Report - www.up-4ever.net/i7nlu96zpqh4

Report Overview

Visited public
2025-01-06 14:08:56
Tags
URL
www.up-4ever.net/i7nlu96zpqh4
Finishing URL
www.up-4ever.net/i7nlu96zpqh4
IP / ASN
104.21.24.34
#13335 CLOUDFLARENET
Title
Download File Luminar Neo Ai Premium Edition v1.22.0.14095 Full Activated - WwW.Dr-FarFar.CoM.zip

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
accounts.google.com	81	1997-09-15	2012-05-23	2025-01-01	3.7 kB	24 kB	142.251.9.84
ukankingwithea.com	unknown	2024-01-01	2024-09-05	2025-01-01	1.7 kB	209 kB	104.21.48.1
dof9zd9l290mz.cloudfront.net	unknown	2008-04-25	2024-03-27	2024-12-29	1.8 kB	114 kB	54.230.241.49
zb.rafikfangas.com	unknown	2024-03-09	2024-10-14	2024-12-29	415 B	1.5 kB	23.109.170.114
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2025-01-01	1.6 kB	26 kB	142.250.74.35
deditiontowritin.com	unknown	2024-11-07	2025-01-02	2025-01-02	2.2 kB	3.4 kB	172.67.148.89
region1.analytics.google.com	unknown	1997-09-15	2022-03-17	2025-01-01	960 B	844 B	216.239.32.36
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-01-01	560 B	1.7 kB	142.250.74.10
www.google.no	25607	2001-02-26	2012-06-26	2025-01-01	706 B	578 B	142.250.147.94
www.up-4ever.net	unknown	2018-08-22	2019-05-16	2024-12-29	15 kB	989 kB	172.67.216.188
www.googletagmanager.com	75	2011-11-11	2012-10-04	2025-01-01	423 B	128 kB	142.250.74.168
unpkg.com	11693	2016-01-06	2016-01-07	2025-01-01	1.4 kB	251 kB	104.17.246.203
ashasvsucoce.com	unknown	2024-11-07	2025-01-02	2025-01-02	2.0 kB	6.3 kB	13.227.219.25

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-01-06	medium	rafikfangas.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (21)

	URL	From	Size	First Seen	Last Seen
	unknown	ScriptElement	236 B	2025-01-06	2025-01-06
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-06 14:08 Last Seen2025-01-06 14:08 Times Seen1 Hash 1f7069ace96c70489f924bd87c9cfa7e 312a2d4f855949bbd8a4e26acf82ea584026abc5 4943de3b7fe811140f0df882d0d8cb4f7224e19090e05edf1166e37175b9018c Loading...

	zb.rafikfangas.com/r6lARh6dZy6aI9l/vGVkM	ScriptElement	0 B	0001-01-01	2025-05-05
Pretty URL zb.rafikfangas.com/r6lARh6dZy6aI9l/vGVkM IP 23.109.170.114 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-05-05 04:32 Times Seen4609238 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.up-4ever.net/cdn-cgi/challenge-platform/scripts/jsd/main.js	ScriptElement	8.7 kB	2025-01-06	2025-01-06
Pretty URL www.up-4ever.net/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 172.67.216.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-06 14:08 Last Seen2025-01-06 14:08 Times Seen1 Hash e176cb66edd7647c40b27d82febd6167 ba65cb689d5da9557d643c60c1118ade4a1821cb 505f16959b1ddabb274ee8089cf98cc1198bc874fd1355bbd7e6fc2ac12dd33e Loading...

	www.up-4ever.net/assets/js/sweetalert.min.js	ScriptElement	41 kB	2024-12-13	2025-04-20
Pretty URL www.up-4ever.net/assets/js/sweetalert.min.js IP 172.67.216.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-13 22:31 Last Seen2025-04-20 06:46 Times Seen25 Hash 78d6d0d77b38c6bddfb8fecd71cad940 f73319c9ab6b8a0e0733a0d9a538620b4ca23562 92514bfb5aa460c0365f8eaf2ce2d31f0e089fc1ced03aba0f40ec9aaa3e1556 Loading...

	www.up-4ever.net/i7nlu96zpqh4	ScriptElement	162 B	2024-12-13	2025-04-20
Pretty URL www.up-4ever.net/i7nlu96zpqh4 IP 172.67.216.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-13 22:31 Last Seen2025-04-20 06:46 Times Seen24 Hash 97c75b04b1370dd076624a7d00176a62 02222a360313268fd507eee61510c7b2a8f00c5c d09d4c484b822781589417a12c7c59121bf664bf1617bcd831814d7d377dcedb Loading...

	www.up-4ever.net/assets/js/cookie.js?r=6	ScriptElement	2.6 kB	2024-12-13	2025-04-20
Pretty URL www.up-4ever.net/assets/js/cookie.js?r=6 IP 172.67.216.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-13 22:31 Last Seen2025-04-20 06:46 Times Seen24 Hash a26fb8b9110da7839525523473cd043c e6b058ae41e6fe719200e31f3d61f7021d471170 08a50bf385399292e4d8fbacd274026df950eb6062f77ed2ce5153de396a5d8b Loading...

	www.up-4ever.net/i7nlu96zpqh4	ScriptElement	57 B	2023-03-07	2025-05-04
Pretty URL www.up-4ever.net/i7nlu96zpqh4 IP 172.67.216.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:06 Last Seen2025-05-04 19:24 Times Seen9583 Hash 2a2781f9bb6302c2f96df0d1e96ef524 796bb90146495848c0c479533c367edadb94f1a9 1b60af0ce49d65e8b1006457c16883d60e53a0054bb157c57c3b03a82ee9964d Loading...

	dof9zd9l290mz.cloudfront.net/?dzfod=1038311	ScriptElement	343 kB	2025-01-06	2025-01-06
Pretty URL dof9zd9l290mz.cloudfront.net/?dzfod=1038311 IP 54.230.241.49 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-06 14:08 Last Seen2025-01-06 14:08 Times Seen1 Hash bddb4096bb01100dda6d3bbdb0375646 271dcc7ca358ae7dd5ee290c7ac99d18a5313f58 1b81cb2e48248bf749de26a9c5d7d3e40e0e68d660d3255caf09aa90c684f820 Loading...

	www.up-4ever.net/i7nlu96zpqh4	ScriptElement	340 B	2024-12-13	2025-04-05
Pretty URL www.up-4ever.net/i7nlu96zpqh4 IP 172.67.216.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-13 22:31 Last Seen2025-04-05 01:27 Times Seen22 Hash 18d8c6e6f9896013688fee4c97973651 f88b7017919c0f51ba6ef054c6c006a74c51427c 63fc2b4b5cfe14425d5994449309e4c656d53b2596ef1237d6232569af80d0b2 Loading...

	www.up-4ever.net/i7nlu96zpqh4	ScriptElement	186 B	2024-12-13	2025-04-05
Pretty URL www.up-4ever.net/i7nlu96zpqh4 IP 172.67.216.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-13 22:31 Last Seen2025-04-05 01:27 Times Seen23 Hash c47ecd4f1c101dd0be62d21c2355e3cb 24a213fc96a5aeed23a4b03fb1fd2417f6694e94 ece999ee5223b25fce285465709081ef8fa68b75ec3decd49cdf10f594888cc4 Loading...

	www.up-4ever.net/assets/js/main.js?ver=2	ScriptElement	671 B	2024-12-13	2025-04-20
Pretty URL www.up-4ever.net/assets/js/main.js?ver=2 IP 172.67.216.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-13 22:31 Last Seen2025-04-20 06:46 Times Seen25 Hash c53f2b213417b4ae0ea88b566a5aaad4 03dbd35d8a41b24ba36fb451a5c40f71490112c8 b072d472f70fc2b63d0d03added6b617d5699597e0d9b3f444f62a1e2f4313f6 Loading...

	www.up-4ever.net/i7nlu96zpqh4	ScriptElement	761 B	2024-12-13	2025-04-05
Pretty URL www.up-4ever.net/i7nlu96zpqh4 IP 172.67.216.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-13 22:31 Last Seen2025-04-05 01:27 Times Seen23 Hash c538657a947a1e2c7ac66329f58eec22 ddc94e497653875cbf844021814e13b19a0de68a 7a075bf4d1d58b69ce0b005cb9be7b675626b150eb1a7b5124fc3ad9cde564c7 Loading...

	www.up-4ever.net/assets/js/alphinejs.min.js	ScriptElement	44 kB	2024-03-12	2025-04-20
Pretty URL www.up-4ever.net/assets/js/alphinejs.min.js IP 172.67.216.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-12 01:47 Last Seen2025-04-20 06:46 Times Seen44 Hash 6341ca60a3790b37fb046e6cded71afe d5f1b32f86fa5b172cae593691a22e1584fa691f 5bdc5d6356b4364d902406552c8195a89e878861bcf75183165ef80d2a295ae2 Loading...

	www.up-4ever.net/assets/js/popperjs.js	ScriptElement	20 kB	2023-11-23	2025-04-20
Pretty URL www.up-4ever.net/assets/js/popperjs.js IP 172.67.216.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-23 08:24 Last Seen2025-04-20 06:46 Times Seen49 Hash 11ac784d818ffcb28043696d67eb9ed3 0f5fa11562b7d8355c31e868dee06ad544c6479e ef9d782294421522458e434c973a266b8be6544e0919a51810933db18aba3987 Loading...

	www.up-4ever.net/js/paging.js?r=37	ScriptElement	4.6 kB	2024-12-13	2025-04-20
Pretty URL www.up-4ever.net/js/paging.js?r=37 IP 172.67.216.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-13 22:31 Last Seen2025-04-20 06:46 Times Seen25 Hash 65acc03e89e31b30c305636f9e472caa dc6fcc5aa2f4203fa683eddb31ba86fbdef16191 50f473b7cf9135f5703b2b1ef99dc5968df531b75c09790f77438f2f45288b95 Loading...

	www.up-4ever.net/i7nlu96zpqh4	ScriptElement	921 B	2025-01-06	2025-01-06
Pretty URL www.up-4ever.net/i7nlu96zpqh4 IP 172.67.216.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-01-06 14:08 Last Seen2025-01-06 14:08 Times Seen1 Hash 7dedda50d0f2d9e1a8926d7a49899fbc 8345c42902a87169086315b68398432af1733f36 71adc00b58afb5a76953113b61c2c78e5a4b8cc6534f6d91b82c03e7b4562bbd Loading...

	www.up-4ever.net/assets/js/bootstrap/bootstrap.min.js	ScriptElement	60 kB	2023-03-07	2025-05-03
Pretty URL www.up-4ever.net/assets/js/bootstrap/bootstrap.min.js IP 172.67.216.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03 Last Seen2025-05-03 14:09 Times Seen1149 Hash a08792f518b51f0f1422b5c96df9eb8a 3f094f010bfb0c022a51b62778d4361d1cad3fd6 5c36e28c9a7bd864b673e223db7e1934923227536ffbdf871f58b6f09b9ac8c9 Loading...

	www.googletagmanager.com/gtag/js?id=G-BH3KCF6H24	ScriptElement	384 kB	2025-01-06	2025-01-06
Pretty URL www.googletagmanager.com/gtag/js?id=G-BH3KCF6H24 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-06 14:08 Last Seen2025-01-06 14:08 Times Seen1 Hash 8f48808671c2e2405a4e50de533e962f 398c7191d9afe8a7fe14811482669c44a34d2dd0 29db7ae9f2d2358b52254768c87b536339b49fcca33d2bb814968956112b1180 Loading...

	www.up-4ever.net/assets/js/ult.js?r=7	ScriptElement	587 B	2024-12-13	2025-04-20
Pretty URL www.up-4ever.net/assets/js/ult.js?r=7 IP 172.67.216.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-13 22:31 Last Seen2025-04-20 06:46 Times Seen25 Hash 658c6b1e94658a650aae15d10ca899e6 ff27b3f42d13905f2e299acb02665c8cd80cde8a 829bc82f925809803bebad16819ff1dd73e59a2685c2c5a9e7c000ce61d142a3 Loading...

	www.up-4ever.net/i7nlu96zpqh4	ScriptElement	465 B	2024-12-13	2025-04-05
Pretty URL www.up-4ever.net/i7nlu96zpqh4 IP 172.67.216.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-13 22:31 Last Seen2025-04-05 01:27 Times Seen23 Hash f71c59ea1936497a20e129c7f49890e4 26f7fe65d73db9a2c0e759ed8581be05f09ed2aa bef6abb0623df1bb2ebfabdac7630cef201280324c66e813e6543a14e42a09ed Loading...

	www.up-4ever.net/assets/js/popper.min.js	ScriptElement	20 kB	2023-05-30	2025-05-04
Pretty URL www.up-4ever.net/assets/js/popper.min.js IP 172.67.216.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-30 11:24 Last Seen2025-05-04 08:05 Times Seen1650 Hash 31032b08bd8e72220462d3f54f8bd69a 871d6ef1070bd363ea390e0c8c384e47dce7f389 c212f4b505a86352aed62b24a8f16f999f821ecbe6456c7f3c8a04bc87968782 Loading...

HTTP Transactions (55)

URL IP Response Size

www.up-4ever.net/assets/img/logo.png?ver=1

172.67.216.188

200 OK

13 kB

URL GET HTTP/3
www.up-4ever.net/assets/img/logo.png?ver=1
IP
172.67.216.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/i7nlu96zpqh4
Certificate
IssuerGoogle Trust Services
Subjectup-4ever.net
Fingerprint86:B1:07:B1:BA:DF:35:65:36:5A:99:47:51:EE:D8:09:5F:F3:E6:52
ValidityThu, 12 Dec 2024 22:41:12 GMT - Wed, 12 Mar 2025 23:39:00 GMT

File type
PNG image data, 512 x 136, 8-bit/color RGBA, non-interlaced
Size
13 kB (12959 bytes)
Hash
2e2b2b602db3e8c45c229059d97b9d5a
330eb065fce7f3bc623214c7cdd08a48f2f74977
28d5c69fdfd41678b64812bcb4f0f536aa5231ffc05d55cbf1d3f54838ab78b6

HTTP Headers

GET /assets/img/logo.png?ver=1 HTTP/1.1
Host: www.up-4ever.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/i7nlu96zpqh4
Cookie: affiliate=umlj85DWxil7%2FgY7FmNkO8tLtfIcV5o8USO9HIbChlUaFCWktoFcAECv%2F5X1uZ8d%2BQkeCQsUCLqxO8T5zYwxwbmYLT8F35Lp4bHs5rI%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 06 Jan 2025 14:08:29 GMT
content-type: image/png
content-length: 12959
last-modified: Fri, 28 Jun 2024 18:30:40 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 6203
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RmrH5NL3wTSPVxDghQ2xFWmIQxlvHPT7Nx%2FZlJCVUMisTUXtOsXr%2F6%2FXSbrBmrdKPPgpI5JqL9L0jc1MjEx9TdPTfUkYIqauybNJ4T7Vigj2vYBE3lZ6k1Ok%2BKM8MN%2B2Vxe8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fdc47c8fbd2b4fa-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5365&min_rtt=1662&rtt_var=4009&sent=88&recv=23&lost=0&retrans=0&sent_bytes=83164&recv_bytes=7033&delivery_rate=10549360&cwnd=31200&unsent_bytes=0&cid=633d2a6be1b18a49&ts=276&x=1", cfExtPri, cfHdrFlush;dur=2

www.up-4ever.net/assets/img/logo-light.png?ver=1

172.67.216.188

200 OK

13 kB

URL GET HTTP/3
www.up-4ever.net/assets/img/logo-light.png?ver=1
IP
172.67.216.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/i7nlu96zpqh4
Certificate
IssuerGoogle Trust Services
Subjectup-4ever.net
Fingerprint86:B1:07:B1:BA:DF:35:65:36:5A:99:47:51:EE:D8:09:5F:F3:E6:52
ValidityThu, 12 Dec 2024 22:41:12 GMT - Wed, 12 Mar 2025 23:39:00 GMT

File type
PNG image data, 512 x 136, 8-bit/color RGBA, non-interlaced
Size
13 kB (12726 bytes)
Hash
e7ae8b3716ca8c6f6963437ddcbdb160
9b8891fb61cc1432d50112adc2fea14772114d37
3084fdd15ab2da46282b43f471793aaf1ddf3eddfcc5f5004bd9b050b4fd6939

HTTP Headers

GET /assets/img/logo-light.png?ver=1 HTTP/1.1
Host: www.up-4ever.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/i7nlu96zpqh4
Cookie: affiliate=umlj85DWxil7%2FgY7FmNkO8tLtfIcV5o8USO9HIbChlUaFCWktoFcAECv%2F5X1uZ8d%2BQkeCQsUCLqxO8T5zYwxwbmYLT8F35Lp4bHs5rI%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 06 Jan 2025 14:08:29 GMT
content-type: image/png
content-length: 12726
last-modified: Fri, 28 Jun 2024 18:31:02 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 6203
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x0ENwWINfN3DmNz%2FwFoGw%2BqMFeNKe%2Fc6tmc6OwLRNjw%2FVQ8sr%2FGSrNb3iyBYOnqlPzuHyYPl%2F%2BXkf9vV8A%2FNZ3CWeTk35WDzJPPiRu0Dz2grALFtNq0gNj4NeLZhWEc7NurI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fdc47c8fbd3b4fa-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5365&min_rtt=1662&rtt_var=4009&sent=78&recv=23&lost=0&retrans=0&sent_bytes=71164&recv_bytes=7033&delivery_rate=10549360&cwnd=31200&unsent_bytes=0&cid=633d2a6be1b18a49&ts=275&x=1", cfExtPri, cfHdrFlush;dur=0

www.up-4ever.net/assets/img/lang/english.png

172.67.216.188

200 OK

18 kB

URL GET HTTP/3
www.up-4ever.net/assets/img/lang/english.png
IP
172.67.216.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/i7nlu96zpqh4
Certificate
IssuerGoogle Trust Services
Subjectup-4ever.net
Fingerprint86:B1:07:B1:BA:DF:35:65:36:5A:99:47:51:EE:D8:09:5F:F3:E6:52
ValidityThu, 12 Dec 2024 22:41:12 GMT - Wed, 12 Mar 2025 23:39:00 GMT

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Size
18 kB (18065 bytes)
Hash
522cd947786223c980335caf0dd2a849
dcc5330cc2d096a9b2beb2c8d4ae0818476b57ac
9c5eedee31ed4a0f1085f727f2ef4e3726539ee8c2e9a35c86f084ed62b9b873

HTTP Headers

GET /assets/img/lang/english.png HTTP/1.1
Host: www.up-4ever.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/i7nlu96zpqh4
Cookie: affiliate=umlj85DWxil7%2FgY7FmNkO8tLtfIcV5o8USO9HIbChlUaFCWktoFcAECv%2F5X1uZ8d%2BQkeCQsUCLqxO8T5zYwxwbmYLT8F35Lp4bHs5rI%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 06 Jan 2025 14:08:29 GMT
content-type: image/png
content-length: 18065
last-modified: Fri, 24 May 2024 14:56:52 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 6203
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zCZboihwarNojvv6q7up5fD1qTVM3Cs1M%2FVLbIYVgEhJiMB2iTtKwXYoa3HjXFGwWy8anFdsDlOGVmah0O8JUt2%2FaXBsexWSgZpcdjbD6PyVVsnK9ruHWbRFmQG5uskm%2FXPL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fdc47c8fbd5b4fa-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5365&min_rtt=1662&rtt_var=4009&sent=90&recv=23&lost=0&retrans=0&sent_bytes=84636&recv_bytes=7033&delivery_rate=10549360&cwnd=31200&unsent_bytes=0&cid=633d2a6be1b18a49&ts=276&x=1", cfExtPri, cfHdrFlush;dur=2

www.up-4ever.net/assets/img/lang/arabic.png

172.67.216.188

200 OK

9.0 kB

URL GET HTTP/3
www.up-4ever.net/assets/img/lang/arabic.png
IP
172.67.216.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/i7nlu96zpqh4
Certificate
IssuerGoogle Trust Services
Subjectup-4ever.net
Fingerprint86:B1:07:B1:BA:DF:35:65:36:5A:99:47:51:EE:D8:09:5F:F3:E6:52
ValidityThu, 12 Dec 2024 22:41:12 GMT - Wed, 12 Mar 2025 23:39:00 GMT

File type
PNG image data, 250 x 250, 8-bit colormap, non-interlaced
Size
9.0 kB (8958 bytes)
Hash
798aae2c9802b02e55a09f8f631ae930
6aa450cddf6b8b97a9828c34f43c9348182b18da
3922bee04c4ba3b2e364c96e0a4afde30e21b5f9b41789302aad3a32e8f27dbb

HTTP Headers

GET /assets/img/lang/arabic.png HTTP/1.1
Host: www.up-4ever.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/i7nlu96zpqh4
Cookie: affiliate=umlj85DWxil7%2FgY7FmNkO8tLtfIcV5o8USO9HIbChlUaFCWktoFcAECv%2F5X1uZ8d%2BQkeCQsUCLqxO8T5zYwxwbmYLT8F35Lp4bHs5rI%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 06 Jan 2025 14:08:29 GMT
content-type: image/png
content-length: 8958
last-modified: Fri, 24 May 2024 14:58:10 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 6203
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M3C%2FPsVeFu4iPKuk5vyIQ0xjEw0mCx8Uyaw7Ompnkvlk8sctnQN6OzpHwQbtez3K0v%2BPgD7ezU2FLPKVoYDEtZzHV5UbMnS58WMshYMa6e7Lu2owAPNcdtLQpSA7vdzusI0i"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fdc47c8fbd6b4fa-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5365&min_rtt=1662&rtt_var=4009&sent=90&recv=23&lost=0&retrans=0&sent_bytes=84636&recv_bytes=7033&delivery_rate=10549360&cwnd=31200&unsent_bytes=0&cid=633d2a6be1b18a49&ts=277&x=1", cfExtPri, cfHdrFlush;dur=1

www.up-4ever.net/assets/img/lang/french.png

172.67.216.188

200 OK

1.8 kB

URL GET HTTP/3
www.up-4ever.net/assets/img/lang/french.png
IP
172.67.216.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/i7nlu96zpqh4
Certificate
IssuerGoogle Trust Services
Subjectup-4ever.net
Fingerprint86:B1:07:B1:BA:DF:35:65:36:5A:99:47:51:EE:D8:09:5F:F3:E6:52
ValidityThu, 12 Dec 2024 22:41:12 GMT - Wed, 12 Mar 2025 23:39:00 GMT

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
Size
1.8 kB (1833 bytes)
Hash
fc0f814574dd8e5fd9516f344187a987
197b6e84db5868f10ae04fdff59a299c2e21d4fa
2bc9014576a056a6096c5c80d0dc4e5a8928b3e1264fd679daf04105b23e15e7

HTTP Headers

GET /assets/img/lang/french.png HTTP/1.1
Host: www.up-4ever.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/i7nlu96zpqh4
Cookie: affiliate=umlj85DWxil7%2FgY7FmNkO8tLtfIcV5o8USO9HIbChlUaFCWktoFcAECv%2F5X1uZ8d%2BQkeCQsUCLqxO8T5zYwxwbmYLT8F35Lp4bHs5rI%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 06 Jan 2025 14:08:29 GMT
content-type: image/png
content-length: 1833
last-modified: Fri, 24 May 2024 14:58:38 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 6203
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3g6NjncpZkS2Je8E52OPqI%2FpNpKvZH3VronFaQNQW9GoV1D2MjM%2BZ1d6NlvrKRqLRqr3AfEOpzjTmQcmPkQLQ94Y2a8hi0LcOHONNsZux6pvUug1mOML5LNYyMj9Vs93kydz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fdc47c8fbe0b4fa-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4883&min_rtt=1662&rtt_var=3148&sent=92&recv=25&lost=0&retrans=0&sent_bytes=86713&recv_bytes=7124&delivery_rate=6540761&cwnd=62400&unsent_bytes=0&cid=633d2a6be1b18a49&ts=279&x=1", cfExtPri, cfHdrFlush;dur=0

www.up-4ever.net/assets/img/pages/premium.png

172.67.216.188

200 OK

31 kB

URL GET HTTP/3
www.up-4ever.net/assets/img/pages/premium.png
IP
172.67.216.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/i7nlu96zpqh4
Certificate
IssuerGoogle Trust Services
Subjectup-4ever.net
Fingerprint86:B1:07:B1:BA:DF:35:65:36:5A:99:47:51:EE:D8:09:5F:F3:E6:52
ValidityThu, 12 Dec 2024 22:41:12 GMT - Wed, 12 Mar 2025 23:39:00 GMT

File type
PNG image data, 170 x 169, 8-bit/color RGBA, non-interlaced
Size
31 kB (30864 bytes)
Hash
62c0a8a9d0a311b2eb601faeba67ed95
b9d7d861734ae0ae95c1969ddae6965fc5a96543
01802283ec9722f9c1ba4cdb5fa7b2b628729050f6eaec3318d50bb858ace98c

HTTP Headers

GET /assets/img/pages/premium.png HTTP/1.1
Host: www.up-4ever.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/i7nlu96zpqh4
Cookie: affiliate=umlj85DWxil7%2FgY7FmNkO8tLtfIcV5o8USO9HIbChlUaFCWktoFcAECv%2F5X1uZ8d%2BQkeCQsUCLqxO8T5zYwxwbmYLT8F35Lp4bHs5rI%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 06 Jan 2025 14:08:29 GMT
content-type: image/png
content-length: 30864
last-modified: Wed, 31 Jul 2024 17:26:40 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 5029
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ASX%2F%2B4QGX1vdiVryjVN%2FzMlEXajpIiOooNnVC7LWK9RC%2BB3hkcANuY31FWBvYxfMZMP9C8PC4briFvfziZMiiraF6gnZbQ%2BgFz4y089%2BsqdIHwgRZAPeaAVnZ%2F9U3ko%2BxXW7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fdc47c8fbeab4fa-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4883&min_rtt=1662&rtt_var=3148&sent=146&recv=25&lost=0&retrans=0&sent_bytes=147036&recv_bytes=7124&delivery_rate=6540761&cwnd=62400&unsent_bytes=0&cid=633d2a6be1b18a49&ts=282&x=1", cfExtPri, cfHdrFlush;dur=0

dof9zd9l290mz.cloudfront.net/?dzfod=1038311

54.230.241.49

200 OK

112 kB

URL GET HTTP/2
dof9zd9l290mz.cloudfront.net/?dzfod=1038311
IP
54.230.241.49:443
ASN
#16509 AMAZON-02

Requested by
https://www.up-4ever.net/i7nlu96zpqh4
Certificate
IssuerAmazon
Subject*.cloudfront.net
Fingerprint28:D3:87:79:3C:E8:8B:3C:D9:10:45:E5:F7:64:7A:6D:44:4E:5A:62
ValidityTue, 30 Jul 2024 00:00:00 GMT - Thu, 03 Jul 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (38488)
Size
112 kB (111872 bytes)
Hash
bddb4096bb01100dda6d3bbdb0375646
271dcc7ca358ae7dd5ee290c7ac99d18a5313f58
1b81cb2e48248bf749de26a9c5d7d3e40e0e68d660d3255caf09aa90c684f820

HTTP Headers

GET /?dzfod=1038311 HTTP/1.1
Host: dof9zd9l290mz.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 111872
date: Mon, 06 Jan 2025 14:08:29 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DQxu_jCV06bY9wuaDLM4EnZEysNdanJZlfK7JM2PgENOvFkGyI7a4w==
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-BH3KCF6H24

142.250.74.168

200 OK

127 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-BH3KCF6H24
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://www.up-4ever.net/i7nlu96zpqh4
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintFA:A6:D6:5C:A6:DC:BE:D1:9A:34:42:70:3B:66:13:21:40:A4:C9:E4
ValidityMon, 02 Dec 2024 08:35:56 GMT - Mon, 24 Feb 2025 08:35:55 GMT

File type
JavaScript source, ASCII text, with very long lines (17021)
Size
127 kB (127089 bytes)
Hash
8f48808671c2e2405a4e50de533e962f
398c7191d9afe8a7fe14811482669c44a34d2dd0
29db7ae9f2d2358b52254768c87b536339b49fcca33d2bb814968956112b1180

HTTP Headers

GET /gtag/js?id=G-BH3KCF6H24 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 06 Jan 2025 14:08:29 GMT
expires: Mon, 06 Jan 2025 14:08:29 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
server: Google Tag Manager
content-length: 127089
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.up-4ever.net/assets/js/bootstrap/bootstrap.min.js

172.67.216.188

200 OK

17 kB

URL GET HTTP/3
www.up-4ever.net/assets/js/bootstrap/bootstrap.min.js
IP
172.67.216.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/i7nlu96zpqh4
Certificate
IssuerGoogle Trust Services
Subjectup-4ever.net
Fingerprint86:B1:07:B1:BA:DF:35:65:36:5A:99:47:51:EE:D8:09:5F:F3:E6:52
ValidityThu, 12 Dec 2024 22:41:12 GMT - Wed, 12 Mar 2025 23:39:00 GMT

File type
JavaScript source, ASCII text, with very long lines (59810)
Size
17 kB (17153 bytes)
Hash
a08792f518b51f0f1422b5c96df9eb8a
3f094f010bfb0c022a51b62778d4361d1cad3fd6
5c36e28c9a7bd864b673e223db7e1934923227536ffbdf871f58b6f09b9ac8c9

HTTP Headers

GET /assets/js/bootstrap/bootstrap.min.js HTTP/1.1
Host: www.up-4ever.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/i7nlu96zpqh4
Cookie: affiliate=umlj85DWxil7%2FgY7FmNkO8tLtfIcV5o8USO9HIbChlUaFCWktoFcAECv%2F5X1uZ8d%2BQkeCQsUCLqxO8T5zYwxwbmYLT8F35Lp4bHs5rI%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 06 Jan 2025 14:08:29 GMT
content-type: text/javascript
last-modified: Sat, 20 Jan 2024 20:36:16 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 4221
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V5rZKAqONAIoFtszAKlY%2B5rQ%2BRgmGMVIP5g8JIIsrqUwxTb3oyIDjb9cLnhELBsZ%2FMl0RBWRwX4cO1pYi0YIsTXC2YKL0pjH8PurofL%2BZB60gFrI2sIJJ0r6DPaIElSii2kf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fdc47c8ebbfb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5365&min_rtt=1662&rtt_var=4009&sent=63&recv=23&lost=0&retrans=0&sent_bytes=53436&recv_bytes=7033&delivery_rate=10549360&cwnd=31200&unsent_bytes=0&cid=633d2a6be1b18a49&ts=275&x=1", cfExtPri, cfHdrFlush;dur=0

www.up-4ever.net/assets/js/sweetalert.min.js

172.67.216.188

200 OK

160 kB

URL GET HTTP/3
www.up-4ever.net/assets/js/sweetalert.min.js
IP
172.67.216.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/i7nlu96zpqh4
Certificate
IssuerGoogle Trust Services
Subjectup-4ever.net
Fingerprint86:B1:07:B1:BA:DF:35:65:36:5A:99:47:51:EE:D8:09:5F:F3:E6:52
ValidityThu, 12 Dec 2024 22:41:12 GMT - Wed, 12 Mar 2025 23:39:00 GMT

File type
JavaScript source, ASCII text, with very long lines (40792), with no line terminators
Size
160 kB (159540 bytes)
Hash
78d6d0d77b38c6bddfb8fecd71cad940
f73319c9ab6b8a0e0733a0d9a538620b4ca23562
92514bfb5aa460c0365f8eaf2ce2d31f0e089fc1ced03aba0f40ec9aaa3e1556

HTTP Headers

GET /assets/js/sweetalert.min.js HTTP/1.1
Host: www.up-4ever.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/i7nlu96zpqh4
Cookie: affiliate=umlj85DWxil7%2FgY7FmNkO8tLtfIcV5o8USO9HIbChlUaFCWktoFcAECv%2F5X1uZ8d%2BQkeCQsUCLqxO8T5zYwxwbmYLT8F35Lp4bHs5rI%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 06 Jan 2025 14:08:29 GMT
content-type: text/javascript
last-modified: Wed, 28 Aug 2024 14:51:52 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 4221
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yJt%2F8KEKomMRP2Dc%2B0jjZ9EcFZ9t9%2FZDCeKSq670nGRec0KzVoOQAwN4aOD7fx5VXw2tQLReA0BgHaqhBMKIH3MDZqG7uhwDZ2kfmGYjejhogoJFBolWBa4T3l8KJKT%2Btxez"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fdc47c8ebbbb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7055&min_rtt=1662&rtt_var=3449&sent=35&recv=14&lost=0&retrans=0&sent_bytes=23472&recv_bytes=4190&delivery_rate=49137&cwnd=24000&unsent_bytes=0&cid=633d2a6be1b18a49&ts=266&x=1", cfExtPri, cfHdrFlush;dur=0

www.up-4ever.net/assets/img/page-bg-shape.png

172.67.216.188

200 OK

40 kB

URL GET HTTP/3
www.up-4ever.net/assets/img/page-bg-shape.png
IP
172.67.216.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/i7nlu96zpqh4
Certificate
IssuerGoogle Trust Services
Subjectup-4ever.net
Fingerprint86:B1:07:B1:BA:DF:35:65:36:5A:99:47:51:EE:D8:09:5F:F3:E6:52
ValidityThu, 12 Dec 2024 22:41:12 GMT - Wed, 12 Mar 2025 23:39:00 GMT

File type
PNG image data, 950 x 575, 8-bit colormap, non-interlaced
Size
40 kB (39550 bytes)
Hash
6bb3710e158338c24419e70c7d7b051c
2a021601da40a868883d35f74ae1c9ec9dd66d47
1effac0e5f105704a25a9755e6775dadba2929960009c0beaa748c711f705283

HTTP Headers

GET /assets/img/page-bg-shape.png HTTP/1.1
Host: www.up-4ever.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/assets/css/pages/page.min.css
Cookie: affiliate=umlj85DWxil7%2FgY7FmNkO8tLtfIcV5o8USO9HIbChlUaFCWktoFcAECv%2F5X1uZ8d%2BQkeCQsUCLqxO8T5zYwxwbmYLT8F35Lp4bHs5rI%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 06 Jan 2025 14:08:29 GMT
content-type: image/png
content-length: 39550
last-modified: Fri, 09 Feb 2024 21:01:04 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 6201
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XSvtIdhqlPScNI%2BdV%2B%2B8VUHxkUzJ%2Byw8ZR95KqNMf7fqG6HHbefvQ8TqN5he9VIu4RNdR9rOX4YtBGNsSOqCvwiqPEUHu7JfpwZOIr6sLJvt0rLdYMI4k%2BiZDcX7wm8D7dCL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fdc47cb5e85b4fa-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3452&min_rtt=1103&rtt_var=2444&sent=220&recv=36&lost=0&retrans=0&sent_bytes=226211&recv_bytes=8960&delivery_rate=4460&cwnd=124800&unsent_bytes=0&cid=633d2a6be1b18a49&ts=666&x=1", cfExtPri, cfHdrFlush;dur=0

www.up-4ever.net/assets/js/popperjs.js

172.67.216.188

200 OK

8.0 kB

URL GET HTTP/3
www.up-4ever.net/assets/js/popperjs.js
IP
172.67.216.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/i7nlu96zpqh4
Certificate
IssuerGoogle Trust Services
Subjectup-4ever.net
Fingerprint86:B1:07:B1:BA:DF:35:65:36:5A:99:47:51:EE:D8:09:5F:F3:E6:52
ValidityThu, 12 Dec 2024 22:41:12 GMT - Wed, 12 Mar 2025 23:39:00 GMT

File type
JavaScript source, ASCII text, with very long lines (20033)
Size
8.0 kB (7989 bytes)
Hash
11ac784d818ffcb28043696d67eb9ed3
0f5fa11562b7d8355c31e868dee06ad544c6479e
ef9d782294421522458e434c973a266b8be6544e0919a51810933db18aba3987

HTTP Headers

GET /assets/js/popperjs.js HTTP/1.1
Host: www.up-4ever.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/i7nlu96zpqh4
Cookie: affiliate=umlj85DWxil7%2FgY7FmNkO8tLtfIcV5o8USO9HIbChlUaFCWktoFcAECv%2F5X1uZ8d%2BQkeCQsUCLqxO8T5zYwxwbmYLT8F35Lp4bHs5rI%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 06 Jan 2025 14:08:29 GMT
content-type: text/javascript
last-modified: Sun, 24 Mar 2024 00:14:46 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 4221
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=clLTS0S%2F2EqxXGrWlY58Cr2HlbVZXr4JCi3959l84FIKQK31IzxiiocroR%2BAlB6ZbBwA03oVNybriVuOkc3xkZnpcnJvxgJl8MRR40goddl44Rwkz%2FBdKOaJ2C9WbZZK8AaZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fdc47c8ebc1b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6451&min_rtt=1662&rtt_var=3795&sent=53&recv=17&lost=0&retrans=0&sent_bytes=44985&recv_bytes=5374&delivery_rate=2372227&cwnd=31200&unsent_bytes=0&cid=633d2a6be1b18a49&ts=269&x=1", cfExtPri, cfHdrFlush;dur=0

zb.rafikfangas.com/r6lARh6dZy6aI9l/vGVkM

23.109.170.114

200 OK

20 B

URL GET HTTP/1.1
zb.rafikfangas.com/r6lARh6dZy6aI9l/vGVkM
IP
23.109.170.114:443
ASN
#7979 SERVERS-COM

Requested by
https://www.up-4ever.net/i7nlu96zpqh4
Certificate
IssuerLet's Encrypt
Subjectzb.rafikfangas.com
Fingerprint3E:A5:29:5F:6A:1D:F3:F5:9B:74:FC:C6:F9:E9:30:0E:A1:5C:B0:EA
ValidityMon, 02 Dec 2024 23:40:45 GMT - Sun, 02 Mar 2025 23:40:44 GMT

File type
gzip compressed data, from Unix
Size
20 B (20 bytes)
Hash
7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /r6lARh6dZy6aI9l/vGVkM HTTP/1.1
Host: zb.rafikfangas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Jan 2025 14:08:30 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.up-4ever.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Tue, 07-Jan-2025 14:08:30 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwViE0KgzAUBvMeJVAqhY96AE%2BQamsXbmuXRReewGopgZBIEvtz%2B%2BpiBmaEEJwmYD0hqQpV5ao8qeJSgl7gpgUPFrJx%2FtP%2FQB6cn8HeYtcG47LazTYuf8BmbZDG%2Fmr0N%2BucmaN2NoAXtnX%2FMM%2FjrbuDJkng6FaHMRWgtzz8AV7hHdE%3D; expires=Tue, 07-Jan-2025 14:08:30 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

142.250.74.35

200 OK

7.8 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.up-4ever.net/i7nlu96zpqh4
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint40:A7:D7:D3:7D:FA:BE:34:C0:7E:6F:F7:9F:55:52:22:92:07:C7:EF
ValidityMon, 02 Dec 2024 08:36:58 GMT - Mon, 24 Feb 2025 08:36:57 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7816, version 1.0
Size
7.8 kB (7816 bytes)
Hash
25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

HTTP Headers

GET /s/poppins/v22/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.up-4ever.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Jan 2025 22:57:31 GMT
expires: Sat, 03 Jan 2026 22:57:31 GMT
cache-control: public, max-age=31536000
age: 227459
last-modified: Wed, 04 Dec 2024 06:53:03 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

142.250.74.35

200 OK

8.0 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.up-4ever.net/i7nlu96zpqh4
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint40:A7:D7:D3:7D:FA:BE:34:C0:7E:6F:F7:9F:55:52:22:92:07:C7:EF
ValidityMon, 02 Dec 2024 08:36:58 GMT - Mon, 24 Feb 2025 08:36:57 GMT

File type
Web Open Font Format (Version 2), TrueType, length 8000, version 1.0
Size
8.0 kB (8000 bytes)
Hash
72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

HTTP Headers

GET /s/poppins/v22/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.up-4ever.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 Jan 2025 04:10:06 GMT
expires: Sun, 04 Jan 2026 04:10:06 GMT
cache-control: public, max-age=31536000
age: 208704
last-modified: Wed, 04 Dec 2024 06:53:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.up-4ever.net/assets/js/cookie.js?r=6

172.67.216.188

200 OK

26 kB

URL GET HTTP/3
www.up-4ever.net/assets/js/cookie.js?r=6
IP
172.67.216.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/i7nlu96zpqh4
Certificate
IssuerGoogle Trust Services
Subjectup-4ever.net
Fingerprint86:B1:07:B1:BA:DF:35:65:36:5A:99:47:51:EE:D8:09:5F:F3:E6:52
ValidityThu, 12 Dec 2024 22:41:12 GMT - Wed, 12 Mar 2025 23:39:00 GMT

File type
JavaScript source, ASCII text, with very long lines (2552), with no line terminators
Size
26 kB (25795 bytes)
Hash
a26fb8b9110da7839525523473cd043c
e6b058ae41e6fe719200e31f3d61f7021d471170
08a50bf385399292e4d8fbacd274026df950eb6062f77ed2ce5153de396a5d8b

HTTP Headers

GET /assets/js/cookie.js?r=6 HTTP/1.1
Host: www.up-4ever.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/i7nlu96zpqh4
Cookie: affiliate=umlj85DWxil7%2FgY7FmNkO8tLtfIcV5o8USO9HIbChlUaFCWktoFcAECv%2F5X1uZ8d%2BQkeCQsUCLqxO8T5zYwxwbmYLT8F35Lp4bHs5rI%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 06 Jan 2025 14:08:29 GMT
content-type: text/javascript
last-modified: Fri, 05 Jul 2024 13:17:30 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 4222
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JyhubAhGdqi4LG8UV0o%2BfkoIxW8XHQLjYkdNwKlQCOVzCKaNEZ%2BWcKpo0lqr8Euw3AJJHzkDgM27o80vsA9YxhYFG0yAM1AdiOm2mirSEE7llVEsbgj61CA7LNoi6JDT3%2B8Z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fdc47c8dbadb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6992&min_rtt=1662&rtt_var=4430&sent=26&recv=11&lost=0&retrans=0&sent_bytes=16173&recv_bytes=3040&delivery_rate=357230&cwnd=12000&unsent_bytes=0&cid=633d2a6be1b18a49&ts=260&x=1", cfExtPri, cfHdrFlush;dur=4

unpkg.com/@phosphor-icons/web@2.1.1/src/fill/style.css

104.17.246.203

200 OK

24 kB

URL GET HTTP/2
unpkg.com/@phosphor-icons/web@2.1.1/src/fill/style.css
IP
104.17.246.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/i7nlu96zpqh4
Certificate
IssuerGoogle Trust Services
Subjectunpkg.com
Fingerprint1F:04:D7:F7:5E:E0:63:B8:0D:F5:CB:BF:E1:AB:D5:B6:AD:F6:D4:A9
ValidityThu, 02 Jan 2025 21:29:46 GMT - Wed, 02 Apr 2025 22:29:43 GMT

File type
ASCII text
Size
24 kB (24120 bytes)
Hash
f0561d4b928f3521c1a3a66507052039
afb44a713f4dc526e2bffda0535da7bfcfcb44a9
555980683a582c1910a954648b4ae38f58d76e797f02bfdc2c5e817901e6d4fc

HTTP Headers

GET /@phosphor-icons/web@2.1.1/src/fill/style.css HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 06 Jan 2025 14:08:29 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
content-encoding: br
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "14f3d-r7RKcT9NxSbiv/2gU12nv8/LRKk"
via: 1.1 fly.io
fly-request-id: 01JFEFQFMPXAPTZT56M2CPTYKJ-arn
cf-cache-status: HIT
age: 1593201
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8fdc47c9497456c1-OSL
X-Firefox-Spdy: h2

deditiontowritin.com/M2pqREccVQk3elc/XzceZhIrIREKOwwBAQE9PCB/YQRTJxEAAUwwLldXW3RyBF5cc2FDAw55dhUZHiUzRhlXdWFaBAwrehUcV3VpAF5Ed3EdXkwxegJMHjQmVFdbYjdHHgZ5dgRZXHVwAV9bdHYHUw

172.67.148.89

204 No Content

0 B

URL GET HTTP/2
deditiontowritin.com/M2pqREccVQk3elc/XzceZhIrIREKOwwBAQE9PCB/YQRTJxEAAUwwLldXW3RyBF5cc2FDAw55dhUZHiUzRhlXdWFaBAwrehUcV3VpAF5Ed3EdXkwxegJMHjQmVFdbYjdHHgZ5dgRZXHVwAV9bdHYHUw
IP
172.67.148.89:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/i7nlu96zpqh4
Certificate
IssuerGoogle Trust Services
Subjectdeditiontowritin.com
Fingerprint24:19:7F:B8:9E:DB:E6:37:54:49:7D:4D:ED:65:2A:B2:66:9E:15:05
ValidityMon, 06 Jan 2025 07:51:40 GMT - Sun, 06 Apr 2025 08:50:23 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /M2pqREccVQk3elc/XzceZhIrIREKOwwBAQE9PCB/YQRTJxEAAUwwLldXW3RyBF5cc2FDAw55dhUZHiUzRhlXdWFaBAwrehUcV3VpAF5Ed3EdXkwxegJMHjQmVFdbYjdHHgZ5dgRZXHVwAV9bdHYHUw HTTP/1.1
Host: deditiontowritin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Mon, 06 Jan 2025 14:08:30 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s44rfMlQmUB%2B3HTP7RheJWDJ0sPg3BnerX52JhBHyki3VElqdnyRg2QLHPi57i18WpJtyvbYCa%2F7A9Me7Cv2CKctS%2B1m7nihz7w16dZFKPT5QoX8mZqVOIfLzyjq2bGSaMNxbf4Icg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fdc47ccdaee1c0a-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=8610&min_rtt=3211&rtt_var=10292&sent=8&recv=12&lost=0&retrans=0&sent_bytes=3301&recv_bytes=1516&delivery_rate=1136280&cwnd=250&unsent_bytes=0&cid=69a0e492fdecf0f6&ts=154&x=0"
X-Firefox-Spdy: h2

www.up-4ever.net/assets/js/ult.js?r=7

172.67.216.188

200 OK

1.4 kB

URL GET HTTP/3
www.up-4ever.net/assets/js/ult.js?r=7
IP
172.67.216.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/i7nlu96zpqh4
Certificate
IssuerGoogle Trust Services
Subjectup-4ever.net
Fingerprint86:B1:07:B1:BA:DF:35:65:36:5A:99:47:51:EE:D8:09:5F:F3:E6:52
ValidityThu, 12 Dec 2024 22:41:12 GMT - Wed, 12 Mar 2025 23:39:00 GMT

File type
ASCII text
Size
1.4 kB (1424 bytes)
Hash
658c6b1e94658a650aae15d10ca899e6
ff27b3f42d13905f2e299acb02665c8cd80cde8a
829bc82f925809803bebad16819ff1dd73e59a2685c2c5a9e7c000ce61d142a3

HTTP Headers

GET /assets/js/ult.js?r=7 HTTP/1.1
Host: www.up-4ever.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/i7nlu96zpqh4
Cookie: affiliate=umlj85DWxil7%2FgY7FmNkO8tLtfIcV5o8USO9HIbChlUaFCWktoFcAECv%2F5X1uZ8d%2BQkeCQsUCLqxO8T5zYwxwbmYLT8F35Lp4bHs5rI%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 06 Jan 2025 14:08:29 GMT
content-type: text/javascript
last-modified: Sat, 20 Jul 2024 18:06:40 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 4221
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=POq79X4IaaiX%2FN205bPgUSfu%2B%2FD1po37hbGAPatIe9EN4NKxEnkFKZ1AfqgdCjQ3nfIQ0IlPDVXBE4H43ldttdUZcJ2CK6OsiD5cVv1qdElKqrSamRI7wv%2BNTSYvOp4fIvRP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fdc47c91c13b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4464&min_rtt=1662&rtt_var=2411&sent=206&recv=29&lost=0&retrans=0&sent_bytes=216049&recv_bytes=7932&delivery_rate=11987844&cwnd=124800&unsent_bytes=0&cid=633d2a6be1b18a49&ts=303&x=1", cfExtPri, cfHdrFlush;dur=0

deditiontowritin.com/anBFamhFTyYZVTg2LSMKWhR3CzAGEiMEDAUTAxJYDCd8Xz5ZE2MeAQ5NdFpbUkN0W04aGSFXWUwDMQscHwN4W04DHiMFVUwGeFtGWURrWV5ERGMfVVtWMRoJDU10TBgeBClXWV1Dc1tfWEV0WlhcRA

172.67.148.89

204 No Content

0 B

URL GET HTTP/2
deditiontowritin.com/anBFamhFTyYZVTg2LSMKWhR3CzAGEiMEDAUTAxJYDCd8Xz5ZE2MeAQ5NdFpbUkN0W04aGSFXWUwDMQscHwN4W04DHiMFVUwGeFtGWURrWV5ERGMfVVtWMRoJDU10TBgeBClXWV1Dc1tfWEV0WlhcRA
IP
172.67.148.89:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/i7nlu96zpqh4
Certificate
IssuerGoogle Trust Services
Subjectdeditiontowritin.com
Fingerprint24:19:7F:B8:9E:DB:E6:37:54:49:7D:4D:ED:65:2A:B2:66:9E:15:05
ValidityMon, 06 Jan 2025 07:51:40 GMT - Sun, 06 Apr 2025 08:50:23 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /anBFamhFTyYZVTg2LSMKWhR3CzAGEiMEDAUTAxJYDCd8Xz5ZE2MeAQ5NdFpbUkN0W04aGSFXWUwDMQscHwN4W04DHiMFVUwGeFtGWURrWV5ERGMfVVtWMRoJDU10TBgeBClXWV1Dc1tfWEV0WlhcRA HTTP/1.1
Host: deditiontowritin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Mon, 06 Jan 2025 14:08:30 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=liMsw9Cr9sxkwqVmpvV4Lyj%2Fnr6eNhmajpnYopjBxOZedBn5zFmRHyZpB8EphvqmCBz9YOcnAph%2BzBpfK5g8vABn9kiSdx5veSGmuFOITtmES%2B75Vf0gYkamjv5Rj%2BRqhE53GUBJww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fdc47cccae91c0a-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=7824&min_rtt=2319&rtt_var=9291&sent=9&recv=13&lost=0&retrans=0&sent_bytes=3879&recv_bytes=1516&delivery_rate=1136280&cwnd=251&unsent_bytes=0&cid=69a0e492fdecf0f6&ts=163&x=0"
X-Firefox-Spdy: h2

ashasvsucoce.com/cmdRaDATBTIFDxNaM05FAAtsTQI0QmMuVB0BaBJUSwtjUQAfHX8LXB0SNQ5CHQklRl4XE3RadjYpBzJ6ESE5P38hBAYyADdCYy58J1YhKmc8QmMqYjVTEgt0GSQBPn4ANzYLRjUeHF1oJR8AIXMFJDUEQwg3BzFJIA06BnE1MXRadj8ONiJSGV4/JXMkDws/fRsgOx92ESNhI2AzDzwKSAVSBhJ2QjE7WVI8PwMqVh42KCMAQxQUEXlHLysleTweYS9/GV8oIXIFFgUgcUoiBj5pPTMcMn40DGIKdTsCECBYRzEGB3YUDRcqUSAlPSsBJBYTPF8VLzhZfhFUfBxxOyZgD3YZPSItdycrBz9fNC0VUWYTVAMeVkNSPiB4PFAALAkjKQIhVhQ2MjlVQiUhKmcoUwAvWyM9GQNnPzIyEnwKXzYtdyM3Aj8EED08UHYoNgBOWgEIPxgNOAMwEQYIVig9CSJSOgJUQg

13.227.219.25

200 OK

1.2 kB

URL GET HTTP/2
ashasvsucoce.com/cmdRaDATBTIFDxNaM05FAAtsTQI0QmMuVB0BaBJUSwtjUQAfHX8LXB0SNQ5CHQklRl4XE3RadjYpBzJ6ESE5P38hBAYyADdCYy58J1YhKmc8QmMqYjVTEgt0GSQBPn4ANzYLRjUeHF1oJR8AIXMFJDUEQwg3BzFJIA06BnE1MXRadj8ONiJSGV4/JXMkDws/fRsgOx92ESNhI2AzDzwKSAVSBhJ2QjE7WVI8PwMqVh42KCMAQxQUEXlHLysleTweYS9/GV8oIXIFFgUgcUoiBj5pPTMcMn40DGIKdTsCECBYRzEGB3YUDRcqUSAlPSsBJBYTPF8VLzhZfhFUfBxxOyZgD3YZPSItdycrBz9fNC0VUWYTVAMeVkNSPiB4PFAALAkjKQIhVhQ2MjlVQiUhKmcoUwAvWyM9GQNnPzIyEnwKXzYtdyM3Aj8EED08UHYoNgBOWgEIPxgNOAMwEQYIVig9CSJSOgJUQg
IP
13.227.219.25:443
ASN
#16509 AMAZON-02

Requested by
https://www.up-4ever.net/i7nlu96zpqh4
Certificate
IssuerAmazon
Subjectashasvsucoce.com
Fingerprint92:FC:E8:9D:A6:92:87:46:1E:AB:7A:78:FC:98:BA:CB:9E:A7:06:08
ValidityWed, 13 Nov 2024 00:00:00 GMT - Fri, 12 Dec 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (3057), with no line terminators
Size
1.2 kB (1208 bytes)
Hash
440e940bb4fdf04f958f4635488a264b
88a2c9ad80a5d191aa12b74a662d925fa72722c3
e685a44f65aa3a26fe9b6ba6e055aa28664a90c85bc853cb3ff0b6265499428f

HTTP Headers

GET /cmdRaDATBTIFDxNaM05FAAtsTQI0QmMuVB0BaBJUSwtjUQAfHX8LXB0SNQ5CHQklRl4XE3RadjYpBzJ6ESE5P38hBAYyADdCYy58J1YhKmc8QmMqYjVTEgt0GSQBPn4ANzYLRjUeHF1oJR8AIXMFJDUEQwg3BzFJIA06BnE1MXRadj8ONiJSGV4/JXMkDws/fRsgOx92ESNhI2AzDzwKSAVSBhJ2QjE7WVI8PwMqVh42KCMAQxQUEXlHLysleTweYS9/GV8oIXIFFgUgcUoiBj5pPTMcMn40DGIKdTsCECBYRzEGB3YUDRcqUSAlPSsBJBYTPF8VLzhZfhFUfBxxOyZgD3YZPSItdycrBz9fNC0VUWYTVAMeVkNSPiB4PFAALAkjKQIhVhQ2MjlVQiUhKmcoUwAvWyM9GQNnPzIyEnwKXzYtdyM3Aj8EED08UHYoNgBOWgEIPxgNOAMwEQYIVig9CSJSOgJUQg HTTP/1.1
Host: ashasvsucoce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/html
content-length: 1208
date: Mon, 06 Jan 2025 14:08:30 GMT
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
set-cookie: AWSALB=JtDKV6jhlOgPaYsnf+9H7UsnC8yXoRELFUcK3cj0OBaiSBws0DUMovwQl/JPiFe/Iv6ElFw+itNJzik+MkH2/VAOHreo80gs5wEz4C/z1/FVmHIbW2QbTB1f9kjE; Expires=Mon, 13 Jan 2025 14:08:30 GMT; Path=/
AWSALBCORS=JtDKV6jhlOgPaYsnf+9H7UsnC8yXoRELFUcK3cj0OBaiSBws0DUMovwQl/JPiFe/Iv6ElFw+itNJzik+MkH2/VAOHreo80gs5wEz4C/z1/FVmHIbW2QbTB1f9kjE; Expires=Mon, 13 Jan 2025 14:08:30 GMT; Path=/; SameSite=None
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 1d1fb1f8e5e923ef7208b5a427d25d5c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: PTM_uV8XFydsgt0EmwHnmgohusWpYnGQ0YMrSF-mWXbencLOF-nwlw==
X-Firefox-Spdy: h2

www.up-4ever.net/cdn-cgi/challenge-platform/scripts/jsd/main.js

172.67.216.188

302 Found

0 B

URL GET HTTP/3
www.up-4ever.net/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
172.67.216.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/i7nlu96zpqh4
Certificate
IssuerGoogle Trust Services
Subjectup-4ever.net
Fingerprint86:B1:07:B1:BA:DF:35:65:36:5A:99:47:51:EE:D8:09:5F:F3:E6:52
ValidityThu, 12 Dec 2024 22:41:12 GMT - Wed, 12 Mar 2025 23:39:00 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: www.up-4ever.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: affiliate=umlj85DWxil7%2FgY7FmNkO8tLtfIcV5o8USO9HIbChlUaFCWktoFcAECv%2F5X1uZ8d%2BQkeCQsUCLqxO8T5zYwxwbmYLT8F35Lp4bHs5rI%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Mon, 06 Jan 2025 14:08:30 GMT
content-length: 0
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/849bfe45bf45/main.js?
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
access-control-allow-origin: *
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TLCIkENBHQ8Srq4A1L0XIoQ%2BvgEbCwU9m7pxOH3tXB9eVpgvpym1LW%2F6ItG53eEv8XCY532n9xlky0sJuGnGi6Rt86eJz8J5jpN3t8yfvB8wZICywVQ5RxM8oyyjHZj9S7L9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fdc47ce8afeb4fa-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=10413&min_rtt=1103&rtt_var=15756&sent=281&recv=39&lost=0&retrans=1&sent_bytes=294318&recv_bytes=9798&delivery_rate=520252&cwnd=124800&unsent_bytes=0&cid=633d2a6be1b18a49&ts=1172&x=1", cfExtPri, cfHdrFlush;dur=0

www.up-4ever.net/favicon.ico

172.67.216.188

200 OK

3.0 kB

URL GET HTTP/3
www.up-4ever.net/favicon.ico
IP
172.67.216.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/i7nlu96zpqh4
Certificate
IssuerGoogle Trust Services
Subjectup-4ever.net
Fingerprint86:B1:07:B1:BA:DF:35:65:36:5A:99:47:51:EE:D8:09:5F:F3:E6:52
ValidityThu, 12 Dec 2024 22:41:12 GMT - Wed, 12 Mar 2025 23:39:00 GMT

File type
MS Windows icon resource - 1 icon, 30x32, 32 bits/pixel
Size
3.0 kB (2979 bytes)
Hash
9e52093669f047bafb404675ebcf8ef0
795cc2be719d598ec415401ec3bb4fa6196dd3b2
3f8a0a01a9c5f93cd3568f55a16f7258077efe4798146b16cc74993e79c3774c

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.up-4ever.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/i7nlu96zpqh4
Cookie: affiliate=umlj85DWxil7%2FgY7FmNkO8tLtfIcV5o8USO9HIbChlUaFCWktoFcAECv%2F5X1uZ8d%2BQkeCQsUCLqxO8T5zYwxwbmYLT8F35Lp4bHs5rI%3D; _ga_BH3KCF6H24=GS1.1.1736172510.1.0.1736172510.60.0.0; _ga=GA1.1.1214777507.1736172510
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 06 Jan 2025 14:08:30 GMT
content-type: image/x-icon
last-modified: Sun, 07 Jul 2024 18:32:48 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 6198
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OGF2Zu6G5g3nBEn%2BjXDZeS4pCJWvq3jonykgS9y7CWGdO95%2BZBI%2F5AL6CgzGm8Y1RIZ4ty7s3vae898bs3X145X28KVjooT%2BO5JW6eDEbi8XxaPP40Y6kQWFpdXE7juLM0Q%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fdc47ce9b06b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=10413&min_rtt=1103&rtt_var=15756&sent=282&recv=39&lost=0&retrans=1&sent_bytes=295045&recv_bytes=9798&delivery_rate=520252&cwnd=124800&unsent_bytes=0&cid=633d2a6be1b18a49&ts=1178&x=1", cfExtPri, cfHdrFlush;dur=0

www.up-4ever.net/cdn-cgi/challenge-platform/h/g/scripts/jsd/849bfe45bf45/main.js?

172.67.216.188

200 OK

4.5 kB

URL GET HTTP/3
www.up-4ever.net/cdn-cgi/challenge-platform/h/g/scripts/jsd/849bfe45bf45/main.js?
IP
172.67.216.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/i7nlu96zpqh4
Certificate
IssuerGoogle Trust Services
Subjectup-4ever.net
Fingerprint86:B1:07:B1:BA:DF:35:65:36:5A:99:47:51:EE:D8:09:5F:F3:E6:52
ValidityThu, 12 Dec 2024 22:41:12 GMT - Wed, 12 Mar 2025 23:39:00 GMT

File type
JavaScript source, ASCII text, with very long lines (8729), with no line terminators
Size
4.5 kB (4517 bytes)
Hash
e176cb66edd7647c40b27d82febd6167
ba65cb689d5da9557d643c60c1118ade4a1821cb
505f16959b1ddabb274ee8089cf98cc1198bc874fd1355bbd7e6fc2ac12dd33e

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/849bfe45bf45/main.js? HTTP/1.1
Host: www.up-4ever.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: affiliate=umlj85DWxil7%2FgY7FmNkO8tLtfIcV5o8USO9HIbChlUaFCWktoFcAECv%2F5X1uZ8d%2BQkeCQsUCLqxO8T5zYwxwbmYLT8F35Lp4bHs5rI%3D; _ga_BH3KCF6H24=GS1.1.1736172510.1.0.1736172510.60.0.0; _ga=GA1.1.1214777507.1736172510
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 06 Jan 2025 14:08:30 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
x-content-type-options: nosniff
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w8%2Bi2fACDlrE9L6%2B5a7LV2rlpqBKGCpLp2UFBj%2B7HGdUtJ%2BT9vTxd78D%2BqAIYEvDgW0%2Fx1JMteGcEjAs03kc1zxWNR%2BADll8KvmkWrQQA5YxxGrCKnKEexHVXEeV6uAOWIhq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fdc47cf0bd2b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9517&min_rtt=1103&rtt_var=13610&sent=286&recv=41&lost=0&retrans=1&sent_bytes=298336&recv_bytes=10267&delivery_rate=215091&cwnd=124800&unsent_bytes=0&cid=633d2a6be1b18a49&ts=1264&x=1", cfExtPri, cfHdrFlush;dur=0

region1.analytics.google.com/g/collect?v=2&tid=G-BH3KCF6H24&gtm=45je4cc1v9132047618za200&_p=1736172509863&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1214777507.1736172510&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_s=1&sid=1736172510&sct=1&seg=0&dl=https%3A%2F%2Fwww.up-4ever.net%2Fi7nlu96zpqh4&dt=Download%20File%20Luminar%20Neo%20Ai%20Premium%20Edition%20v1.22.0.14095%20Full%20Activated%20-%20WwW.Dr-FarFar.CoM.zip&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1321

216.239.32.36

204 No Content

0 B

URL POST HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-BH3KCF6H24&gtm=45je4cc1v9132047618za200&_p=1736172509863&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1214777507.1736172510&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_s=1&sid=1736172510&sct=1&seg=0&dl=https%3A%2F%2Fwww.up-4ever.net%2Fi7nlu96zpqh4&dt=Download%20File%20Luminar%20Neo%20Ai%20Premium%20Edition%20v1.22.0.14095%20Full%20Activated%20-%20WwW.Dr-FarFar.CoM.zip&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1321
IP
216.239.32.36:443
ASN
#15169 GOOGLE

Requested by
https://www.up-4ever.net/i7nlu96zpqh4
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintFA:A6:D6:5C:A6:DC:BE:D1:9A:34:42:70:3B:66:13:21:40:A4:C9:E4
ValidityMon, 02 Dec 2024 08:35:56 GMT - Mon, 24 Feb 2025 08:35:55 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-BH3KCF6H24&gtm=45je4cc1v9132047618za200&_p=1736172509863&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1214777507.1736172510&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_s=1&sid=1736172510&sct=1&seg=0&dl=https%3A%2F%2Fwww.up-4ever.net%2Fi7nlu96zpqh4&dt=Download%20File%20Luminar%20Neo%20Ai%20Premium%20Edition%20v1.22.0.14095%20Full%20Activated%20-%20WwW.Dr-FarFar.CoM.zip&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1321 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.up-4ever.net/
Origin: https://www.up-4ever.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://www.up-4ever.net
date: Mon, 06 Jan 2025 14:08:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

142.250.74.10

200 OK

1.0 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
IP
142.250.74.10:443
ASN
#15169 GOOGLE

Requested by
https://www.up-4ever.net/i7nlu96zpqh4
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint30:E5:7E:29:A5:A1:81:DB:C8:A8:49:80:67:40:12:AB:30:C0:34:8D
ValidityMon, 02 Dec 2024 08:36:58 GMT - Mon, 24 Feb 2025 08:36:57 GMT

File type
gzip compressed data, max compression
Size
1.0 kB (1003 bytes)
Hash
29734c76cac94390ce53639a86df06ac
fcb905439d5dee939566e8be7f4e58dddac22213
a39ab138f0e733a1c74e2f9b74fa61666f6fba675f0787a7dfef244e07ab158f

HTTP Headers

GET /css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 06 Jan 2025 14:08:29 GMT
date: Mon, 06 Jan 2025 14:08:29 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube

142.251.9.84

302 Found

0 B

URL GET HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
142.251.9.84:443
ASN
#15169 GOOGLE

Requested by
https://www.up-4ever.net/i7nlu96zpqh4
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint69:38:7E:29:3C:FF:37:1E:96:50:B5:FA:A1:F2:98:30:3B:BE:E6:8D
ValidityMon, 02 Dec 2024 08:37:47 GMT - Mon, 24 Feb 2025 08:37:46 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:syLngntykeS2ADNAflEMuAnqHZ49Og:htt3GNRBSaXdgOr_; Expires=Wed, 06-Jan-2027 14:08:30 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 06 Jan 2025 14:08:30 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AeZLP9-1hguJN7M7mrC8HX2p0ZrQtxTXtKkkqNupIt9KbyPc2BvWMU8JPjdtcyzdk7ybi_6J6QqFUA
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-Cj36sJa75wEq_9JoXlwKKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: unsafe-none
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

dof9zd9l290mz.cloudfront.net/DNVZJcFhWOScWZ0E/LU1pBWN+RG4CcDkCPVNrPgcvGyM5XWxQICwCdlszPVYyRjknAGV/MigJbk9nMCVhZWMiGjwFcD0KPAhmbxw5WzF0Vj1bNXRBflQyK01sEyI5HzMINy0GOk8yIBwqTHA8EWVYOTMZNFk3bEIeAHh5VWoFfjFBaRBlC1VqBTogHi1Nc3-tAIA1gFkZsEGULVWoFJD9Va3Rvf15oHHN7QD9QNSIffQcQe0BpBWZ4QGkQZHkWMUczLx8gEGQPSW4bZm8FZQQ

54.230.241.49

200 OK

506 B

URL
dof9zd9l290mz.cloudfront.net/DNVZJcFhWOScWZ0E/LU1pBWN+RG4CcDkCPVNrPgcvGyM5XWxQICwCdlszPVYyRjknAGV/MigJbk9nMCVhZWMiGjwFcD0KPAhmbxw5WzF0Vj1bNXRBflQyK01sEyI5HzMINy0GOk8yIBwqTHA8EWVYOTMZNFk3bEIeAHh5VWoFfjFBaRBlC1VqBTogHi1Nc3-tAIA1gFkZsEGULVWoFJD9Va3Rvf15oHHN7QD9QNSIffQcQe0BpBWZ4QGkQZHkWMUczLx8gEGQPSW4bZm8FZQQ
IP
54.230.241.49:0
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subject*.cloudfront.net
Fingerprint28:D3:87:79:3C:E8:8B:3C:D9:10:45:E5:F7:64:7A:6D:44:4E:5A:62
ValidityTue, 30 Jul 2024 00:00:00 GMT - Thu, 03 Jul 2025 23:59:59 GMT

File type
ASCII text, with very long lines (696), with no line terminators
Size
506 B (506 bytes)
Hash
76dfe86de459d07375ba99866b9a3b6e
3580d4cb4f2e94a638a4a69331aee4ddd95b38d3
382641d520ca24af825b7014054c289fe6796745bf64833b281b1377e62845c7

HTTP Headers

GET /DNVZJcFhWOScWZ0E/LU1pBWN+RG4CcDkCPVNrPgcvGyM5XWxQICwCdlszPVYyRjknAGV/MigJbk9nMCVhZWMiGjwFcD0KPAhmbxw5WzF0Vj1bNXRBflQyK01sEyI5HzMINy0GOk8yIBwqTHA8EWVYOTMZNFk3bEIeAHh5VWoFfjFBaRBlC1VqBTogHi1Nc3-tAIA1gFkZsEGULVWoFJD9Va3Rvf15oHHN7QD9QNSIffQcQe0BpBWZ4QGkQZHkWMUczLx8gEGQPSW4bZm8FZQQ HTTP/1.1
Host: dof9zd9l290mz.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ashasvsucoce.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 506
date: Mon, 06 Jan 2025 14:08:30 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nvx2_a82EYn77fUxiLrp9oJEhtBfnEmM4sEpC3Dxy5IOQVQfMHx32A==
X-Firefox-Spdy: h2

dof9zd9l290mz.cloudfront.net/IbzJlMW8MXQtXUBtbAQxeXwFdAl5eFBVDCgkPEkYYQUcVHFsKRABDQQFXERcFHF0LQVI2UFVTK1ZTI2lJG0gBDF9JXgRfCFIUAF8MUgNDUAsND1EXGx9dDgwOC0QHSwsGXhdISRpTWFwAFVsJXQ5KACMEQV8XVwFHFwNUFFwtF1cBAwZcEElKXQIdCVkwBF-EUXC0XVwEdGRdWcFZZHFUYSl0CAlQMBF1AAyldAlQBX14CVBRdX1QMQwoJXR0UXSkLUx9fSUdYAA

54.230.241.49

200 OK

513 B

URL
dof9zd9l290mz.cloudfront.net/IbzJlMW8MXQtXUBtbAQxeXwFdAl5eFBVDCgkPEkYYQUcVHFsKRABDQQFXERcFHF0LQVI2UFVTK1ZTI2lJG0gBDF9JXgRfCFIUAF8MUgNDUAsND1EXGx9dDgwOC0QHSwsGXhdISRpTWFwAFVsJXQ5KACMEQV8XVwFHFwNUFFwtF1cBAwZcEElKXQIdCVkwBF-EUXC0XVwEdGRdWcFZZHFUYSl0CAlQMBF1AAyldAlQBX14CVBRdX1QMQwoJXR0UXSkLUx9fSUdYAA
IP
54.230.241.49:0
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subject*.cloudfront.net
Fingerprint28:D3:87:79:3C:E8:8B:3C:D9:10:45:E5:F7:64:7A:6D:44:4E:5A:62
ValidityTue, 30 Jul 2024 00:00:00 GMT - Thu, 03 Jul 2025 23:59:59 GMT

File type
ASCII text, with very long lines (745), with no line terminators
Size
513 B (513 bytes)
Hash
212788a6c81b730e0706aff49f07ea00
1051632f75977cb387587ee3b402e49829db792a
e1bd7e79f1f5b7a785f50625421f0fa1f96061a69789bd41304b952f24c5bde1

HTTP Headers

GET /IbzJlMW8MXQtXUBtbAQxeXwFdAl5eFBVDCgkPEkYYQUcVHFsKRABDQQFXERcFHF0LQVI2UFVTK1ZTI2lJG0gBDF9JXgRfCFIUAF8MUgNDUAsND1EXGx9dDgwOC0QHSwsGXhdISRpTWFwAFVsJXQ5KACMEQV8XVwFHFwNUFFwtF1cBAwZcEElKXQIdCVkwBF-EUXC0XVwEdGRdWcFZZHFUYSl0CAlQMBF1AAyldAlQBX14CVBRdX1QMQwoJXR0UXSkLUx9fSUdYAA HTTP/1.1
Host: dof9zd9l290mz.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ashasvsucoce.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 513
date: Mon, 06 Jan 2025 14:08:30 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VC630kh46TolzwlxjlIxCE1rHqTDEa3JXIytTyKrS5tITUywyVnCdA==
X-Firefox-Spdy: h2

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail

142.251.9.84

302 Found

0 B

URL GET HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
142.251.9.84:443
ASN
#15169 GOOGLE

Requested by
https://www.up-4ever.net/i7nlu96zpqh4
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint69:38:7E:29:3C:FF:37:1E:96:50:B5:FA:A1:F2:98:30:3B:BE:E6:8D
ValidityMon, 02 Dec 2024 08:37:47 GMT - Mon, 24 Feb 2025 08:37:46 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:7STcldF4fxLyFTqqLDpW0W81KRt_wA:-oJjzdTaYhpEg4BO; Expires=Wed, 06-Jan-2027 14:08:30 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 06 Jan 2025 14:08:30 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AeZLP9__lBbfmJ9r8JQIj0S_DONhHqKK-C_jw1k68DIKLz0_kMnitCSi2hcvZ8BFoq3g2wjMMPMeKQ
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'nonce-jKP4azy4W9BuTrV6X7GTdg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
cross-origin-opener-policy: unsafe-none
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BH3KCF6H24&cid=1214777507.1736172510&gtm=45je4cc1v9132047618za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tag_exp=101925629~102067555~102067808~102081485~102198178&z=692581493

142.250.147.94

200 OK

42 B

URL GET HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BH3KCF6H24&cid=1214777507.1736172510&gtm=45je4cc1v9132047618za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tag_exp=101925629~102067555~102067808~102081485~102198178&z=692581493
IP
142.250.147.94:443
ASN
#15169 GOOGLE

Requested by
https://www.up-4ever.net/i7nlu96zpqh4
Certificate
IssuerGoogle Trust Services
Subject*.google.no
FingerprintEC:1B:2E:A2:E4:2F:88:83:F3:5B:D6:A9:70:B2:7E:45:D9:3E:2B:A7
ValidityMon, 02 Dec 2024 08:38:44 GMT - Mon, 24 Feb 2025 08:38:43 GMT

File type
GIF image data, version 89a, 1 x 1
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BH3KCF6H24&cid=1214777507.1736172510&gtm=45je4cc1v9132047618za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tag_exp=101925629~102067555~102067808~102081485~102198178&z=692581493 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 06 Jan 2025 14:08:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.up-4ever.net/cdn-cgi/challenge-platform/h/g/jsd/r/8fdc47c67f1356bb

172.67.216.188

200 OK

0 B

URL POST HTTP/3
www.up-4ever.net/cdn-cgi/challenge-platform/h/g/jsd/r/8fdc47c67f1356bb
IP
172.67.216.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/i7nlu96zpqh4
Certificate
IssuerGoogle Trust Services
Subjectup-4ever.net
Fingerprint86:B1:07:B1:BA:DF:35:65:36:5A:99:47:51:EE:D8:09:5F:F3:E6:52
ValidityThu, 12 Dec 2024 22:41:12 GMT - Wed, 12 Mar 2025 23:39:00 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/jsd/r/8fdc47c67f1356bb HTTP/1.1
Host: www.up-4ever.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12153
Origin: https://www.up-4ever.net
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/i7nlu96zpqh4
Cookie: affiliate=umlj85DWxil7%2FgY7FmNkO8tLtfIcV5o8USO9HIbChlUaFCWktoFcAECv%2F5X1uZ8d%2BQkeCQsUCLqxO8T5zYwxwbmYLT8F35Lp4bHs5rI%3D; _ga_BH3KCF6H24=GS1.1.1736172510.1.0.1736172510.60.0.0; _ga=GA1.1.1214777507.1736172510
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 06 Jan 2025 14:08:30 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
priority: u=3,i=?0
set-cookie: cf_clearance=; Path=/; Expires=Thu, 01-Jan-70 00:00:00 GMT; Domain=.up-4ever.net; Priority=High; HttpOnly; Secure; SameSite=None
cf_clearance=LZsxvCp27z6RvS3ctVHK8N6C8y5BWhYdHRMH1I2fXpI-1736172510-1.2.1.1-F_oukU3ZSFZNfU6xjAa20koMZYoxtNR_2qqwjMV224dIVSNacJSPoyKYuooYYgihGT0sKV_YhHULPampxyM9g7G.5ZkdVhQDfnn37zcc0wVwU3nlAdpkViFbJnZPqcz.4IUGMQ0Up6oZC1So2yp1j3yTwUZFJ6qTs5E2QT48l2VJtfcWBoKptZ9L3L4NKvw.U4PSOk4g4x71_n2KKP_dqWzPfdFU4_7DVwhNjZ5MA7dxVTK0xzycQ.1VfiMM8yqtBLLyDAk0et6ALFLQdScAyaYXgm4gwm4B3Rk8PE8uSW9TmYWAUxyHTJO8.fAG.6Er0jcOiSks_qMdk8_jTE2fcQ; Path=/; Expires=Tue, 06-Jan-26 14:08:30 GMT; Domain=.up-4ever.net; Priority=High; HttpOnly; Secure; SameSite=None; Partitioned
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O%2B%2FISRAxSPZBz1KHyVDoZKvk9t607MOXTw3hu0sbMj5pxXxPGZ3DCPnHb620vud9sHDNK3tL%2BejcP0Op2%2Fx8lwfwHOmUx4eF8H%2FDE0RmCs0Ez8iARkkXmu9Gz%2FMr0OMKpogz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fdc47d0df1bb4fa-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8905&min_rtt=1103&rtt_var=11430&sent=296&recv=52&lost=0&retrans=1&sent_bytes=303344&recv_bytes=23327&delivery_rate=201475&cwnd=124800&unsent_bytes=0&cid=633d2a6be1b18a49&ts=1541&x=1", cfExtPri, cfHdrFlush;dur=0

accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AeZLP9-1hguJN7M7mrC8HX2p0ZrQtxTXtKkkqNupIt9KbyPc2BvWMU8JPjdtcyzdk7ybi_6J6QqFUA

142.251.9.84

302 Found

423 B

URL GET HTTP/2
accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AeZLP9-1hguJN7M7mrC8HX2p0ZrQtxTXtKkkqNupIt9KbyPc2BvWMU8JPjdtcyzdk7ybi_6J6QqFUA
IP
142.251.9.84:443
ASN
#15169 GOOGLE

Requested by
https://www.up-4ever.net/i7nlu96zpqh4
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint69:38:7E:29:3C:FF:37:1E:96:50:B5:FA:A1:F2:98:30:3B:BE:E6:8D
ValidityMon, 02 Dec 2024 08:37:47 GMT - Mon, 24 Feb 2025 08:37:46 GMT

File type
HTML document, ASCII text, with very long lines (394)
Size
423 B (423 bytes)
Hash
c3fd6547d8bcfba8c2abe296d38b7f9f
65fdbc10a3b8f30a518cdf02966cdfcb0f3dd0f7
1172c2f1dfa85131c0e409743938d09531269e99fa7f6e3ce80f98e847d68a96

HTTP Headers

GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AeZLP9-1hguJN7M7mrC8HX2p0ZrQtxTXtKkkqNupIt9KbyPc2BvWMU8JPjdtcyzdk7ybi_6J6QqFUA HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.up-4ever.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:0F4J4bkUVNYd3eeccPtgqOq8r21llg:6CjixxSVKZ59E2vW;Path=/;Expires=Wed, 06-Jan-2027 14:08:30 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 06 Jan 2025 14:08:30 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AeZLP98rlsVJL2InYEc8Qg8tfeeTPr3P77b1JLa9dFQaLesVnxs_pKwbJD5tUsUr2TXzeyPoUrL-yw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1829417634%3A1736172510903438&ddm=1
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: script-src 'nonce-UKHpRfE30cJGlFEY6fVf4w' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 423
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AeZLP9__lBbfmJ9r8JQIj0S_DONhHqKK-C_jw1k68DIKLz0_kMnitCSi2hcvZ8BFoq3g2wjMMPMeKQ

142.251.9.84

302 Found

422 B

URL GET HTTP/2
accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AeZLP9__lBbfmJ9r8JQIj0S_DONhHqKK-C_jw1k68DIKLz0_kMnitCSi2hcvZ8BFoq3g2wjMMPMeKQ
IP
142.251.9.84:443
ASN
#15169 GOOGLE

Requested by
https://www.up-4ever.net/i7nlu96zpqh4
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint69:38:7E:29:3C:FF:37:1E:96:50:B5:FA:A1:F2:98:30:3B:BE:E6:8D
ValidityMon, 02 Dec 2024 08:37:47 GMT - Mon, 24 Feb 2025 08:37:46 GMT

File type
HTML document, ASCII text, with very long lines (391)
Size
422 B (422 bytes)
Hash
c86db12d2404f829d5c1bb70b3d5f00a
60e4d9d3b8b400cede46754da4acd11a546b65de
4be5989367d44e2eddfaf341b24c946524460097c8563f232548a6db17a143d5

HTTP Headers

GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AeZLP9__lBbfmJ9r8JQIj0S_DONhHqKK-C_jw1k68DIKLz0_kMnitCSi2hcvZ8BFoq3g2wjMMPMeKQ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.up-4ever.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:fRSwPfmAixje9Y6R0xJyZGLNktXrdA:94-zCLWwIPD2aVNj;Path=/;Expires=Wed, 06-Jan-2027 14:08:30 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 06 Jan 2025 14:08:30 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AeZLP9-mPK6Gr1683swMp7yNklU5Gnf7beKxdR3IRctTQm1xTXpJMF_NCPzmLVJnia2VxDTfBk4iFA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1073691638%3A1736172510910507&ddm=1
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-v0Zqmj1ezEASZWOQGkId1Q' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 422
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

deditiontowritin.com/NHFkYTIbTgcSD3kcVFNWXyQlOXNQMgIgdFA1DzcAd0ALKWZaJEIVW1BMVVEBDEJVUBREGABcAxICEABGQQJZUgIEQEIIXFIeWVECBEBCFw8FX1dVHAdHSlUUQUxVR0ZEEANcAxIBEBVeCUBTUgQFRlZUAwVCUlU

172.67.148.89

204 No Content

0 B

URL GET HTTP/3
deditiontowritin.com/NHFkYTIbTgcSD3kcVFNWXyQlOXNQMgIgdFA1DzcAd0ALKWZaJEIVW1BMVVEBDEJVUBREGABcAxICEABGQQJZUgIEQEIIXFIeWVECBEBCFw8FX1dVHAdHSlUUQUxVR0ZEEANcAxIBEBVeCUBTUgQFRlZUAwVCUlU
IP
172.67.148.89:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/i7nlu96zpqh4
Certificate
IssuerGoogle Trust Services
Subjectdeditiontowritin.com
Fingerprint24:19:7F:B8:9E:DB:E6:37:54:49:7D:4D:ED:65:2A:B2:66:9E:15:05
ValidityMon, 06 Jan 2025 07:51:40 GMT - Sun, 06 Apr 2025 08:50:23 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /NHFkYTIbTgcSD3kcVFNWXyQlOXNQMgIgdFA1DzcAd0ALKWZaJEIVW1BMVVEBDEJVUBREGABcAxICEABGQQJZUgIEQEIIXFIeWVECBEBCFw8FX1dVHAdHSlUUQUxVR0ZEEANcAxIBEBVeCUBTUgQFRlZUAwVCUlU HTTP/1.1
Host: deditiontowritin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Mon, 06 Jan 2025 14:08:31 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SeaPEyLoOrJLcRgUGZYZ32hmk6nW9kWaXl6mYTHJN8Galue4bLs2Wi0AH84SGnrBa8BZJLuJKEbmHceZkCRqZlhGpasv3PtUE%2Bj3Iw8qmLS6FtCczwXrNny3WEzOoFyI54JQvaEcTw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fdc47d43ecbb51b-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2848&min_rtt=2709&rtt_var=1295&sent=13&recv=9&lost=0&retrans=0&sent_bytes=4175&recv_bytes=1372&delivery_rate=154627&cwnd=12000&unsent_bytes=0&cid=92963b2ceca72787&ts=1166&x=1", cfExtPri, cfHdrFlush;dur=0

deditiontowritin.com/popunder.gif

172.67.148.89

200 OK

58 B

URL GET
deditiontowritin.com/popunder.gif
IP
172.67.148.89:0
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/i7nlu96zpqh4
Certificate
IssuerGoogle Trust Services
Subjectdeditiontowritin.com
Fingerprint24:19:7F:B8:9E:DB:E6:37:54:49:7D:4D:ED:65:2A:B2:66:9E:15:05
ValidityMon, 06 Jan 2025 07:51:40 GMT - Sun, 06 Apr 2025 08:50:23 GMT

File type
GIF image data, version 89a, 1 x 1
Size
58 B (58 bytes)
Hash
28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

HTTP Headers

GET /popunder.gif HTTP/1.1
Host: deditiontowritin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 06 Jan 2025 14:08:31 GMT
content-type: image/gif
content-length: 58
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
content-encoding: gzip
cf-cache-status: HIT
age: 337637
last-modified: Thu, 02 Jan 2025 16:21:14 GMT
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=utJ33qLiyUyXo6P9ykmg0WfzaApTuxNEOW7ioalc5Id4LrEZp7%2F9fI1fQ8r0lkMEXtd4PcrY%2BvaFny8ylJMhFPyDS4R9gqTMm2J2aLAUB8sMYena1OSR6av%2BfJ%2BB5tSjjMN%2BDZLacA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fdc47d6eaacb51b-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2838&min_rtt=2709&rtt_var=992&sent=15&recv=11&lost=0&retrans=0&sent_bytes=4867&recv_bytes=1692&delivery_rate=569&cwnd=12000&unsent_bytes=0&cid=92963b2ceca72787&ts=1483&x=1", cfExtPri, cfHdrFlush;dur=0

accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AeZLP9-mPK6Gr1683swMp7yNklU5Gnf7beKxdR3IRctTQm1xTXpJMF_NCPzmLVJnia2VxDTfBk4iFA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1073691638%3A1736172510910507&ddm=1

142.251.9.84

403 Forbidden

10 kB

URL GET HTTP/3
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AeZLP9-mPK6Gr1683swMp7yNklU5Gnf7beKxdR3IRctTQm1xTXpJMF_NCPzmLVJnia2VxDTfBk4iFA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1073691638%3A1736172510910507&ddm=1
IP
142.251.9.84:443
ASN
#15169 GOOGLE

Requested by
https://www.up-4ever.net/i7nlu96zpqh4
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint36:7C:F6:D0:DA:DB:45:E1:80:A6:76:D2:C1:A5:38:1A:0B:8D:99:4E
ValidityMon, 02 Dec 2024 08:35:57 GMT - Mon, 24 Feb 2025 08:35:56 GMT

File type
gzip compressed data, max compression
Size
10 kB (10310 bytes)
Hash
3241a37a0cc4f79932fdddb53e16e660
0b697c21ffbe0da52131f7a561b77d2468443a16
5707f76a2f5501ddb3d1b1c6ad3fbc02196a960129a921a498539d3a5f04ab29

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AeZLP9-mPK6Gr1683swMp7yNklU5Gnf7beKxdR3IRctTQm1xTXpJMF_NCPzmLVJnia2VxDTfBk4iFA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1073691638%3A1736172510910507&ddm=1 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.up-4ever.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 06 Jan 2025 14:08:31 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-9GUFhberHNhIEWzUGbFnug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
content-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://www.google.com/recaptcha/api.js https://translate.google.com/translate_a/element.js https://ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.google.com/tools/feedback/open_to_help_guide_lazy.js https://www.google.com/tools/feedback/help_api.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.google.com/tools/feedback/chat_load.js https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/feedback/js/ghelp/ https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.1PNB2j8wR4U.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/ https://translate.googleapis.com/_/translate_http/_/js/ https://www.gstatic.com/recaptcha/releases/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

unpkg.com/@phosphor-icons/web@2.1.1/src/regular/Phosphor.woff2

104.17.246.203

200 OK

147 kB

URL GET HTTP/2
unpkg.com/@phosphor-icons/web@2.1.1/src/regular/Phosphor.woff2
IP
104.17.246.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/i7nlu96zpqh4
Certificate
IssuerGoogle Trust Services
Subjectunpkg.com
Fingerprint1F:04:D7:F7:5E:E0:63:B8:0D:F5:CB:BF:E1:AB:D5:B6:AD:F6:D4:A9
ValidityThu, 02 Jan 2025 21:29:46 GMT - Wed, 02 Apr 2025 22:29:43 GMT

File type
Web Open Font Format (Version 2), TrueType, length 147380, version 1.0
Size
147 kB (147380 bytes)
Hash
527636c38907af87d10e6b15ac392648
0d815f14037397ccbfd48fe5dfbef96ed6e66205
c2ea45ea05ff5c7df1936770c104725f2a68f43fd343f35f3da23a30b27de32a

HTTP Headers

GET /@phosphor-icons/web@2.1.1/src/regular/Phosphor.woff2 HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.up-4ever.net
DNT: 1
Connection: keep-alive
Referer: https://unpkg.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 06 Jan 2025 14:08:29 GMT
content-type: font/woff2
content-length: 147380
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "23fb4-DYFfFANzl8y/1I/l3775btbmYgU"
via: 1.1 fly.io
fly-request-id: 01JFETRNYQ7QZ7A1AJ3WBSZFHX-arn
cf-cache-status: HIT
age: 1581628
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8fdc47cb5b7a56c1-OSL
X-Firefox-Spdy: h2

www.up-4ever.net/i7nlu96zpqh4

172.67.216.188

200 OK

42 kB

URL User Request GET HTTP/2
www.up-4ever.net/i7nlu96zpqh4
IP
172.67.216.188:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectup-4ever.net
Fingerprint86:B1:07:B1:BA:DF:35:65:36:5A:99:47:51:EE:D8:09:5F:F3:E6:52
ValidityThu, 12 Dec 2024 22:41:12 GMT - Wed, 12 Mar 2025 23:39:00 GMT

File type

Size
42 kB (41762 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /i7nlu96zpqh4 HTTP/1.1
Host: www.up-4ever.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 06 Jan 2025 14:08:29 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=0;includeSubDomains;
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
expires: Sun, 05 Jan 2025 14:08:29 GMT
set-cookie: affiliate=umlj85DWxil7%2FgY7FmNkO8tLtfIcV5o8USO9HIbChlUaFCWktoFcAECv%2F5X1uZ8d%2BQkeCQsUCLqxO8T5zYwxwbmYLT8F35Lp4bHs5rI%3D; domain=.up-4ever.net; path=/; expires=Mon, 20 Jan 2025 14:08:29 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rs1ieTJEMZX74Q6WnpeQOlzJXcEcfFJTeVASZD21FW43k6fqaDCiobkleFkqbDyjoPka7SH%2FaCQx%2FPm09mGA8uBcFWLZ3kfzzf%2BvpaCnkMFvk%2FvbVqo0smtns8XmmYxDR9ZF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fdc47c67f1356bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=5959&min_rtt=497&rtt_var=10889&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3270&recv_bytes=1256&delivery_rate=6906200&cwnd=254&unsent_bytes=0&cid=22c1937b67c8cba6&ts=131&x=0"
X-Firefox-Spdy: h2

unpkg.com/@phosphor-icons/web@2.1.1/src/regular/style.css

104.17.246.203

200 OK

78 kB

URL GET HTTP/2
unpkg.com/@phosphor-icons/web@2.1.1/src/regular/style.css
IP
104.17.246.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/i7nlu96zpqh4
Certificate
IssuerGoogle Trust Services
Subjectunpkg.com
Fingerprint1F:04:D7:F7:5E:E0:63:B8:0D:F5:CB:BF:E1:AB:D5:B6:AD:F6:D4:A9
ValidityThu, 02 Jan 2025 21:29:46 GMT - Wed, 02 Apr 2025 22:29:43 GMT

File type
troff or preprocessor input, ASCII text
Size
78 kB (78131 bytes)
Hash
7fe7108986e8596a197c607b2d989d89
9feab57e5c948507134250af34e342e753fc029d
873761b8711147dc516b6102936e9ad005f3a3015349efcde1a496f0326f1051

HTTP Headers

GET /@phosphor-icons/web@2.1.1/src/regular/style.css HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 06 Jan 2025 14:08:29 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
content-encoding: br
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "13133-n+q1flyUhQcTQlCvNONC51P8Ap0"
via: 1.1 fly.io
fly-request-id: 01JFEW6ZY4FM2T3FWKKBAAHRH2-arn
cf-cache-status: HIT
age: 1580110
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8fdc47c9497756c1-OSL
X-Firefox-Spdy: h2

www.up-4ever.net/js/paging.js?r=37

172.67.216.188

200 OK

4.6 kB

URL GET HTTP/3
www.up-4ever.net/js/paging.js?r=37
IP
172.67.216.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/i7nlu96zpqh4
Certificate
IssuerGoogle Trust Services
Subjectup-4ever.net
Fingerprint86:B1:07:B1:BA:DF:35:65:36:5A:99:47:51:EE:D8:09:5F:F3:E6:52
ValidityThu, 12 Dec 2024 22:41:12 GMT - Wed, 12 Mar 2025 23:39:00 GMT

File type
JavaScript source, ASCII text, with very long lines (4773), with no line terminators
Size
4.6 kB (4619 bytes)
Hash
c7af692a03ea5663847f9a229a3fafe1
f75ce4abd7311c6b898ef0382fe6c9e82b8f8cc6
7a0462cce6c60c06072ad139a11d5a2538d7db4e57aa452cebf6f971c9d4251a

HTTP Headers

GET /js/paging.js?r=37 HTTP/1.1
Host: www.up-4ever.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/i7nlu96zpqh4
Cookie: affiliate=umlj85DWxil7%2FgY7FmNkO8tLtfIcV5o8USO9HIbChlUaFCWktoFcAECv%2F5X1uZ8d%2BQkeCQsUCLqxO8T5zYwxwbmYLT8F35Lp4bHs5rI%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 06 Jan 2025 14:08:29 GMT
content-type: text/javascript
last-modified: Fri, 15 Nov 2024 19:13:52 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 4221
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DlUYivav3Dy%2FB3lhM%2FcfSl85DX0BpY4tcQTQMZPOe0MUE%2Fkq9CkT4%2FOSOw2Mo6uZI4b%2FieKHiLihuVGSaNO1qn4UH%2BAat%2BzLkyf%2FS5jdJVt4FY8HLQrMSf1qSsn39oEUJdjk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fdc47c8fbd0b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5365&min_rtt=1662&rtt_var=4009&sent=90&recv=23&lost=0&retrans=0&sent_bytes=84636&recv_bytes=7033&delivery_rate=10549360&cwnd=31200&unsent_bytes=0&cid=633d2a6be1b18a49&ts=277&x=1", cfExtPri, cfHdrFlush;dur=1

www.up-4ever.net/assets/css/pages/page.min.css

172.67.216.188

200 OK

953 B

URL GET HTTP/3
www.up-4ever.net/assets/css/pages/page.min.css
IP
172.67.216.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/i7nlu96zpqh4
Certificate
IssuerGoogle Trust Services
Subjectup-4ever.net
Fingerprint86:B1:07:B1:BA:DF:35:65:36:5A:99:47:51:EE:D8:09:5F:F3:E6:52
ValidityThu, 12 Dec 2024 22:41:12 GMT - Wed, 12 Mar 2025 23:39:00 GMT

File type
ASCII text, with very long lines (955), with no line terminators
Size
953 B (953 bytes)
Hash
67ab447de4ef74add8f6596e9669eb0d
0014f38cf04edcb362b8968fe808647a4e7c2c6e
0413411431706aefaa33b5d76802d349393181fa5ab6e3f38484813ff68893ec

HTTP Headers

GET /assets/css/pages/page.min.css HTTP/1.1
Host: www.up-4ever.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/i7nlu96zpqh4
Cookie: affiliate=umlj85DWxil7%2FgY7FmNkO8tLtfIcV5o8USO9HIbChlUaFCWktoFcAECv%2F5X1uZ8d%2BQkeCQsUCLqxO8T5zYwxwbmYLT8F35Lp4bHs5rI%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 06 Jan 2025 14:08:29 GMT
content-type: text/css
last-modified: Fri, 26 Jul 2024 23:13:38 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 6203
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I744Zel0Jm1M1f7iNpysvCS8bQOzFJLiVjx0d%2Fe8NihVRSXcJSbmZGXraaD4qI9lqmOMb8lUGSjUKzw7rNbgHN3ylTK0CVlgaS0yHKmdsjph8rhjz21ORGBd%2FLH7g7I%2BL1B4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fdc47c8fbe3b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4883&min_rtt=1662&rtt_var=3148&sent=146&recv=25&lost=0&retrans=0&sent_bytes=147036&recv_bytes=7124&delivery_rate=6540761&cwnd=62400&unsent_bytes=0&cid=633d2a6be1b18a49&ts=280&x=1", cfExtPri, cfHdrFlush;dur=0

fonts.gstatic.com/s/poppins/v22/pxiEyp8kv8JHgFVrJJfecg.woff2

142.250.74.35

200 OK

7.9 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v22/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.up-4ever.net/i7nlu96zpqh4
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint40:A7:D7:D3:7D:FA:BE:34:C0:7E:6F:F7:9F:55:52:22:92:07:C7:EF
ValidityMon, 02 Dec 2024 08:36:58 GMT - Mon, 24 Feb 2025 08:36:57 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7884, version 1.0
Size
7.9 kB (7884 bytes)
Hash
9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

HTTP Headers

GET /s/poppins/v22/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.up-4ever.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 Jan 2025 04:15:23 GMT
expires: Sun, 04 Jan 2026 04:15:23 GMT
cache-control: public, max-age=31536000
age: 208387
last-modified: Wed, 04 Dec 2024 06:53:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ukankingwithea.com/asd100.bin

104.21.48.1

200 OK

102 kB

URL GET HTTP/2
ukankingwithea.com/asd100.bin
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/i7nlu96zpqh4
Certificate
IssuerGoogle Trust Services
Subjectukankingwithea.com
FingerprintE8:14:F0:35:7D:16:C6:75:8B:49:F3:D0:CD:D7:52:BF:0E:4A:BA:B8
ValidityWed, 01 Jan 2025 13:14:55 GMT - Tue, 01 Apr 2025 14:13:37 GMT

File type
data
Size
102 kB (102400 bytes)
Hash
4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

HTTP Headers

GET /asd100.bin HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.up-4ever.net/
Origin: https://www.up-4ever.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 06 Jan 2025 14:08:30 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://www.up-4ever.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 4474
last-modified: Mon, 06 Jan 2025 12:53:56 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9PtKuhz4p1pIIfbwORILpvIgxTASH%2FXPtCbJJEGZKIpImpiY3bSQuRf6vhK3BtYu%2FJClZMBmwhI7D1vo5gBybtNwNpThkLz6EHmMOu6ohRowPU9FKsvLPtNtADRGlM9JXLmalLE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fdc47cf4fad7127-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=640&min_rtt=439&rtt_var=337&sent=56&recv=14&lost=0&retrans=0&sent_bytes=67422&recv_bytes=1427&delivery_rate=7607705&cwnd=254&unsent_bytes=31856&cid=d9c5fa7edc8afd78&ts=97&x=0"
X-Firefox-Spdy: h2

www.up-4ever.net/assets/img/breadcrumb/breadcrumb-3.png

172.67.216.188

200 OK

31 kB

URL GET HTTP/3
www.up-4ever.net/assets/img/breadcrumb/breadcrumb-3.png
IP
172.67.216.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/i7nlu96zpqh4
Certificate
IssuerGoogle Trust Services
Subjectup-4ever.net
Fingerprint86:B1:07:B1:BA:DF:35:65:36:5A:99:47:51:EE:D8:09:5F:F3:E6:52
ValidityThu, 12 Dec 2024 22:41:12 GMT - Wed, 12 Mar 2025 23:39:00 GMT

File type
HTML document, ASCII text, with very long lines (617)
Size
31 kB (30814 bytes)
Hash
1a76a1467c1c313c2274a747a9edce01
b3020944464b60141bc1831d2a9eaef6c441df16
c8cc9f29b5d789ca7630265cf9a0267c328cb832b5ac98dbed52768b635f91d2

HTTP Headers

GET /assets/img/breadcrumb/breadcrumb-3.png HTTP/1.1
Host: www.up-4ever.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/i7nlu96zpqh4
Cookie: affiliate=umlj85DWxil7%2FgY7FmNkO8tLtfIcV5o8USO9HIbChlUaFCWktoFcAECv%2F5X1uZ8d%2BQkeCQsUCLqxO8T5zYwxwbmYLT8F35Lp4bHs5rI%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 06 Jan 2025 14:08:29 GMT
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
expires: Sun, 05 Jan 2025 14:08:29 GMT
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Mon, 06 Jan 2025 14:08:29 GMT
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kXGdbaKRiaa4dUmoxDb%2B81QKzKpbPnHGVZ%2BvIGEyIg1qY1TWHH4oqN5E5tHjaVlRxdo86yH6%2BsRF2MxJHs0KHPLcOD61RPvxKS8AG9MFepcAFa0dsI6JZ6Yq%2BMot3JITH3Rd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fdc47c8fbe7b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4521&min_rtt=1662&rtt_var=1922&sent=207&recv=30&lost=0&retrans=0&sent_bytes=216980&recv_bytes=7978&delivery_rate=157281&cwnd=124800&unsent_bytes=0&cid=633d2a6be1b18a49&ts=432&x=1", cfExtPri, cfHdrFlush;dur=0

ukankingwithea.com/

104.21.48.1

200 OK

26 B

URL GET HTTP/2
ukankingwithea.com/
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/i7nlu96zpqh4
Certificate
IssuerGoogle Trust Services
Subjectukankingwithea.com
FingerprintE8:14:F0:35:7D:16:C6:75:8B:49:F3:D0:CD:D7:52:BF:0E:4A:BA:B8
ValidityWed, 01 Jan 2025 13:14:55 GMT - Tue, 01 Apr 2025 14:13:37 GMT

File type
ASCII text, with no line terminators
Size
26 B (26 bytes)
Hash
cadd800eb6edc595e744b5d57f87f933
f79626855249b7da81a58666fa94a954fe01909f
390d16ba2aa53c0c12b5459694a15b947616c4c7b8b3e2f9d58a5bfa900deee7

HTTP Headers

GET / HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.up-4ever.net/
Origin: https://www.up-4ever.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 06 Jan 2025 14:08:30 GMT
content-type: text/plain
set-cookie: csu=281481940254135@1@1736172510; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://www.up-4ever.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S6XtQc3R29Du6lcYE%2FrubVj%2F6aVa1LAiBSVqzUbc9kMUkJZMS4dMvE1KoZqLZDIhksPCOc%2Bi1HU%2FLckBBSt%2BkSE6cX%2Ba2jDy92TMNRbTYaKV5hw14wwsJ9Z8ZQH%2FJlp3V6EVRjk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fdc47cf4fa37127-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=626&min_rtt=424&rtt_var=89&sent=163&recv=65&lost=0&retrans=1&sent_bytes=212030&recv_bytes=1427&delivery_rate=27107644&cwnd=153&unsent_bytes=0&cid=d9c5fa7edc8afd78&ts=203&x=0"
X-Firefox-Spdy: h2

www.up-4ever.net/assets/css/style.min.css?ver=5

172.67.216.188

200 OK

362 kB

URL GET HTTP/3
www.up-4ever.net/assets/css/style.min.css?ver=5
IP
172.67.216.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/i7nlu96zpqh4
Certificate
IssuerGoogle Trust Services
Subjectup-4ever.net
Fingerprint86:B1:07:B1:BA:DF:35:65:36:5A:99:47:51:EE:D8:09:5F:F3:E6:52
ValidityThu, 12 Dec 2024 22:41:12 GMT - Wed, 12 Mar 2025 23:39:00 GMT

File type

Size
362 kB (361906 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /assets/css/style.min.css?ver=5 HTTP/1.1
Host: www.up-4ever.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/i7nlu96zpqh4
Cookie: affiliate=umlj85DWxil7%2FgY7FmNkO8tLtfIcV5o8USO9HIbChlUaFCWktoFcAECv%2F5X1uZ8d%2BQkeCQsUCLqxO8T5zYwxwbmYLT8F35Lp4bHs5rI%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 06 Jan 2025 14:08:29 GMT
content-type: text/css
last-modified: Fri, 30 Aug 2024 23:00:38 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 6203
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EukastUztfXgfJVSkSHoC2Uk%2FcWFz9SghWPydcoVLFYqpZKvJDJ4bRw65coawB43lg8T2Cgejmo1X4SLw7Cl7QQzs9EurBcnUcElYWDNyAex8hlTLmOSGCYJPDWwGX%2Bi3rFy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fdc47c8ebc4b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4883&min_rtt=1662&rtt_var=3148&sent=133&recv=25&lost=0&retrans=0&sent_bytes=132536&recv_bytes=7124&delivery_rate=6540761&cwnd=62400&unsent_bytes=0&cid=633d2a6be1b18a49&ts=279&x=1", cfExtPri, cfHdrFlush;dur=0

ukankingwithea.com/

104.21.48.1

200 OK

27 B

URL GET HTTP/2
ukankingwithea.com/
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/i7nlu96zpqh4
Certificate
IssuerGoogle Trust Services
Subjectukankingwithea.com
FingerprintE8:14:F0:35:7D:16:C6:75:8B:49:F3:D0:CD:D7:52:BF:0E:4A:BA:B8
ValidityWed, 01 Jan 2025 13:14:55 GMT - Tue, 01 Apr 2025 14:13:37 GMT

File type
ASCII text, with no line terminators
Size
27 B (27 bytes)
Hash
a56fd1a54c11d966c1db5e551e3bf98d
84dcfa982b8ec5be963acf29a45e1743835e949c
6b0bb7569e1f1970e693e411458e7f7fe653dbb284486bb267e0f9945022e7a6

HTTP Headers

GET / HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.up-4ever.net/
Origin: https://www.up-4ever.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 06 Jan 2025 14:08:30 GMT
content-type: text/plain
set-cookie: csu=1579864409815300@1@1736172510; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://www.up-4ever.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6eEjQYufjaBzd4rzqcQBIUyOV4zcUAG0OZj0rY3dygxkVNpUKsmyo0TOiLQ1e9Bg2UDYgnLhv5yp5DMKGsa2Nz3KQ58GAj44aNfjPAFeJel7Lml4QyJsYIlSYTamliaKWizY1o0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fdc47cf4fb27127-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=652&min_rtt=424&rtt_var=117&sent=165&recv=66&lost=0&retrans=1&sent_bytes=212630&recv_bytes=1427&delivery_rate=27107644&cwnd=154&unsent_bytes=0&cid=d9c5fa7edc8afd78&ts=206&x=0"
X-Firefox-Spdy: h2

www.up-4ever.net/assets/js/popper.min.js

172.67.216.188

200 OK

20 kB

URL GET HTTP/3
www.up-4ever.net/assets/js/popper.min.js
IP
172.67.216.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/i7nlu96zpqh4
Certificate
IssuerGoogle Trust Services
Subjectup-4ever.net
Fingerprint86:B1:07:B1:BA:DF:35:65:36:5A:99:47:51:EE:D8:09:5F:F3:E6:52
ValidityThu, 12 Dec 2024 22:41:12 GMT - Wed, 12 Mar 2025 23:39:00 GMT

File type
JavaScript source, ASCII text, with very long lines (20033)
Size
20 kB (20122 bytes)
Hash
31032b08bd8e72220462d3f54f8bd69a
871d6ef1070bd363ea390e0c8c384e47dce7f389
c212f4b505a86352aed62b24a8f16f999f821ecbe6456c7f3c8a04bc87968782

HTTP Headers

GET /assets/js/popper.min.js HTTP/1.1
Host: www.up-4ever.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/i7nlu96zpqh4
Cookie: affiliate=umlj85DWxil7%2FgY7FmNkO8tLtfIcV5o8USO9HIbChlUaFCWktoFcAECv%2F5X1uZ8d%2BQkeCQsUCLqxO8T5zYwxwbmYLT8F35Lp4bHs5rI%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 06 Jan 2025 14:08:29 GMT
content-type: text/javascript
last-modified: Sun, 21 Jan 2024 01:17:04 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 4221
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nEz1oTmhaZ2fb%2B27nXRp%2Boc2Murbz%2FlgTBabG%2BGtOMDfPIuNHG9%2BL7iNQ5J0L%2BL0SP3ZPOsvdyiiI39tUsVSRraVpji%2FBngKTANyjEkTKvtIpwZmI2%2BWrFRBDoI3YoTfvEBA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fdc47c8ebbdb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7055&min_rtt=1662&rtt_var=3449&sent=46&recv=16&lost=0&retrans=0&sent_bytes=36601&recv_bytes=5330&delivery_rate=49137&cwnd=24000&unsent_bytes=0&cid=633d2a6be1b18a49&ts=267&x=1", cfExtPri, cfHdrFlush;dur=0

ukankingwithea.com/asd100.bin

104.21.48.1

200 OK

102 kB

URL GET HTTP/2
ukankingwithea.com/asd100.bin
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/i7nlu96zpqh4
Certificate
IssuerGoogle Trust Services
Subjectukankingwithea.com
FingerprintE8:14:F0:35:7D:16:C6:75:8B:49:F3:D0:CD:D7:52:BF:0E:4A:BA:B8
ValidityWed, 01 Jan 2025 13:14:55 GMT - Tue, 01 Apr 2025 14:13:37 GMT

File type
data
Size
102 kB (102400 bytes)
Hash
4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

HTTP Headers

GET /asd100.bin HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.up-4ever.net/
Origin: https://www.up-4ever.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 06 Jan 2025 14:08:30 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://www.up-4ever.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 4474
last-modified: Mon, 06 Jan 2025 12:53:56 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ioGlljElynHbqU6no5uNsVDjwC%2FdGMlQFoKZL%2FcCfUAtkRiyjPoLsWMBZIX28J1JzjsunMBSXR3WYJiMgTXvczg%2FhrHMZjrVSxdVcqF8WOWZZ4inl5Xdaw0vDdv1uKXIEO%2FUbJY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fdc47cf4f9c7127-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=640&min_rtt=439&rtt_var=337&sent=9&recv=14&lost=0&retrans=0&sent_bytes=3294&recv_bytes=1427&delivery_rate=7607705&cwnd=254&unsent_bytes=0&cid=d9c5fa7edc8afd78&ts=96&x=0"
X-Firefox-Spdy: h2

accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AeZLP98rlsVJL2InYEc8Qg8tfeeTPr3P77b1JLa9dFQaLesVnxs_pKwbJD5tUsUr2TXzeyPoUrL-yw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1829417634%3A1736172510903438&ddm=1

142.251.9.84

403 Forbidden

0 B

URL GET HTTP/3
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AeZLP98rlsVJL2InYEc8Qg8tfeeTPr3P77b1JLa9dFQaLesVnxs_pKwbJD5tUsUr2TXzeyPoUrL-yw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1829417634%3A1736172510903438&ddm=1
IP
142.251.9.84:443
ASN
#15169 GOOGLE

Requested by
https://www.up-4ever.net/i7nlu96zpqh4
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint36:7C:F6:D0:DA:DB:45:E1:80:A6:76:D2:C1:A5:38:1A:0B:8D:99:4E
ValidityMon, 02 Dec 2024 08:35:57 GMT - Mon, 24 Feb 2025 08:35:56 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AeZLP98rlsVJL2InYEc8Qg8tfeeTPr3P77b1JLa9dFQaLesVnxs_pKwbJD5tUsUr2TXzeyPoUrL-yw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1829417634%3A1736172510903438&ddm=1 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.up-4ever.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 06 Jan 2025 14:08:31 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-1dIe651Ngw89GR_kEyEhpA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
content-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://www.google.com/recaptcha/api.js https://translate.google.com/translate_a/element.js https://ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.google.com/tools/feedback/open_to_help_guide_lazy.js https://www.google.com/tools/feedback/help_api.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.google.com/tools/feedback/chat_load.js https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/feedback/js/ghelp/ https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.1PNB2j8wR4U.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/ https://translate.googleapis.com/_/translate_http/_/js/ https://www.gstatic.com/recaptcha/releases/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.up-4ever.net/assets/js/alphinejs.min.js

172.67.216.188

200 OK

44 kB

URL GET HTTP/3
www.up-4ever.net/assets/js/alphinejs.min.js
IP
172.67.216.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/i7nlu96zpqh4
Certificate
IssuerGoogle Trust Services
Subjectup-4ever.net
Fingerprint86:B1:07:B1:BA:DF:35:65:36:5A:99:47:51:EE:D8:09:5F:F3:E6:52
ValidityThu, 12 Dec 2024 22:41:12 GMT - Wed, 12 Mar 2025 23:39:00 GMT

File type
JavaScript source, ASCII text, with very long lines (37086)
Size
44 kB (43976 bytes)
Hash
6341ca60a3790b37fb046e6cded71afe
d5f1b32f86fa5b172cae593691a22e1584fa691f
5bdc5d6356b4364d902406552c8195a89e878861bcf75183165ef80d2a295ae2

HTTP Headers

GET /assets/js/alphinejs.min.js HTTP/1.1
Host: www.up-4ever.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/i7nlu96zpqh4
Cookie: affiliate=umlj85DWxil7%2FgY7FmNkO8tLtfIcV5o8USO9HIbChlUaFCWktoFcAECv%2F5X1uZ8d%2BQkeCQsUCLqxO8T5zYwxwbmYLT8F35Lp4bHs5rI%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 06 Jan 2025 14:08:29 GMT
content-type: text/javascript
last-modified: Mon, 18 Mar 2024 01:03:38 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 4222
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0kg5eKiTb1PJ5Nf56FmzpctUE%2B2K%2BTzsQLImdMEwCvk%2BSaSybIc5%2FgL80i85bgRemJH9zMxpLLunza8aFxBDD7RJeOEW1fuZLuAdinL8Dy7NzD%2Fzem9Xt2MVpBnyXQjfol%2Ft"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fdc47c8dbaab4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6992&min_rtt=1662&rtt_var=4430&sent=15&recv=10&lost=0&retrans=0&sent_bytes=4147&recv_bytes=2673&delivery_rate=357230&cwnd=12000&unsent_bytes=0&cid=633d2a6be1b18a49&ts=258&x=1", cfExtPri, cfHdrFlush;dur=0

www.up-4ever.net/assets/img/breadcrumb/breadcrumb-3.png

172.67.216.188

200 OK

116 kB

URL GET HTTP/3
www.up-4ever.net/assets/img/breadcrumb/breadcrumb-3.png
IP
172.67.216.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/i7nlu96zpqh4
Certificate
IssuerGoogle Trust Services
Subjectup-4ever.net
Fingerprint86:B1:07:B1:BA:DF:35:65:36:5A:99:47:51:EE:D8:09:5F:F3:E6:52
ValidityThu, 12 Dec 2024 22:41:12 GMT - Wed, 12 Mar 2025 23:39:00 GMT

File type

Size
116 kB (115599 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /assets/img/breadcrumb/breadcrumb-3.png HTTP/1.1
Host: www.up-4ever.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/i7nlu96zpqh4
Cookie: affiliate=umlj85DWxil7%2FgY7FmNkO8tLtfIcV5o8USO9HIbChlUaFCWktoFcAECv%2F5X1uZ8d%2BQkeCQsUCLqxO8T5zYwxwbmYLT8F35Lp4bHs5rI%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 06 Jan 2025 14:08:30 GMT
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
expires: Sun, 05 Jan 2025 14:08:30 GMT
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Mon, 06 Jan 2025 14:08:30 GMT
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dz0ZQnJbnTpHt7QMSx%2FtFqGQ7iHt93hoyORJgYtoJFZfiPJlx8x6s33Al5HaAqAn9Nl35GEwXOmMr7PTTGqDcYXZJxIwfJZTxY89b37Qrdt65sII5gGnQHu8YHV1P1vmzHko"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fdc47cb4e7eb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3452&min_rtt=1103&rtt_var=2444&sent=257&recv=36&lost=0&retrans=1&sent_bytes=268687&recv_bytes=8960&delivery_rate=4460&cwnd=124800&unsent_bytes=0&cid=633d2a6be1b18a49&ts=709&x=1", cfExtPri, cfHdrFlush;dur=0

www.up-4ever.net/assets/js/main.js?ver=2

172.67.216.188

200 OK

671 B

URL GET HTTP/3
www.up-4ever.net/assets/js/main.js?ver=2
IP
172.67.216.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.up-4ever.net/i7nlu96zpqh4
Certificate
IssuerGoogle Trust Services
Subjectup-4ever.net
Fingerprint86:B1:07:B1:BA:DF:35:65:36:5A:99:47:51:EE:D8:09:5F:F3:E6:52
ValidityThu, 12 Dec 2024 22:41:12 GMT - Wed, 12 Mar 2025 23:39:00 GMT

File type
ASCII text, with very long lines (691), with no line terminators
Size
671 B (671 bytes)
Hash
16828430f03c80f9dad89060d159bafb
7cd1ea11557722960d139a7f24597fdeacb75b23
44cea43bc8e9e0eecad1cbbde58338cbbb783e75a4ed645fe35fd0370e3cc6d9

HTTP Headers

GET /assets/js/main.js?ver=2 HTTP/1.1
Host: www.up-4ever.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/i7nlu96zpqh4
Cookie: affiliate=umlj85DWxil7%2FgY7FmNkO8tLtfIcV5o8USO9HIbChlUaFCWktoFcAECv%2F5X1uZ8d%2BQkeCQsUCLqxO8T5zYwxwbmYLT8F35Lp4bHs5rI%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 06 Jan 2025 14:08:29 GMT
content-type: text/javascript
last-modified: Fri, 05 Jul 2024 13:17:38 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 4221
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ox3ELpeo8C45wYUiNulybazKh6djzgDJBj7LhocncLPWtGMSJl0vc5yDH%2BNelWsm0%2BZjAco1Q6Sww7FEsRR32qaOikI4OH2mM5aYDWU8IGH0OArOvrZ00dxqzDr0T23HKEQ5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fdc47c90bfeb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4489&min_rtt=1662&rtt_var=3147&sent=204&recv=27&lost=0&retrans=0&sent_bytes=215064&recv_bytes=7529&delivery_rate=5073314&cwnd=124800&unsent_bytes=0&cid=633d2a6be1b18a49&ts=293&x=1", cfExtPri, cfHdrFlush;dur=0

ashasvsucoce.com/YTMyUUoAUVE8dQAOUHc/E18PdHgnFgAXLg5VCysuWF8AaHoMSRwyJg5GVjc4Dl1GfyQERxdjDChRSBsmLGQKHBIwR2oECBVRcwAyBGtFFy4gXwc0DCNldhItCmN3OhM4YmcyHCl1QRoYIHF2ABsna3cDKSd7dGEGMGV7Yx8nZWYaeztne2MmK3QCNggldQsbEgZhVBIMKGZzF3IsZlUfDjRyQR8OUHZqFjJYV3Y2PS5wAgACMkRBFhIJV3sCGBFnZRc9IHVkIgA5YgcaCyJ+dwAcWWtkJgwpdUUfHyd1RSUMUFBwED07UHcUJiprYxguImVZJggnHncEEiIDagc9JFd1Ay42UHQLECl1ZwgZDQNxECYwfnAXeyBySz0uIF9jExJQB3EHCDNXamAbLGJFPgA5YQIEEjJYfgQyWFVhBC44cnN3IBJcXCF3OFECMw5YUnQJ

13.227.219.25

200 OK

3.0 kB

URL GET HTTP/2
ashasvsucoce.com/YTMyUUoAUVE8dQAOUHc/E18PdHgnFgAXLg5VCysuWF8AaHoMSRwyJg5GVjc4Dl1GfyQERxdjDChRSBsmLGQKHBIwR2oECBVRcwAyBGtFFy4gXwc0DCNldhItCmN3OhM4YmcyHCl1QRoYIHF2ABsna3cDKSd7dGEGMGV7Yx8nZWYaeztne2MmK3QCNggldQsbEgZhVBIMKGZzF3IsZlUfDjRyQR8OUHZqFjJYV3Y2PS5wAgACMkRBFhIJV3sCGBFnZRc9IHVkIgA5YgcaCyJ+dwAcWWtkJgwpdUUfHyd1RSUMUFBwED07UHcUJiprYxguImVZJggnHncEEiIDagc9JFd1Ay42UHQLECl1ZwgZDQNxECYwfnAXeyBySz0uIF9jExJQB3EHCDNXamAbLGJFPgA5YQIEEjJYfgQyWFVhBC44cnN3IBJcXCF3OFECMw5YUnQJ
IP
13.227.219.25:443
ASN
#16509 AMAZON-02

Requested by
https://www.up-4ever.net/i7nlu96zpqh4
Certificate
IssuerAmazon
Subjectashasvsucoce.com
Fingerprint92:FC:E8:9D:A6:92:87:46:1E:AB:7A:78:FC:98:BA:CB:9E:A7:06:08
ValidityWed, 13 Nov 2024 00:00:00 GMT - Fri, 12 Dec 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (3067), with no line terminators
Size
3.0 kB (3041 bytes)
Hash
03a986c3fd956ef13b042a017c2dd070
ca140a43d8ec414e0229b5530c3c5cd8c82f8708
76c9c9474de326502a79e938f9bb1d8dd85a905b4f39ab85c55ab476a758fb9f

HTTP Headers

GET /YTMyUUoAUVE8dQAOUHc/E18PdHgnFgAXLg5VCysuWF8AaHoMSRwyJg5GVjc4Dl1GfyQERxdjDChRSBsmLGQKHBIwR2oECBVRcwAyBGtFFy4gXwc0DCNldhItCmN3OhM4YmcyHCl1QRoYIHF2ABsna3cDKSd7dGEGMGV7Yx8nZWYaeztne2MmK3QCNggldQsbEgZhVBIMKGZzF3IsZlUfDjRyQR8OUHZqFjJYV3Y2PS5wAgACMkRBFhIJV3sCGBFnZRc9IHVkIgA5YgcaCyJ+dwAcWWtkJgwpdUUfHyd1RSUMUFBwED07UHcUJiprYxguImVZJggnHncEEiIDagc9JFd1Ay42UHQLECl1ZwgZDQNxECYwfnAXeyBySz0uIF9jExJQB3EHCDNXamAbLGJFPgA5YQIEEjJYfgQyWFVhBC44cnN3IBJcXCF3OFECMw5YUnQJ HTTP/1.1
Host: ashasvsucoce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.up-4ever.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html
content-length: 1192
date: Mon, 06 Jan 2025 14:08:30 GMT
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
set-cookie: AWSALB=sIxB+FEZZZnrmyHGyXNuCZRF+cqnwGfrqbSJ7w2Dgbp6gDgtYcMopFhZo0iquUF00CSMjxjKmgA6vE7H9njcDBXGnp97M7TmBzUoKF/Cc69d0XC5fyIhDlyCZS0z; Expires=Mon, 13 Jan 2025 14:08:30 GMT; Path=/
AWSALBCORS=sIxB+FEZZZnrmyHGyXNuCZRF+cqnwGfrqbSJ7w2Dgbp6gDgtYcMopFhZo0iquUF00CSMjxjKmgA6vE7H9njcDBXGnp97M7TmBzUoKF/Cc69d0XC5fyIhDlyCZS0z; Expires=Mon, 13 Jan 2025 14:08:30 GMT; Path=/; SameSite=None
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 1d1fb1f8e5e923ef7208b5a427d25d5c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: iewdt5rC2vsEPLoox9n1CbzXoXojmobaXkMepLXQ8PPujbo9F89H_Q==
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (21)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL