto-Medium.woff HTTP/1.1
Host: www.up-4ever.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/assets/css/mdb.min.css?ver=25
Cookie: aff=1071420
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 28 Jun 2024 12:46:00 GMT
content-type: font/woff
content-length: 62980
last-modified: Thu, 23 May 2019 00:36:14 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EGO5xya%2FJTvgc5AbvJxNxAYbWlk6Yu04XZoUCkgVKVJy%2BULkug4hHqQFIKSPPGEGBm27PpNCNLCa0QXCpSiBtbB2SOluJJ6nFKiuz9UkfUF2Rx%2Fkxp7tkSfRS4sKcqJTzFKL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89adc6f4fe1610b9-CPH
alt-svc: h3=":443"; ma=86400

www.up-4ever.net/assets/font/roboto/Roboto-Bold.woff

104.21.24.34

200 OK

63 kB

URL GET HTTP/3
www.up-4ever.net/assets/font/roboto/Roboto-Bold.woff
IP
104.21.24.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/3d5u9e52e4i3
Certificate
IssuerGoogle Trust Services
Subjectup-4ever.net
Fingerprint80:48:F1:5C:A7:FD:26:BA:C0:37:EE:30:29:47:30:49:A4:E5:24:BB
ValidityTue, 18 Jun 2024 19:19:10 GMT - Mon, 16 Sep 2024 19:19:09 GMT

File type
Web Open Font Format, TrueType, length 62876, version 2.980
Size
63 kB (62876 bytes)
Hash
dc81817def276b4f21395f7ea5e88dcd
ee99cd87a59a9a5d4092c83232bb3eec67547425
e7cbaf29c3812b80577cb845b5d359486242338f25620ba65260e265464fe359

HTTP Headers

GET /assets/font/roboto/Roboto-Bold.woff HTTP/1.1
Host: www.up-4ever.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/assets/css/mdb.min.css?ver=25
Cookie: aff=1071420
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 28 Jun 2024 12:46:00 GMT
content-type: font/woff
content-length: 62876
last-modified: Thu, 23 May 2019 00:36:14 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bhhJfRnAMdvSMOO%2Fqx8q%2FBiqUdN8a9xV7Qjm8sEhOCPrmb9zEz27zPlB2zHOTdWOlzwQbv6%2FMg%2B3Afkr9kxv1TH6nc9uXoY8kSL7RSCzgqHGuhF2X5wiJd2hwG518VW9Au9b"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89adc6f4ee0d10b9-CPH
alt-svc: h3=":443"; ma=86400

www.up-4ever.net/assets/font/roboto/Roboto-Regular.woff

104.21.24.34

200 OK

62 kB

URL GET HTTP/3
www.up-4ever.net/assets/font/roboto/Roboto-Regular.woff
IP
104.21.24.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/3d5u9e52e4i3
Certificate
IssuerGoogle Trust Services
Subjectup-4ever.net
Fingerprint80:48:F1:5C:A7:FD:26:BA:C0:37:EE:30:29:47:30:49:A4:E5:24:BB
ValidityTue, 18 Jun 2024 19:19:10 GMT - Mon, 16 Sep 2024 19:19:09 GMT

File type
Web Open Font Format, TrueType, length 61736, version 2.980
Size
62 kB (61736 bytes)
Hash
ba3dcd8903e3d0af5de7792777f8ae0d
74734dde8d94e7268170f9b994dedfbdcb5b3a15
2cd6b07b7855716761250290ce3cf447ccc98e793e484294d3fa8ccbb55b016a

HTTP Headers

GET /assets/font/roboto/Roboto-Regular.woff HTTP/1.1
Host: www.up-4ever.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/assets/css/mdb.min.css?ver=25
Cookie: aff=1071420
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 28 Jun 2024 12:46:00 GMT
content-type: font/woff
content-length: 61736
last-modified: Thu, 23 May 2019 00:36:13 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pLr%2FpsG94B0VWGy6jTS994zkIQI7qGceTLql4C%2BrK8S5j7yQXKMTiGPigm0SKGMC7ZagcA6T%2F5BoW73253R8Wv2Q9Arlwuflre4uhxEGNdKJZIgMxnpAjlxoEBKZMdfv6pHY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89adc6f4fe1b10b9-CPH
alt-svc: h3=":443"; ma=86400

www.up-4ever.net/assets/font/roboto/Roboto-Light.woff

104.21.24.34

200 OK

62 kB

URL GET HTTP/3
www.up-4ever.net/assets/font/roboto/Roboto-Light.woff
IP
104.21.24.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/3d5u9e52e4i3
Certificate
IssuerGoogle Trust Services
Subjectup-4ever.net
Fingerprint80:48:F1:5C:A7:FD:26:BA:C0:37:EE:30:29:47:30:49:A4:E5:24:BB
ValidityTue, 18 Jun 2024 19:19:10 GMT - Mon, 16 Sep 2024 19:19:09 GMT

File type
Web Open Font Format, TrueType, length 62316, version 2.980
Size
62 kB (62316 bytes)
Hash
3b813c2ae0d04909a33a18d792912ee7
6300f659be9e834ab263efe2fb3c581d48b1e7b2
2cbb012f1d36c09d3f17100ef2cf8213cbd429d9e519dff536c12ed6f07a0d25

HTTP Headers

GET /assets/font/roboto/Roboto-Light.woff HTTP/1.1
Host: www.up-4ever.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/assets/css/mdb.min.css?ver=25
Cookie: aff=1071420
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 28 Jun 2024 12:46:00 GMT
content-type: font/woff
content-length: 62316
last-modified: Thu, 23 May 2019 00:36:13 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t2AptUjMkbBU4Qt5H%2FCGkihqgfCm3irxn5aAzY8fe7vZ8%2Br7qgdUKIAAaPJLxAYI8FTckUbySVfsA9tgF1JHi3DBP4T%2F0o%2FrsWPPigbVclrL%2BEma7aU59G9JCqft%2Bn13xU2j"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89adc6f4fe2d10b9-CPH
alt-svc: h3=":443"; ma=86400

pphiresandala.info/WDZQSWd3CTM6WgtuHgU1EHhnGC8gTwN6IRxQPg8kPl0CbFUaVTsIQSxfNHRWaANnfVFvECAgA2UHdjoTOUIlOlppEDknATcLdj9aaRhjfUlrAH59QS0LYW8TKFc3dFZ+RiQ9C2UHZ3hebQFoflFoBWF/

104.21.94.226

204 No Content

0 B

URL GET HTTP/2
pphiresandala.info/WDZQSWd3CTM6WgtuHgU1EHhnGC8gTwN6IRxQPg8kPl0CbFUaVTsIQSxfNHRWaANnfVFvECAgA2UHdjoTOUIlOlppEDknATcLdj9aaRhjfUlrAH59QS0LYW8TKFc3dFZ+RiQ9C2UHZ3hebQFoflFoBWF/
IP
104.21.94.226:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/3d5u9e52e4i3
Certificate
IssuerGoogle Trust Services LLC
Subjectpphiresandala.info
FingerprintCB:BF:C3:D6:28:65:94:5D:74:FE:5C:97:3E:01:3B:B1:70:36:4B:91
ValidityThu, 30 May 2024 09:10:23 GMT - Wed, 28 Aug 2024 09:10:22 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WDZQSWd3CTM6WgtuHgU1EHhnGC8gTwN6IRxQPg8kPl0CbFUaVTsIQSxfNHRWaANnfVFvECAgA2UHdjoTOUIlOlppEDknATcLdj9aaRhjfUlrAH59QS0LYW8TKFc3dFZ+RiQ9C2UHZ3hebQFoflFoBWF/ HTTP/1.1
Host: pphiresandala.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Fri, 28 Jun 2024 12:46:00 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R%2F3wzMmLXmoYj8M6UodD03mo7JKKLtoDtJIFEfvm7yzb%2B%2FUqf48I33qffvGlRjT74ehp30l7zGOJ%2BGNn1dt3Otd%2FOvhIS2pW%2FEjyjLSdRXBYCkaRfyrGJrxX%2BHjjUImjgs3MJNY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 89adc6f4bc7192d6-CPH
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

pphiresandala.info/WUk5cTR2dloCCTwkaxptawN0J2IXKGwkWD0ffz9WCnhdI2EIb00YUGR4CUIMangIV0QwLQRAEio9WAVBKnQIV103L1ZMEi90CF8HbWcKRxptb0xMBX89SRBTZHgfAUAtJQRAA2hwDEYMbn8JQw1v

104.21.94.226

204 No Content

0 B

URL GET HTTP/2
pphiresandala.info/WUk5cTR2dloCCTwkaxptawN0J2IXKGwkWD0ffz9WCnhdI2EIb00YUGR4CUIMangIV0QwLQRAEio9WAVBKnQIV103L1ZMEi90CF8HbWcKRxptb0xMBX89SRBTZHgfAUAtJQRAA2hwDEYMbn8JQw1v
IP
104.21.94.226:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/3d5u9e52e4i3
Certificate
IssuerGoogle Trust Services LLC
Subjectpphiresandala.info
FingerprintCB:BF:C3:D6:28:65:94:5D:74:FE:5C:97:3E:01:3B:B1:70:36:4B:91
ValidityThu, 30 May 2024 09:10:23 GMT - Wed, 28 Aug 2024 09:10:22 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WUk5cTR2dloCCTwkaxptawN0J2IXKGwkWD0ffz9WCnhdI2EIb00YUGR4CUIMangIV0QwLQRAEio9WAVBKnQIV103L1ZMEi90CF8HbWcKRxptb0xMBX89SRBTZHgfAUAtJQRAA2hwDEYMbn8JQw1v HTTP/1.1
Host: pphiresandala.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Fri, 28 Jun 2024 12:46:00 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=svR%2FrBD%2Bh3rRCnor%2FRKZLOyGMYQiEtd0eqGJHrvlo9rSkuKxJ6jwvxQgdvqc0btb3FKP2J29zOpLFnS%2FSuMTEO8aqRHEzVudwWd1S30PCf4bqNKnnPi2W4bf1QNOjh09E97YUdE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 89adc6f4bc6b92d6-CPH
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e14f1b5c64abd6f16261b51acff25bc4
8f9bb9cc34ac946843483935f93a6aa902a4bfdc
b932f7436c99dd7bf38475a4d9b6d4155341bd84e2a557ba22edd416ef2833aa

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 28 Jun 2024 12:46:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BH3KCF6H24&cid=1131034073.1719578761&gtm=45je46q0v9132047618za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1008250699

142.250.74.163

200 OK

42 B

URL GET HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BH3KCF6H24&cid=1131034073.1719578761&gtm=45je46q0v9132047618za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1008250699
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://www.up-4ever.net/3d5u9e52e4i3
Certificate
IssuerGoogle Trust Services
Subject*.google.no
Fingerprint6C:CC:B7:CF:15:1F:27:AA:28:A1:52:32:C5:C9:7C:27:38:7B:9B:C7
ValidityThu, 13 Jun 2024 16:47:25 GMT - Thu, 05 Sep 2024 16:47:24 GMT

File type
GIF image data, version 89a, 1 x 1
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BH3KCF6H24&cid=1131034073.1719578761&gtm=45je46q0v9132047618za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1008250699 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jun 2024 12:46:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail

64.233.164.84

302 Found

0 B

URL GET HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
64.233.164.84:443
ASN
#15169 GOOGLE

Requested by
https://www.up-4ever.net/3d5u9e52e4i3
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
FingerprintC0:DC:0B:E4:CE:F0:67:45:F7:48:92:E3:BB:9E:40:3F:C1:59:FB:9B
ValidityThu, 13 Jun 2024 16:36:13 GMT - Thu, 05 Sep 2024 16:36:12 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:TGMhOVBuI806aOd2BRpogUlde9hh5g:fb5PQl_QI-xIpb-m; Expires=Sun, 28-Jun-2026 12:46:00 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 28 Jun 2024 12:46:00 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AS5LTARE1P-S7u-KFoBBqQ0u_hTM1L0n8XGeyhstywPnYeqsB6ThhHsVpKIFsKLgiij5ZYylXcsjWQ
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: unsafe-none
content-security-policy: script-src 'nonce-plRSuZ3mcZe0ymCogG0-Fw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube

64.233.164.84

302 Found

0 B

URL GET HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
64.233.164.84:443
ASN
#15169 GOOGLE

Requested by
https://www.up-4ever.net/3d5u9e52e4i3
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
FingerprintC0:DC:0B:E4:CE:F0:67:45:F7:48:92:E3:BB:9E:40:3F:C1:59:FB:9B
ValidityThu, 13 Jun 2024 16:36:13 GMT - Thu, 05 Sep 2024 16:36:12 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:vEaMfepGbdNgtAOgM1bhfNnrJV9SYQ:MbTotQS8FmywIRMU; Expires=Sun, 28-Jun-2026 12:46:00 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 28 Jun 2024 12:46:00 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AS5LTARjnaB7c_zJxdtfpeTD0JgqeA834xo1zzt8_Cv9W7RvQ2JPpMtneFpMa0YjuhYR6HrNd-QXrg
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy: unsafe-none
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-aHhumYIbdELYzMfrLFcZUw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-BH3KCF6H24&gtm=45je46q0v9132047618za200&_p=1719578760065&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1131034073.1719578761&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_s=1&sid=1719578760&sct=1&seg=0&dl=https%3A%2F%2Fwww.up-4ever.net%2F3d5u9e52e4i3&dt=Download%20CWindows10User%20Manual%20Ed222024%20pdf&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1292&_z=fetch

216.239.32.36

204 No Content

0 B

URL POST HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-BH3KCF6H24&gtm=45je46q0v9132047618za200&_p=1719578760065&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1131034073.1719578761&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_s=1&sid=1719578760&sct=1&seg=0&dl=https%3A%2F%2Fwww.up-4ever.net%2F3d5u9e52e4i3&dt=Download%20CWindows10User%20Manual%20Ed222024%20pdf&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1292&_z=fetch
IP
216.239.32.36:443
ASN
#15169 GOOGLE

Requested by
https://www.up-4ever.net/3d5u9e52e4i3
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint62:9F:34:0E:FD:86:47:D8:9C:DB:7F:2E:F7:05:DF:FA:84:E1:FE:1A
ValidityMon, 03 Jun 2024 06:35:20 GMT - Mon, 26 Aug 2024 06:35:19 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-BH3KCF6H24&gtm=45je46q0v9132047618za200&_p=1719578760065&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1131034073.1719578761&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_s=1&sid=1719578760&sct=1&seg=0&dl=https%3A%2F%2Fwww.up-4ever.net%2F3d5u9e52e4i3&dt=Download%20CWindows10User%20Manual%20Ed222024%20pdf&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1292&_z=fetch HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.up-4ever.net/
Origin: https://www.up-4ever.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://www.up-4ever.net
date: Fri, 28 Jun 2024 12:46:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AS5LTARE1P-S7u-KFoBBqQ0u_hTM1L0n8XGeyhstywPnYeqsB6ThhHsVpKIFsKLgiij5ZYylXcsjWQ

64.233.164.84

302 Found

419 B

URL GET HTTP/2
accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AS5LTARE1P-S7u-KFoBBqQ0u_hTM1L0n8XGeyhstywPnYeqsB6ThhHsVpKIFsKLgiij5ZYylXcsjWQ
IP
64.233.164.84:443
ASN
#15169 GOOGLE

Requested by
https://www.up-4ever.net/3d5u9e52e4i3
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
FingerprintC0:DC:0B:E4:CE:F0:67:45:F7:48:92:E3:BB:9E:40:3F:C1:59:FB:9B
ValidityThu, 13 Jun 2024 16:36:13 GMT - Thu, 05 Sep 2024 16:36:12 GMT

File type
HTML document, ASCII text, with very long lines (390)
Size
419 B (419 bytes)
Hash
a5582850df75d5c3d384ac96beb40eb0
0fdcd79dcbc955dd1c976e0a91eca35707ef8e64
5f06e558a874f1a1b01c8ae9c89c8bf9ea282fd5814e6c0918874286862c291b

HTTP Headers

GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AS5LTARE1P-S7u-KFoBBqQ0u_hTM1L0n8XGeyhstywPnYeqsB6ThhHsVpKIFsKLgiij5ZYylXcsjWQ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.up-4ever.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:WgietHpD47MAy5Nr3uJKm9x9UjW4hQ:4TrD4yDVwGjw8i2a;Path=/;Expires=Sun, 28-Jun-2026 12:46:00 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 28 Jun 2024 12:46:00 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AS5LTAQDKxB3911r0TZm6ZdkbLkT5p2CmDdTMXNs5FfhwZkKPL0TGspZ1W9BhRtVhVNi7kcs64N5hA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-200617209%3A1719578760908141&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: script-src 'nonce-q8SWWcv9Es-k-qrUAyJZCA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 419
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AS5LTARjnaB7c_zJxdtfpeTD0JgqeA834xo1zzt8_Cv9W7RvQ2JPpMtneFpMa0YjuhYR6HrNd-QXrg

64.233.164.84

302 Found

420 B

URL GET HTTP/2
accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AS5LTARjnaB7c_zJxdtfpeTD0JgqeA834xo1zzt8_Cv9W7RvQ2JPpMtneFpMa0YjuhYR6HrNd-QXrg
IP
64.233.164.84:443
ASN
#15169 GOOGLE

Requested by
https://www.up-4ever.net/3d5u9e52e4i3
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
FingerprintC0:DC:0B:E4:CE:F0:67:45:F7:48:92:E3:BB:9E:40:3F:C1:59:FB:9B
ValidityThu, 13 Jun 2024 16:36:13 GMT - Thu, 05 Sep 2024 16:36:12 GMT

File type
HTML document, ASCII text, with very long lines (394)
Size
420 B (420 bytes)
Hash
1cd3283bb531a117715b7d4a1d7ac97b
82d7fe1a6c2e961dbef1dcb174f358be86982b31
a066e9a474eefef64afa070a3bf3b24afb5883628372adb5cd56470ce025bf26

HTTP Headers

GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AS5LTARjnaB7c_zJxdtfpeTD0JgqeA834xo1zzt8_Cv9W7RvQ2JPpMtneFpMa0YjuhYR6HrNd-QXrg HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.up-4ever.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:yHyxmD6OIn0zvq792cceIeNyShLEfA:KdXtEIaV4T65gTou;Path=/;Expires=Sun, 28-Jun-2026 12:46:00 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 28 Jun 2024 12:46:00 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AS5LTASSTGdhAEF9gfX6T5zHA2ikZg8w7h_7LZRNrRE3jXXa4bArgeRo8dm-f5v7WubtF3iQADBeXQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1141770829%3A1719578760914138&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-LhYwqRY4KV07vZoaUvxu0A' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 420
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

dof9zd9l290mz.cloudfront.net/0NWhiMVlWBwxXZkEBBgxoBV1VBW8CThJDPFNVFUYuGx0SHG1QHgdDd1sNFhczRgcMQWRHASh1IXpaGwE6bAQPaxQTHBhVZAVODlA3UlVEVDdWVVMXOFEKXwV/QRgNWmRFBAZcPlQMEksyEx0DDDRaEgtdNVRNUHdsG1hHA2kdEFMAfAYqRwNpWQEMRCEQWl-JJYQM3VAV8BipHA2lHHkcCGAxeTAFwEFpSVjxWAw0Ua3NaUgBpBVlSAHwHWARYK1AODUl8By5bB3cFThcMaA

54.230.241.5

491 B

URL
dof9zd9l290mz.cloudfront.net/0NWhiMVlWBwxXZkEBBgxoBV1VBW8CThJDPFNVFUYuGx0SHG1QHgdDd1sNFhczRgcMQWRHASh1IXpaGwE6bAQPaxQTHBhVZAVODlA3UlVEVDdWVVMXOFEKXwV/QRgNWmRFBAZcPlQMEksyEx0DDDRaEgtdNVRNUHdsG1hHA2kdEFMAfAYqRwNpWQEMRCEQWl-JJYQM3VAV8BipHA2lHHkcCGAxeTAFwEFpSVjxWAw0Ua3NaUgBpBVlSAHwHWARYK1AODUl8By5bB3cFThcMaA
IP
54.230.241.5:0
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
ASCII text, with very long lines (687), with no line terminators
Size
491 B (491 bytes)
Hash
7982474784288174ec7db1e4b6d131fb
bde5a29f6ff110cb945a7172e1437792ecd2fd50
2f905ab46af9bfa87cefedf2079603a8a238b5e05ce35a0d16a4fd7dc1e01c7f

HTTP Headers

GET /0NWhiMVlWBwxXZkEBBgxoBV1VBW8CThJDPFNVFUYuGx0SHG1QHgdDd1sNFhczRgcMQWRHASh1IXpaGwE6bAQPaxQTHBhVZAVODlA3UlVEVDdWVVMXOFEKXwV/QRgNWmRFBAZcPlQMEksyEx0DDDRaEgtdNVRNUHdsG1hHA2kdEFMAfAYqRwNpWQEMRCEQWl-JJYQM3VAV8BipHA2lHHkcCGAxeTAFwEFpSVjxWAw0Ua3NaUgBpBVlSAHwHWARYK1AODUl8By5bB3cFThcMaA HTTP/1.1
Host: dof9zd9l290mz.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rsalesrepresw.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 491
date: Fri, 28 Jun 2024 12:46:00 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: S2SKZgnebLDIl1kE4hufXjte6OyfcrqI_gK_2JrcdAkreQMB0OOJkg==
X-Firefox-Spdy: h2

dof9zd9l290mz.cloudfront.net/7SmJCTmgpDSwoVz4LJnNZelF6fVl7RDI8DSxfNTkfZBcyY1wvFCc8RiQHNmgCOQ0sPlUaIAM3Gx0OFy8/O1RzaBwwBn9+TiYDLClVbAcsLVV7RCMqCndWZDoYJQl/PgQuDyUvDDoYKWgdK18vIRIjDi4vTXgkd2BYb1ByZhB7U2d9Km9QciIBJBc6a1p6Gn-p4N3xWZ30qb1ByPB5vUQN3XmRSa2taegUnLQMlR3AIWnpTcn5ZelNnfFgsCzArDiUaZ3wuc1Rsfk4/X3M

54.230.241.5

515 B

URL
dof9zd9l290mz.cloudfront.net/7SmJCTmgpDSwoVz4LJnNZelF6fVl7RDI8DSxfNTkfZBcyY1wvFCc8RiQHNmgCOQ0sPlUaIAM3Gx0OFy8/O1RzaBwwBn9+TiYDLClVbAcsLVV7RCMqCndWZDoYJQl/PgQuDyUvDDoYKWgdK18vIRIjDi4vTXgkd2BYb1ByZhB7U2d9Km9QciIBJBc6a1p6Gn-p4N3xWZ30qb1ByPB5vUQN3XmRSa2taegUnLQMlR3AIWnpTcn5ZelNnfFgsCzArDiUaZ3wuc1Rsfk4/X3M
IP
54.230.241.5:0
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
ASCII text, with very long lines (741), with no line terminators
Size
515 B (515 bytes)
Hash
154caebd59952bd883c5e33bc0ec662a
03423d7ac95bedb7ceea0628cb600903523593cb
41f747a766382e8f61b9e1f6e8e32ba08d8ebae73252bfcb35b02c2c1059df3a

HTTP Headers

GET /7SmJCTmgpDSwoVz4LJnNZelF6fVl7RDI8DSxfNTkfZBcyY1wvFCc8RiQHNmgCOQ0sPlUaIAM3Gx0OFy8/O1RzaBwwBn9+TiYDLClVbAcsLVV7RCMqCndWZDoYJQl/PgQuDyUvDDoYKWgdK18vIRIjDi4vTXgkd2BYb1ByZhB7U2d9Km9QciIBJBc6a1p6Gn-p4N3xWZ30qb1ByPB5vUQN3XmRSa2taegUnLQMlR3AIWnpTcn5ZelNnfFgsCzArDiUaZ3wuc1Rsfk4/X3M HTTP/1.1
Host: dof9zd9l290mz.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rsalesrepresw.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 515
date: Fri, 28 Jun 2024 12:46:00 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YSYMDNc4NR6UWNhptIdCNKW_12J6EyKrrqvyQQYI-ZZRKc6dPU5g4w==
X-Firefox-Spdy: h2

pubtrky.com/ut/hb.php?cb=0.07775020020427692&v=1

104.21.8.108

204 No Content

0 B

URL POST HTTP/2
pubtrky.com/ut/hb.php?cb=0.07775020020427692&v=1
IP
104.21.8.108:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/3d5u9e52e4i3
Certificate
IssuerGoogle Trust Services LLC
Subjectpubtrky.com
Fingerprint96:D2:10:B3:3C:8D:AA:69:EF:9B:B5:46:06:9F:E9:3D:9E:41:E7:8B
ValidityThu, 16 May 2024 08:41:15 GMT - Wed, 14 Aug 2024 08:41:14 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /ut/hb.php?cb=0.07775020020427692&v=1 HTTP/1.1
Host: pubtrky.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 957
Origin: https://www.up-4ever.net
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Fri, 28 Jun 2024 12:46:01 GMT
access-control-allow-origin: *
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lcGy%2BnmU7x6HNi51meMG36G4SkwijEdL6%2FC8IxTIpEDuSwzh1r%2B%2FRXLZECHLA2OzTyvA6OvTlSCFOiFsyzTfBL933pWuXfLT2M8UTQ2s24a2AmPwbY4kCyhQOFsc8A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 89adc6f7aa4babd2-CPH
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

pphiresandala.info/popunder.gif

104.21.94.226

58 B

URL GET
pphiresandala.info/popunder.gif
IP
104.21.94.226:0
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/3d5u9e52e4i3
Certificate
IssuerGoogle Trust Services LLC
Subjectpphiresandala.info
FingerprintCB:BF:C3:D6:28:65:94:5D:74:FE:5C:97:3E:01:3B:B1:70:36:4B:91
ValidityThu, 30 May 2024 09:10:23 GMT - Wed, 28 Aug 2024 09:10:22 GMT

File type
GIF image data, version 89a, 1 x 1
Size
58 B (58 bytes)
Hash
28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

HTTP Headers

GET /popunder.gif HTTP/1.1
Host: pphiresandala.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 28 Jun 2024 12:46:01 GMT
content-type: image/gif
content-length: 58
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
content-encoding: gzip
cf-cache-status: HIT
age: 82759
last-modified: Thu, 27 Jun 2024 13:46:42 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ajFWuvvT4HmYIDERmDhejPIZqXBQ7DBaU7Pn9IDQEYUGmHfiZxhx44amfGnnSqJ3f%2BPDYvooBt3bfDM5TIJ1WFNoADBV0MsjYEdxYwxKErtZN%2BCtuF9sQ%2FcUT2o9gs%2Fb0ep%2Bwko%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89adc6fa8e7810f3-CPH
alt-svc: h3=":443"; ma=86400

accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AS5LTAQDKxB3911r0TZm6ZdkbLkT5p2CmDdTMXNs5FfhwZkKPL0TGspZ1W9BhRtVhVNi7kcs64N5hA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-200617209%3A1719578760908141&ddm=0

64.233.164.84

403 Forbidden

1.3 kB

URL GET HTTP/3
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AS5LTAQDKxB3911r0TZm6ZdkbLkT5p2CmDdTMXNs5FfhwZkKPL0TGspZ1W9BhRtVhVNi7kcs64N5hA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-200617209%3A1719578760908141&ddm=0
IP
64.233.164.84:443
ASN
#15169 GOOGLE

Requested by
https://www.up-4ever.net/3d5u9e52e4i3
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint5E:16:23:DF:7D:42:8E:61:6E:AA:4A:CC:FB:08:1A:B9:8F:FA:E0:A2
ValidityThu, 13 Jun 2024 15:27:14 GMT - Thu, 05 Sep 2024 15:27:13 GMT

File type
gzip compressed data, max compression
Size
1.3 kB (1307 bytes)
Hash
f7a7b9a459348169ad873377a35c61d9
aed03a12872eb681cf8f0504ed48be9511fd401a
84a269354b9f96d77c1e9e08060fed062391f086e4a2f99ee2a06f9575d6e838

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AS5LTAQDKxB3911r0TZm6ZdkbLkT5p2CmDdTMXNs5FfhwZkKPL0TGspZ1W9BhRtVhVNi7kcs64N5hA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-200617209%3A1719578760908141&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.up-4ever.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 28 Jun 2024 12:46:01 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: script-src 'nonce-4cO37NtdcxOqJsA1-uMxVA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/ https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
content-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.ZU1EFvXsC20.es5.O/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
0c22b10a118098f2cdc4b186e6f8e9a8
cfe8b247d843f42d2205bb16a48cefe38c78526e
1208b1961307dfb3c91a337dfa900f9be57f91cab6a7dd3d7c5e38d2399d5d10

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "1208B1961307DFB3C91A337DFA900F9BE57F91CAB6A7DD3D7C5E38D2399D5D10"
Last-Modified: Fri, 28 Jun 2024 05:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14941
Expires: Fri, 28 Jun 2024 16:55:02 GMT
Date: Fri, 28 Jun 2024 12:46:01 GMT
Connection: keep-alive

accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AS5LTASSTGdhAEF9gfX6T5zHA2ikZg8w7h_7LZRNrRE3jXXa4bArgeRo8dm-f5v7WubtF3iQADBeXQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1141770829%3A1719578760914138&ddm=0

64.233.164.84

403 Forbidden

6.7 kB

URL GET HTTP/3
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AS5LTASSTGdhAEF9gfX6T5zHA2ikZg8w7h_7LZRNrRE3jXXa4bArgeRo8dm-f5v7WubtF3iQADBeXQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1141770829%3A1719578760914138&ddm=0
IP
64.233.164.84:443
ASN
#15169 GOOGLE

Requested by
https://www.up-4ever.net/3d5u9e52e4i3
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint5E:16:23:DF:7D:42:8E:61:6E:AA:4A:CC:FB:08:1A:B9:8F:FA:E0:A2
ValidityThu, 13 Jun 2024 15:27:14 GMT - Thu, 05 Sep 2024 15:27:13 GMT

File type
gzip compressed data, max compression
Size
6.7 kB (6670 bytes)
Hash
6581f45bc0c9e8a27fefc563d7aeedff
13c6db9c7e976c6708a2339efbe8a5b3c16077ad
e9f0036b2affddf6a7efdb5f3772a179c79ea3d9884cd1dcdeac5123d3ce8cec

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AS5LTASSTGdhAEF9gfX6T5zHA2ikZg8w7h_7LZRNrRE3jXXa4bArgeRo8dm-f5v7WubtF3iQADBeXQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1141770829%3A1719578760914138&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.up-4ever.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 28 Jun 2024 12:46:01 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-Gpe2dPZu2j5B5gNuNqW7JA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/ https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.ZU1EFvXsC20.es5.O/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.up-4ever.net/assets/js/popper.min.js?ver=10

104.21.24.34

200 OK

20 kB

URL GET HTTP/3
www.up-4ever.net/assets/js/popper.min.js?ver=10
IP
104.21.24.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/3d5u9e52e4i3
Certificate
IssuerGoogle Trust Services
Subjectup-4ever.net
Fingerprint80:48:F1:5C:A7:FD:26:BA:C0:37:EE:30:29:47:30:49:A4:E5:24:BB
ValidityTue, 18 Jun 2024 19:19:10 GMT - Mon, 16 Sep 2024 19:19:09 GMT

File type
JavaScript source, ASCII text, with very long lines (20363)
Size
20 kB (20537 bytes)
Hash
c055b8c12988ec2b1f7238d85e79f4b4
5958a52438c8d753d692b11b5419bd1490c2655b
58cb6a78afc204b7165e947c965cbce6296ee0e587fbab3e12c0d2b6378e9004

HTTP Headers

GET /assets/js/popper.min.js?ver=10 HTTP/1.1
Host: www.up-4ever.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/3d5u9e52e4i3
Cookie: aff=1071420
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 28 Jun 2024 12:45:59 GMT
content-type: application/javascript
last-modified: Thu, 23 May 2019 00:36:02 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 74
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0wLqo1jEo4hoyzB34gkrYoY3asraHC0NUeusZ16oBHaoXkmLbcYB5d9REiLqq4Ei4z9xRnacAaiwMJgaS8LpAh%2BH8RVgF6H%2FL1dpxPotXJcaJjDOgkeaS%2FBPptl1vhAubJUp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89adc6f0cfff10b9-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.up-4ever.net/3d5u9e52e4i3

104.21.24.34

200 OK

15 kB

URL User Request GET HTTP/2
www.up-4ever.net/3d5u9e52e4i3
IP
104.21.24.34:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectup-4ever.net
Fingerprint80:48:F1:5C:A7:FD:26:BA:C0:37:EE:30:29:47:30:49:A4:E5:24:BB
ValidityTue, 18 Jun 2024 19:19:10 GMT - Mon, 16 Sep 2024 19:19:09 GMT

File type

Size
15 kB (14884 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /3d5u9e52e4i3 HTTP/1.1
Host: www.up-4ever.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 28 Jun 2024 12:45:59 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=0;includeSubDomains;
expires: Thu, 27 Jun 2024 12:45:59 GMT
set-cookie: aff=1071420; domain=.up-4ever.net; path=/; expires=Fri, 12-Jul-2024 12:45:59 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XZORCt98xFgXWHa56ockB0ZBZYaXPRybMV7kBF1oSajBMNxYfZ0sc6ft5ynV9NUe2VbxbUgb7%2FSgPW2Fjtzt6Le9fQW9wWCLAjJqfhA%2FGTAEOaVNuEDiRaAbUXftW%2BlDvbVS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 89adc6ee8d9a92aa-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.up-4ever.net/js/jquery.paging.js

104.21.24.34

200 OK

19 kB

URL GET HTTP/3
www.up-4ever.net/js/jquery.paging.js
IP
104.21.24.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/3d5u9e52e4i3
Certificate
IssuerGoogle Trust Services
Subjectup-4ever.net
Fingerprint80:48:F1:5C:A7:FD:26:BA:C0:37:EE:30:29:47:30:49:A4:E5:24:BB
ValidityTue, 18 Jun 2024 19:19:10 GMT - Mon, 16 Sep 2024 19:19:09 GMT

File type
JavaScript source, ASCII text
Size
19 kB (19365 bytes)
Hash
d7a2c1c7af2a004a6d68e1e55b1cfb46
7fd6daa7076c30381880519ad06ef5639b19ee28
c8ecfe747c979fbd87624913200a9237343679923b495885bced089b80fc84f6

HTTP Headers

GET /js/jquery.paging.js HTTP/1.1
Host: www.up-4ever.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/3d5u9e52e4i3
Cookie: aff=1071420
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 28 Jun 2024 12:45:59 GMT
content-type: application/javascript
last-modified: Thu, 23 May 2019 00:40:06 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 316
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YQmws8XuOGLglTKJW4jtHOW6TmeZxOn5%2FoadjR%2Fvec3r7TLr%2F7Sr8U%2FNRCTktq5oMDwHOBqrmpx8zUPSBd8Vri0jS4TjlFa5rIleBil6rRBTVvR9p81qZaO3DjpCPTxiS7m%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89adc6f0bfde10b9-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.up-4ever.net/js/dialogs.js

104.21.24.34

200 OK

2.2 kB

URL GET HTTP/3
www.up-4ever.net/js/dialogs.js
IP
104.21.24.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/3d5u9e52e4i3
Certificate
IssuerGoogle Trust Services
Subjectup-4ever.net
Fingerprint80:48:F1:5C:A7:FD:26:BA:C0:37:EE:30:29:47:30:49:A4:E5:24:BB
ValidityTue, 18 Jun 2024 19:19:10 GMT - Mon, 16 Sep 2024 19:19:09 GMT

File type
ASCII text, with very long lines (2298), with no line terminators
Size
2.2 kB (2198 bytes)
Hash
4b0ca844f04a4c98a3c9c0e7ed00ec06
b916eef790f15ae3be8e1a6ec101312a95dcf689
7d42c626bf67ffb1837fbeac477d55a7e37316c09acace2ea3802786400ecc24

HTTP Headers

GET /js/dialogs.js HTTP/1.1
Host: www.up-4ever.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/3d5u9e52e4i3
Cookie: aff=1071420
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 28 Jun 2024 12:45:59 GMT
content-type: application/javascript
last-modified: Thu, 23 May 2019 00:40:07 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 74
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e6aSa4%2FV%2Fj%2BguBIbdr71ZPyXndFXI0X%2Be7GlwPNw%2FUtkhvHbFtWgoTlfMKk%2Fxb%2F1se3%2B32kaJ9nfAWkX9InfMjaL%2FDKalJ4WU2CzOxpoNFDSx6ck5s%2FhyoUuAmPXi%2FxLaM2D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89adc6f0d81410b9-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.up-4ever.net/assets/css/style.css?ver=34

104.21.24.34

200 OK

5.9 kB

URL GET HTTP/3
www.up-4ever.net/assets/css/style.css?ver=34
IP
104.21.24.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/3d5u9e52e4i3
Certificate
IssuerGoogle Trust Services
Subjectup-4ever.net
Fingerprint80:48:F1:5C:A7:FD:26:BA:C0:37:EE:30:29:47:30:49:A4:E5:24:BB
ValidityTue, 18 Jun 2024 19:19:10 GMT - Mon, 16 Sep 2024 19:19:09 GMT

File type
ASCII text, with very long lines (5899), with no line terminators
Size
5.9 kB (5899 bytes)
Hash
1f4f9d5363c1959482da04af3fb562e6
3ee422e78243fc14865ca90473a8b7558924e3f5
361956d1f211151543ff2f654ac6b7ce9fbe31b3eaa08832a693f5a18a8a6ad7

HTTP Headers

GET /assets/css/style.css?ver=34 HTTP/1.1
Host: www.up-4ever.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/3d5u9e52e4i3
Cookie: aff=1071420
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 28 Jun 2024 12:45:59 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=6769
last-modified: Mon, 27 May 2019 05:05:41 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 317
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1XfkWWVm17JT6yXfy6DIz0Y7s5OkOJ%2BDSoiORNIXXB0PhrEiEUVwxO%2ByWgrC2uwDm%2F8VottedO7nuSCTUGc%2FBLZ3vq5rlr5knKh7M6%2BNt%2BcgNE%2FdFCSzWGjbm2UO83%2FapPLx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89adc6f0bfcb10b9-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

youradexchange.com/script/suurl5.php?r=6683946&cbur=0.29171479524964805&cbiframe=0&cbWidth=1280&cbHeight=1024&cbtitle=Download%20CWindows10User%20Manual%20Ed222024%20pdf&cbpage=https%3A%2F%2Fwww.up-4ever.net%2F3d5u9e52e4i3&cbref=&cbdescription=Download%20File%20CWindows10User%20Manual%20Ed222024%20pdf&cbkeywords=cwindows10user%2C%20manual%2C%20ed222024%2C%20pdf&cbcdn=dwfupceuqm.com&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&ts=1719578760253&srs=2cbbd95df6fbed48eaa8d507b7270741&atv=51.3&abtg=1&adbv=3-swat3-swf2

104.21.91.188

200 OK

991 B

URL GET HTTP/2
youradexchange.com/script/suurl5.php?r=6683946&cbur=0.29171479524964805&cbiframe=0&cbWidth=1280&cbHeight=1024&cbtitle=Download%20CWindows10User%20Manual%20Ed222024%20pdf&cbpage=https%3A%2F%2Fwww.up-4ever.net%2F3d5u9e52e4i3&cbref=&cbdescription=Download%20File%20CWindows10User%20Manual%20Ed222024%20pdf&cbkeywords=cwindows10user%2C%20manual%2C%20ed222024%2C%20pdf&cbcdn=dwfupceuqm.com&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&ts=1719578760253&srs=2cbbd95df6fbed48eaa8d507b7270741&atv=51.3&abtg=1&adbv=3-swat3-swf2
IP
104.21.91.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/3d5u9e52e4i3
Certificate
IssuerGoogle Trust Services
Subjectyouradexchange.com
FingerprintC9:62:21:78:E8:7F:9B:72:E0:3D:D1:5F:47:85:28:AD:67:31:B8:EA
ValidityWed, 12 Jun 2024 05:27:52 GMT - Tue, 10 Sep 2024 05:27:51 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (1017), with no line terminators
Size
991 B (991 bytes)
Hash
7c52ef6228a659ff201ee13dc98aa047
a8dd47f5d3a686a3d56ba442dd471a8fb80c6c92
4918c8f501eadc38b8afe544e1decdd3346fb5931dfcc68c1d4bbfe3a569bcf3

HTTP Headers

GET /script/suurl5.php?r=6683946&cbur=0.29171479524964805&cbiframe=0&cbWidth=1280&cbHeight=1024&cbtitle=Download%20CWindows10User%20Manual%20Ed222024%20pdf&cbpage=https%3A%2F%2Fwww.up-4ever.net%2F3d5u9e52e4i3&cbref=&cbdescription=Download%20File%20CWindows10User%20Manual%20Ed222024%20pdf&cbkeywords=cwindows10user%2C%20manual%2C%20ed222024%2C%20pdf&cbcdn=dwfupceuqm.com&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&ts=1719578760253&srs=2cbbd95df6fbed48eaa8d507b7270741&atv=51.3&abtg=1&adbv=3-swat3-swf2 HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.up-4ever.net/
Origin: https://www.up-4ever.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 28 Jun 2024 12:46:00 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
content-encoding: gzip
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BwFTrhHn150%2BQWxsWbCHg1z3f4b%2BKfKTKZx0dBrpbfqPLb90Zkes31XU9cSe2VqsHrKrtfQKsKAsWy8TSXZxmn3YfbV78010ZoG7FLgpcsvz0QXJCtnXSCp2izmx8EiDxJUXlkA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 89adc6f49c38160f-DUS
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.up-4ever.net/assets/js/jquery-3.3.1.min.js

104.21.24.34

200 OK

87 kB

URL GET HTTP/3
www.up-4ever.net/assets/js/jquery-3.3.1.min.js
IP
104.21.24.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/3d5u9e52e4i3
Certificate
IssuerGoogle Trust Services
Subjectup-4ever.net
Fingerprint80:48:F1:5C:A7:FD:26:BA:C0:37:EE:30:29:47:30:49:A4:E5:24:BB
ValidityTue, 18 Jun 2024 19:19:10 GMT - Mon, 16 Sep 2024 19:19:09 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
87 kB (86927 bytes)
Hash
a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

HTTP Headers

GET /assets/js/jquery-3.3.1.min.js HTTP/1.1
Host: www.up-4ever.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/3d5u9e52e4i3
Cookie: aff=1071420
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 28 Jun 2024 12:45:59 GMT
content-type: application/javascript
last-modified: Thu, 23 May 2019 00:36:01 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 317
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AuHytQS%2FChD65upVcfwTyGq%2FHASGeHO2qghlUqZ%2FfY%2BUuo79ZckB%2F8eQNV2rAHUh1fJyiIg8JrZn6Ov%2BYR27Pzfboi3OHrcw1jr%2B9ZAIPnHmHxdLROpg2f0axM0hOVuNllmQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89adc6f0bfcd10b9-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

dwfupceuqm.com/script/ut.js?cb=1719578760245

188.114.97.1

200 OK

63 kB

URL GET HTTP/2
dwfupceuqm.com/script/ut.js?cb=1719578760245
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/3d5u9e52e4i3
Certificate
IssuerGoogle Trust Services
Subjectdwfupceuqm.com
Fingerprint22:0B:97:65:64:4C:A7:AA:E4:87:0E:47:A8:C7:8B:C3:C3:D4:28:F3
ValidityWed, 19 Jun 2024 17:32:55 GMT - Tue, 17 Sep 2024 17:32:54 GMT

File type

Size
63 kB (62995 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /script/ut.js?cb=1719578760245 HTTP/1.1
Host: dwfupceuqm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 28 Jun 2024 12:46:00 GMT
content-type: text/javascript
x-goog-generation: 1718878317787211
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 62995
x-goog-hash: crc32c=A9Z4QA==, md5=cMoPTFrAx2SdqU/qVR5CaA==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
x-guploader-uploadid: ACJd0NpNEUyoE5LLxR-pcz3Tll6PuaEqJEl_r_YKwM6Y_cEX-WSDy0Tw5mH7jj7BIPfX5ndzQYrVo5SQjw
expires: Fri, 28 Jun 2024 12:48:20 GMT
cache-control: public, max-age=14400
age: 2411
last-modified: Thu, 20 Jun 2024 10:11:57 GMT
etag: W/"70ca0f4c5ac0c7649da94fea551e4268"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hs%2BkKfu5xgKKaZU4ypbwjAGG5nCzbzn0nm1ugDodXP4HDHCJr021ZcDLIjhkUfeHjK9UxkV374iVKBsA8Jbl8iTVl%2FFzNP9YkV5KVa5oF5Cg%2Fw0QVK%2F8YsdrYIIboM%2BCog%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89adc6f4bf229294-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.up-4ever.net/assets/js/perfect-scrollbar.min.js

104.21.24.34

200 OK

18 kB

URL GET HTTP/3
www.up-4ever.net/assets/js/perfect-scrollbar.min.js
IP
104.21.24.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/3d5u9e52e4i3
Certificate
IssuerGoogle Trust Services
Subjectup-4ever.net
Fingerprint80:48:F1:5C:A7:FD:26:BA:C0:37:EE:30:29:47:30:49:A4:E5:24:BB
ValidityTue, 18 Jun 2024 19:19:10 GMT - Mon, 16 Sep 2024 19:19:09 GMT

File type
JavaScript source, ASCII text, with very long lines (18216)
Size
18 kB (18291 bytes)
Hash
4a10bcfa0a9c9fa9d503b5a498cac31e
c4f6c403e99fb37cb496c3844b332823db7c5837
a4ec9d558eeb7bc7359fe7c4820deea2c951fdd8bd34cb0e15727412c7f6c634

HTTP Headers

GET /assets/js/perfect-scrollbar.min.js HTTP/1.1
Host: www.up-4ever.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/3d5u9e52e4i3
Cookie: aff=1071420
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 28 Jun 2024 12:45:59 GMT
content-type: application/javascript
last-modified: Sat, 06 Feb 2021 14:52:57 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 74
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F%2F%2BKzK2LmCIEadlx%2FgybiOAO5S6pEO%2B3Md2BFfJrBRz9qYsCxEYDzQSFW5uh17ayMhB9VG57JrDdM%2BQHPk3pTAnIWO%2FJcGwpoyZ91W8FVmu3IBS3LCLP5kyL10jo4rpG1g8y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89adc6f0d80e10b9-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

pogothere.xyz/

188.114.97.1

200 OK

27 B

URL GET HTTP/2
pogothere.xyz/
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/3d5u9e52e4i3
Certificate
IssuerGoogle Trust Services LLC
Subjectpogothere.xyz
FingerprintD5:05:90:24:44:B6:41:18:9C:8A:33:A9:4D:BD:A0:53:55:33:EF:4D
ValiditySat, 25 May 2024 04:51:26 GMT - Fri, 23 Aug 2024 04:51:25 GMT

File type
ASCII text, with no line terminators
Size
27 B (27 bytes)
Hash
3df56bdb0468020f7175c5b3f6488b20
5437ee1b27383d9130beb01a9285a9be7dba7970
7131c2f3f6555a14190a19da41e51023a08df789c1d9172f04c0078a6b569aac

HTTP Headers

GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.up-4ever.net/
Origin: https://www.up-4ever.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 28 Jun 2024 12:46:01 GMT
content-type: text/plain
set-cookie: csu=1197225339379663@1@1719578760; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://www.up-4ever.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ImKkaSn4%2FHQHRXZBnGpB1iwsV%2Bn0N5fQoD10LFMjavWZ1OGX9xh1DQRhBE6aHcY%2BX3pMZ%2FTAUR6N3%2Bnigfn9Y3Bn5QmT3bhHcRNNCgkeJjn8oLHWiioHuOdqcCzIqvlS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 89adc6f7baab92dc-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

pogothere.xyz/

188.114.97.1

200 OK

27 B

URL GET HTTP/2
pogothere.xyz/
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/3d5u9e52e4i3
Certificate
IssuerGoogle Trust Services LLC
Subjectpogothere.xyz
FingerprintD5:05:90:24:44:B6:41:18:9C:8A:33:A9:4D:BD:A0:53:55:33:EF:4D
ValiditySat, 25 May 2024 04:51:26 GMT - Fri, 23 Aug 2024 04:51:25 GMT

File type
ASCII text, with no line terminators
Size
27 B (27 bytes)
Hash
88d343b94ea9575aa162771afb75e4e6
381ebba0ed0e7f8c0d63152fd7de1fdd5c09db2b
c348b91d894782db9889120c9229e04de48667e26f094871ba34f15ebbb9b469

HTTP Headers

GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.up-4ever.net/
Origin: https://www.up-4ever.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 28 Jun 2024 12:46:00 GMT
content-type: text/plain
set-cookie: csu=2087365856614111@1@1719578760; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://www.up-4ever.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OcGMuWvqBUbhQCbOodv8D%2BnrK9WHohjs9b3tb40Pjq49bgFX9izJRbxpKh%2BT%2BqiMaBPFCVBrET%2FfXXmFIcYgvhIrVrcnViM19LPJIWj2T1bOGwcNs2O3uk%2BTNi9BrfdM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 89adc6f76a1a92dc-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.up-4ever.net/assets/packages/fontawesome/css/all.css

104.21.24.34

200 OK

65 kB

URL GET HTTP/3
www.up-4ever.net/assets/packages/fontawesome/css/all.css
IP
104.21.24.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/3d5u9e52e4i3
Certificate
IssuerGoogle Trust Services
Subjectup-4ever.net
Fingerprint80:48:F1:5C:A7:FD:26:BA:C0:37:EE:30:29:47:30:49:A4:E5:24:BB
ValidityTue, 18 Jun 2024 19:19:10 GMT - Mon, 16 Sep 2024 19:19:09 GMT

File type
ASCII text, with very long lines (64746)
Size
65 kB (64816 bytes)
Hash
76c4c14c27df7d7c5f2d9c48300540f0
2ea955693f041d6021b04165344a8c033e0f7e32
99c53397eb2217df916d67abfb55ed71b9db9d9b80d0ffa7813efe1c932bc91f

HTTP Headers

GET /assets/packages/fontawesome/css/all.css HTTP/1.1
Host: www.up-4ever.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/3d5u9e52e4i3
Cookie: aff=1071420
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 28 Jun 2024 12:45:59 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=64831
last-modified: Thu, 23 May 2019 00:36:20 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 317
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vhv%2BsEYMZWTAJY8aKBQYC6V9bC1MwV9G1MDZzBubH9%2FDu4puTqkr%2Bq3EqzMAuZMaL0Yie2HGwYUIxb6Bcd6H6Ic3KVE%2FXqlRwgoapiLtwpvK9yqXBQjkkGBZI%2F3tSPBrZnQz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89adc6f0afc310b9-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

pogothere.xyz/asd100.bin

188.114.97.1

200 OK

102 kB

URL GET HTTP/2
pogothere.xyz/asd100.bin
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/3d5u9e52e4i3
Certificate
IssuerGoogle Trust Services LLC
Subjectpogothere.xyz
FingerprintD5:05:90:24:44:B6:41:18:9C:8A:33:A9:4D:BD:A0:53:55:33:EF:4D
ValiditySat, 25 May 2024 04:51:26 GMT - Fri, 23 Aug 2024 04:51:25 GMT

File type
data
Size
102 kB (102400 bytes)
Hash
4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

HTTP Headers

GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.up-4ever.net/
Origin: https://www.up-4ever.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 28 Jun 2024 12:46:00 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://www.up-4ever.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 2947
last-modified: Fri, 28 Jun 2024 11:56:53 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sqpTC1nv5tgiBv40ylEfY1Wd%2BJZztwAWQGLlv7Te7VXzXOCPDEXMkp%2BLa%2Frp%2FAm%2BQdu4AGfQ9w6V4wAHw%2BNNHwwBLNOyJjykFqEXD9pTqREdEBYjPHzBauFQ6w%2BGxMVy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89adc6f7babb92dc-CPH
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.up-4ever.net/assets/js/bootstrap.min.js?ver=10

104.21.24.34

200 OK

51 kB

URL GET HTTP/3
www.up-4ever.net/assets/js/bootstrap.min.js?ver=10
IP
104.21.24.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/3d5u9e52e4i3
Certificate
IssuerGoogle Trust Services
Subjectup-4ever.net
Fingerprint80:48:F1:5C:A7:FD:26:BA:C0:37:EE:30:29:47:30:49:A4:E5:24:BB
ValidityTue, 18 Jun 2024 19:19:10 GMT - Mon, 16 Sep 2024 19:19:09 GMT

File type
JavaScript source, ASCII text, with very long lines (50758)
Size
51 kB (51039 bytes)
Hash
67176c242e1bdc20603c878dee836df3
27a71b00383d61ef3c489326b3564d698fc1227c
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

HTTP Headers

GET /assets/js/bootstrap.min.js?ver=10 HTTP/1.1
Host: www.up-4ever.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/3d5u9e52e4i3
Cookie: aff=1071420
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 28 Jun 2024 12:45:59 GMT
content-type: application/javascript
last-modified: Thu, 23 May 2019 00:36:02 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 74
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W6iDguSiYN4OLzIgJFz%2F44NYxjc5aJ29j8l0EN%2FUuz%2F%2B9xCI1ovvA6kOvvs2THY1XLiPvQVVA8aBeoh53eyj8h192AYH5hCWcg0EcyOiiNxPaCsZnvBs98Z778Lxm28x9ecB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89adc6f0c80410b9-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.up-4ever.net/assets/font/roboto/Roboto-Medium.woff2

104.21.24.34

200 OK

50 kB

URL GET HTTP/3
www.up-4ever.net/assets/font/roboto/Roboto-Medium.woff2
IP
104.21.24.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/3d5u9e52e4i3
Certificate
IssuerGoogle Trust Services
Subjectup-4ever.net
Fingerprint80:48:F1:5C:A7:FD:26:BA:C0:37:EE:30:29:47:30:49:A4:E5:24:BB
ValidityTue, 18 Jun 2024 19:19:10 GMT - Mon, 16 Sep 2024 19:19:09 GMT

File type
Web Open Font Format (Version 2), TrueType, length 50224, version 1.0
Size
50 kB (50224 bytes)
Hash
574fd0b50367f886d359e8264938fc37
6cc1b73571af9e827c4e7e91418f476703cd4c4b
1cd5c4b37938d932110ec043ce1cc766d18cacf7a4e7cffa6a539855d5bdc08d

HTTP Headers

GET /assets/font/roboto/Roboto-Medium.woff2 HTTP/1.1
Host: www.up-4ever.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/assets/css/mdb.min.css?ver=25
Cookie: aff=1071420
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 28 Jun 2024 12:46:00 GMT
content-type: font/woff2
content-length: 50224
last-modified: Thu, 23 May 2019 00:36:13 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 3982
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GBXW351jLlCD6qr0lPDIPLUK7%2FUfYGW6RVWMPL1hLnP0bkHdKsyKdJnEyoAPJxPKjsCKEWTObYYwv4SU4cgBs27J%2BonqOIZFV4X%2Fz8SIRwDz9KAbiWgAE0FasRzbcJ7OH0z7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89adc6f35baf10b9-CPH
alt-svc: h3=":443"; ma=86400

www.up-4ever.net/assets/css/mdb.min.css?ver=25

104.21.24.34

200 OK

534 kB

URL GET HTTP/3
www.up-4ever.net/assets/css/mdb.min.css?ver=25
IP
104.21.24.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/3d5u9e52e4i3
Certificate
IssuerGoogle Trust Services
Subjectup-4ever.net
Fingerprint80:48:F1:5C:A7:FD:26:BA:C0:37:EE:30:29:47:30:49:A4:E5:24:BB
ValidityTue, 18 Jun 2024 19:19:10 GMT - Mon, 16 Sep 2024 19:19:09 GMT

File type
ASCII text, with very long lines (37986)
Size
534 kB (533530 bytes)
Hash
12ea6bdc4f9444ece279c19862653d9b
56299af063ed547b93daee8fa18b90e74b84c434
2d3e15995e3bcde2055bfc93d2523a0160d10386e9bf3a7c7ffc2b278ecb7c91

HTTP Headers

GET /assets/css/mdb.min.css?ver=25 HTTP/1.1
Host: www.up-4ever.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/3d5u9e52e4i3
Cookie: aff=1071420
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 28 Jun 2024 12:45:59 GMT
content-type: text/css
last-modified: Tue, 23 Jun 2020 07:33:15 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 317
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fJZ9Bcxbj9w3l0QAfiiRsqfYb69OGFbwuTGbTW6laPtCPMyipASjIxT5eFG5IbV8x6twIAj%2FN9zVEg51zufKGOpFg%2FeyOKapHAXjoEHlrjNVpVfGWuLNfX35eBvnA7%2BSb6Wh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89adc6f0bfc910b9-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.up-4ever.net/js/bootstrap-confirm.js

104.21.24.34

200 OK

3.1 kB

URL GET HTTP/3
www.up-4ever.net/js/bootstrap-confirm.js
IP
104.21.24.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/3d5u9e52e4i3
Certificate
IssuerGoogle Trust Services
Subjectup-4ever.net
Fingerprint80:48:F1:5C:A7:FD:26:BA:C0:37:EE:30:29:47:30:49:A4:E5:24:BB
ValidityTue, 18 Jun 2024 19:19:10 GMT - Mon, 16 Sep 2024 19:19:09 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (3469), with no line terminators
Size
3.1 kB (3148 bytes)
Hash
e078a8f899c8ac08b68932a9dd44d787
4c2252ee670e50c13023b94f7e38a6e65541d00c
6610f871871141cac2c4a8b86889afb3b2d0ae56b657d23dbb85f913a03358df

HTTP Headers

GET /js/bootstrap-confirm.js HTTP/1.1
Host: www.up-4ever.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/3d5u9e52e4i3
Cookie: aff=1071420
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 28 Jun 2024 12:45:59 GMT
content-type: application/javascript
last-modified: Thu, 23 May 2019 00:40:05 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 74
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KkEir8hjKq5s5l1I79Cz0Jx6GFs1skwDKvoHmYmBF0kPlq2SpfTQOJMLjg9m%2BVF23CotPmiDpuS2aKHzOJqBRwmYvH14eu6EVOPsI0quVXvYXYf%2FjBk1BbUfHIKiLRMFrW9a"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89adc6f0d81010b9-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.up-4ever.net/favicon.ico

104.21.24.34

200 OK

12 kB

URL GET HTTP/3
www.up-4ever.net/favicon.ico
IP
104.21.24.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/3d5u9e52e4i3
Certificate
IssuerGoogle Trust Services
Subjectup-4ever.net
Fingerprint80:48:F1:5C:A7:FD:26:BA:C0:37:EE:30:29:47:30:49:A4:E5:24:BB
ValidityTue, 18 Jun 2024 19:19:10 GMT - Mon, 16 Sep 2024 19:19:09 GMT

File type
PNG image data, 144 x 144, 8-bit/color RGBA, non-interlaced
Size
12 kB (12436 bytes)
Hash
c683290b646aca6f80738ece333eced7
487e2e69e5c40029b4e698bc6ecc08c87644c752
71da8cb518e56fd83e092bdbcd3d69afee6caa8ba8e6947e5628ba5cd00e229b

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.up-4ever.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/3d5u9e52e4i3
Cookie: aff=1071420; _ga_BH3KCF6H24=GS1.1.1719578760.1.0.1719578760.60.0.0; _ga=GA1.1.1131034073.1719578761
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 28 Jun 2024 12:46:00 GMT
content-type: image/x-icon
last-modified: Mon, 10 Jun 2019 20:35:15 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 74
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UTAdjKQsZnsdAgIhdl%2BKAULsRUW26V%2F3iMQLfFNSAsaFaZi3JTVo4JoeMfuoIeWhtuvT0q9IAe1pUpRydH%2Bg7NH6A%2FVNrK5fTUZ7wL0VGpjYGH%2F8UWJ2K6uKzmgxN%2FJXR2CN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89adc6f698a610b9-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.up-4ever.net/js/paging.js?ver=8

104.21.24.34

200 OK

2.0 kB

URL GET HTTP/3
www.up-4ever.net/js/paging.js?ver=8
IP
104.21.24.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/3d5u9e52e4i3
Certificate
IssuerGoogle Trust Services
Subjectup-4ever.net
Fingerprint80:48:F1:5C:A7:FD:26:BA:C0:37:EE:30:29:47:30:49:A4:E5:24:BB
ValidityTue, 18 Jun 2024 19:19:10 GMT - Mon, 16 Sep 2024 19:19:09 GMT

File type
HTML document, ASCII text, with very long lines (2061), with no line terminators
Size
2.0 kB (1987 bytes)
Hash
3a48ced13914d1a07d1b4ea214248203
c7e368174be7d09b7f6571508217ad718a565e21
cffd244467a0ecb4d497c778e712829340b55994446596a38c94d4b4de999914

HTTP Headers

GET /js/paging.js?ver=8 HTTP/1.1
Host: www.up-4ever.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/3d5u9e52e4i3
Cookie: aff=1071420
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 28 Jun 2024 12:45:59 GMT
content-type: application/javascript
last-modified: Mon, 27 May 2019 03:32:02 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 317
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bf6XiACdTwBP2u0w26I1R00Sli4huN2zFStnEJ5Hcx0RxGzWwrmCHhrT3tcNI0C4zLxsSIkNCQW81GkwriQF1CDbmAbGLLSpQL6RY1OTmYricVejmSwZ3WX%2FIZ4S4GXvv3S4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89adc6f0bfe810b9-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.up-4ever.net/assets/js/interface.js?ver=11

104.21.24.34

200 OK

135 B

URL GET HTTP/3
www.up-4ever.net/assets/js/interface.js?ver=11
IP
104.21.24.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/3d5u9e52e4i3
Certificate
IssuerGoogle Trust Services
Subjectup-4ever.net
Fingerprint80:48:F1:5C:A7:FD:26:BA:C0:37:EE:30:29:47:30:49:A4:E5:24:BB
ValidityTue, 18 Jun 2024 19:19:10 GMT - Mon, 16 Sep 2024 19:19:09 GMT

File type
JavaScript source, ASCII text, with no line terminators
Size
135 B (135 bytes)
Hash
be6326e55f6d453ae61f9f0cab30f7d7
bd89310ed2b393c76739efe0327c542f92da9988
ea326306169eee7ee8d42c464f6159543917fba92ee221d8721b9aa9ffdb34d8

HTTP Headers

GET /assets/js/interface.js?ver=11 HTTP/1.1
Host: www.up-4ever.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/3d5u9e52e4i3
Cookie: aff=1071420
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 28 Jun 2024 12:45:59 GMT
content-type: application/javascript
last-modified: Sat, 06 Feb 2021 14:49:51 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1469
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ns3AOIP%2FzE0%2B2TVKZUJiAaoVqH9aCyqab%2FToJ3Rypx6IygF3duKbp8diYWB9mMOWH9NWAgXWTSrOpc8xjaepiFhySirIxh%2BrkFci7YZgNTDrUOZk9dFbTg2j6R%2Ff5975UY5X"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89adc6f0d80710b9-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.up-4ever.net/js/jquery.cookie.js

104.21.24.34

200 OK

3.1 kB

URL GET HTTP/3
www.up-4ever.net/js/jquery.cookie.js
IP
104.21.24.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/3d5u9e52e4i3
Certificate
IssuerGoogle Trust Services
Subjectup-4ever.net
Fingerprint80:48:F1:5C:A7:FD:26:BA:C0:37:EE:30:29:47:30:49:A4:E5:24:BB
ValidityTue, 18 Jun 2024 19:19:10 GMT - Mon, 16 Sep 2024 19:19:09 GMT

File type
JavaScript source, ASCII text, with very long lines (3441), with no line terminators
Size
3.1 kB (3121 bytes)
Hash
7e208f9bc7ca201678c76d96e899349c
afa52ce81c7656bf1a8605bd2cbd38c2be00cd9b
0f0e74eaa31ad2d6c07d9ceb16efefc78aae0f45328759eb163800d261e53d29

HTTP Headers

GET /js/jquery.cookie.js HTTP/1.1
Host: www.up-4ever.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/3d5u9e52e4i3
Cookie: aff=1071420
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 28 Jun 2024 12:45:59 GMT
content-type: application/javascript
last-modified: Wed, 25 Nov 2020 04:27:31 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 317
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OGSFvCetM0VxgMRFwRrsH9oGQTb72p9venyNzoV3ZVCWD7xCOhGfzyPf0%2Bpl2FmDNjMFUBX8mPNTgy9zbpmAXqzp5JDH3UtdS1W%2F9lcldJ4auSvOOszyjhG0OUmdW75TWqhp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89adc6f0bfe710b9-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.up-4ever.net/assets/js/mdb.min.js?ver=15

104.21.24.34

200 OK

420 kB

URL GET HTTP/3
www.up-4ever.net/assets/js/mdb.min.js?ver=15
IP
104.21.24.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/3d5u9e52e4i3
Certificate
IssuerGoogle Trust Services
Subjectup-4ever.net
Fingerprint80:48:F1:5C:A7:FD:26:BA:C0:37:EE:30:29:47:30:49:A4:E5:24:BB
ValidityTue, 18 Jun 2024 19:19:10 GMT - Mon, 16 Sep 2024 19:19:09 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
420 kB (419555 bytes)
Hash
6463535469b0b25b75b2e7a5827ffefa
ebd7735850a34a96a130fad72cb395e40772edcf
b6e658cbd1f64eba1b117f37d463588e91d21469fbf2cb2332b5d68f4e4b0fee

HTTP Headers

GET /assets/js/mdb.min.js?ver=15 HTTP/1.1
Host: www.up-4ever.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/3d5u9e52e4i3
Cookie: aff=1071420
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 28 Jun 2024 12:45:59 GMT
content-type: application/javascript
last-modified: Thu, 23 May 2019 00:36:02 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 74
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dbpTG3fjmdYr2onACDfCR44%2B%2FQ%2Fc2YgYE2hMNauut%2FH93X%2FrOa8XMozPeIr%2Fry7lB3qFzKpl6Wf3upocjgiDqSUNRZph6lnNx8FoKxOziEblMZWtfIVEHz0CJL5qmfaDyVgQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89adc6f0c80610b9-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

pogothere.xyz/asd100.bin

188.114.97.1

200 OK

102 kB

URL GET HTTP/2
pogothere.xyz/asd100.bin
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/3d5u9e52e4i3
Certificate
IssuerGoogle Trust Services LLC
Subjectpogothere.xyz
FingerprintD5:05:90:24:44:B6:41:18:9C:8A:33:A9:4D:BD:A0:53:55:33:EF:4D
ValiditySat, 25 May 2024 04:51:26 GMT - Fri, 23 Aug 2024 04:51:25 GMT

File type
data
Size
102 kB (102400 bytes)
Hash
4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

HTTP Headers

GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.up-4ever.net/
Origin: https://www.up-4ever.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 28 Jun 2024 12:46:00 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://www.up-4ever.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 2947
last-modified: Fri, 28 Jun 2024 11:56:53 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CV18ElSLq48GnimOioUxca5AU2WbL8Hot6N%2Bn6SLXuXVRs9cOm830XkxMdxxYoiAiMcYTP10WkjUZsl5mJc9QU5wMX006gqQ6gr5BFaYbFFqAxgFdfFhvLZAdOrpgLcq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89adc6f7bab392dc-CPH
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (19)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash