nuuuppp.sbs Open in urlscan Pro
172.67.145.192  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

• https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
• https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKV5Mgkf0bd_CBjxxvmq54j6Ez82-Be_BRmjOVA5HYB9ZemjaiykharAlBYxHlACo5fSiMWS-ZkvQ HTTP 302
• https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKV5MiLqR5wuq47kG69O5jUYzdT55__mXeDCuHmbYEutWedXr_mCcl0uzBaSbl069W-M3lEt229MA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-770160516%3A1748149344898081

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request 0.91096980935474 Show response nuuuppp.sbs/watch/	46 KB 19 KB	686ms 438ms	Document text/html	172.67.145.192 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nuuuppp.sbs/watch/0.91096980935474 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.145.192 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fe8780b1342a63dadd2ff3d491fb58b0fa9747778c51d22a88645b491b7a051d Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 apacheserver true cf-cache-status DYNAMIC cf-ray 94527ae2abbc521a-LAX content-encoding zstd content-type text/html; charset=UTF-8 date Sun, 25 May 2025 05:02:20 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0oJMCLIo9bEemLxpuevrKEF5%2BQKtNZ9KM6%2Fk%2Fn8zDjZKuvZxCbAGJ61R0Hud%2BG8zWOc4%2F8qMoWG5FFIGH7Cdrdde6mh3CKczHODalVg8iHl%2Bw2XzTXBckk2KlSp7JQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=69637&min_rtt=69196&rtt_var=8893&sent=14&recv=12&lost=1&retrans=0&sent_bytes=3737&recv_bytes=3389&delivery_rate=1370336&cwnd=15464&unsent_bytes=0&cid=0565b86dc25ef029&ts=586&x=92" vary Accept-Encoding
GET H2	200	r2cr6BE6.js Show response content.jwplatform.com/libraries/	153 KB 55 KB	516ms 171ms	Script text/javascript	2600:9000:2209:4200:1:a3fa:7cc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://content.jwplatform.com/libraries/r2cr6BE6.js Requested by Host: nuuuppp.sbs URL: https://nuuuppp.sbs/watch/0.91096980935474 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2209:4200:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software gunicorn / Resource Hash eec96983857a13b132c3df1dddc08db8ef7d1155dc9cd1c590066a800b558fec Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://nuuuppp.sbs/ Response headers x-robots-tag none, indexifembedded cache-control max-age=180 content-encoding gzip age 8 via 1.1 52b969a4ab7956a248b07efba57c92a4.cloudfront.net (CloudFront) access-control-allow-origin * x-cache Hit from cloudfront x-amz-cf-id KahV5RYb7P43FcXyPbDO7TvdEM6vEpvpIpq5qc_ugDUdSsYmlC63jg== date Sun, 25 May 2025 05:02:13 GMT content-type text/javascript; charset=utf-8 vary Accept-Encoding server gunicorn x-amz-cf-pop EWR53-P1
GET H3	200	jquery.js Show response nuuuppp.sbs/	80 KB 30 KB	100ms 99ms	Script application/javascript	172.67.145.192 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nuuuppp.sbs/jquery.js Requested by Host: nuuuppp.sbs URL: https://nuuuppp.sbs/watch/0.91096980935474 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.145.192 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 64f10a08b5f1c6003510c48885a8e3ce5aa130d5a71d3187abae01a08b54f64d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://nuuuppp.sbs/watch/0.91096980935474 Response headers content-encoding zstd cf-cache-status HIT etag W/"63ebf67c-13fb9" age 222012 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uxsxaPUsZW9pI2oL5SgCgy%2FFfj5v0wYYYxf0IM2UZIeJL5JZFEOvBXGB0AJGoqZwDGoiXHQY59zNfdX3T8uPqR1oapQECBEfzVpmgeNnOZgk4iRyc0M6oDIAIJHEUg%3D%3D"}],"group":"cf-nel","max_age":604800} expires Sun, 25 May 2025 15:22:08 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=76241&min_rtt=69196&rtt_var=6076&sent=39&recv=26&lost=7&retrans=5&sent_bytes=29989&recv_bytes=4322&delivery_rate=1370740&cwnd=31023&unsent_bytes=0&cid=0565b86dc25ef029&ts=822&x=92" date Sun, 25 May 2025 05:02:21 GMT content-type application/javascript last-modified Tue, 14 Feb 2023 21:00:44 GMT vary Accept-Encoding nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cache-control max-age=259200 cf-ray 94527ae64c11521a-LAX server cloudflare
GET H/1.1	200 OK	mevkol Show response aqlr.azkwwrejomzjm.top/klbawqovqkyqr/	5 B 1 KB	744ms 104ms	Script application/javascript	173.237.68.76 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://aqlr.azkwwrejomzjm.top/klbawqovqkyqr/mevkol?d=1 Requested by Host: nuuuppp.sbs URL: https://nuuuppp.sbs/watch/0.91096980935474 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 173.237.68.76 , United States, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash cc5a5851251dd8052292557ba0231c51363ff1474f60b7a4af3be144cb1327c8 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://nuuuppp.sbs/ Response headers Access-Control-Max-Age 600 Content-Encoding gzip Access-Control-Allow-Methods GET, POST, OPTIONS X-Content-Type-Options nosniff Keep-Alive timeout=20 Date Sun, 25 May 2025 05:02:22 GMT Content-Type application/javascript; charset=utf-8 Vary Accept-Encoding Access-Control-Allow-Headers content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires Transfer-Encoding chunked Strict-Transport-Security max-age=1 Accept-ch sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list Connection keep-alive Access-Control-Allow-Credentials true Access-Control-Allow-Origin https://nuuuppp.sbs Server nginx
GET H2	200	a3523db3a9627206807e2da2c664cbe4.js Show response 9f0a9a8621.effe2f62ae.com/	122 KB 38 KB	519ms 77ms	Script application/javascript	45.133.44.52 ADVANCEDHOSTERS-A...
General Check archive.org Show headers Download Go to Full URL https://9f0a9a8621.effe2f62ae.com/a3523db3a9627206807e2da2c664cbe4.js Requested by Host: nuuuppp.sbs URL: https://nuuuppp.sbs/watch/0.91096980935474 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL), Reverse DNS Software nginx/1.18.0 / Resource Hash c72df3d0c56cbd1710375f7b69985ebeba6af49918fcb95e6ff9c90f6936b5f0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Origin https://nuuuppp.sbs Referer https://nuuuppp.sbs/ Response headers cache-control max-age=300 content-encoding gzip etag W/"682733ad-1e97c" expires Sun, 25 May 2025 05:07:22 GMT x-proxy-cache HIT access-control-allow-origin * date Sun, 25 May 2025 05:02:22 GMT content-type application/javascript; charset=utf-8 last-modified Fri, 16 May 2025 12:46:37 GMT server nginx/1.18.0 x-cdn-host-id ds8144
GET H2	200	24970 Show response 9f0a9a8621.effe2f62ae.com/555495149faa9b6ee8f1cdee0a36b0fb/	2 KB 2 KB	113ms 111ms	XHR application/json	45.133.44.52 ADVANCEDHOSTERS-A...
General Check archive.org Show headers Download Go to Full URL https://9f0a9a8621.effe2f62ae.com/555495149faa9b6ee8f1cdee0a36b0fb/24970?version_name=c&domain=nuuuppp.sbs Requested by Host: 9f0a9a8621.effe2f62ae.com URL: https://9f0a9a8621.effe2f62ae.com/a3523db3a9627206807e2da2c664cbe4.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL), Reverse DNS Software nginx/1.18.0 / Resource Hash ef1fed68c956a1985cd1df3ff44cb463dcddc2fc061397e754c8149bc0b8472d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://nuuuppp.sbs/ Response headers cache-control max-age=300 expires Sun, 25 May 2025 05:07:22 GMT x-proxy-cache HIT access-control-allow-origin * date Sun, 25 May 2025 05:02:22 GMT content-type application/json server nginx/1.18.0 x-cdn-host-id ds8144
GET H2	200	advertising.js Show response js.capndr.com/	0 256 B	258ms 86ms	Script application/javascript	45.133.44.53 ADVANCEDHOSTERS-A...
General Check archive.org Show headers Download Go to Full URL https://js.capndr.com/advertising.js Requested by Host: 9f0a9a8621.effe2f62ae.com URL: https://9f0a9a8621.effe2f62ae.com/a3523db3a9627206807e2da2c664cbe4.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL), Reverse DNS Software nginx/1.18.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://nuuuppp.sbs/ Response headers cache-control max-age=300 etag "64b105fd-0" expires Sun, 25 May 2025 05:07:22 GMT x-proxy-cache HIT access-control-allow-origin * content-length 0 date Sun, 25 May 2025 05:02:22 GMT accept-ranges bytes content-type application/javascript; charset=utf-8 last-modified Fri, 14 Jul 2023 08:23:25 GMT server nginx/1.18.0 x-cdn-host-id ds8144
GET H2	204	tags Show response notification.tubecup.net/	0 198 B	886ms 253ms	XHR text/plain	94.130.197.138 HETZNER-AS Hetzne...
General Check archive.org Show headers Download Go to Full URL https://notification.tubecup.net/tags?tag_id=24970&timezone_olson=Pacific/Honolulu&version_name=c&med_script_id=74&page=https%3A//nuuuppp.sbs/watch/0.91096980935474 Requested by Host: 9f0a9a8621.effe2f62ae.com URL: https://9f0a9a8621.effe2f62ae.com/a3523db3a9627206807e2da2c664cbe4.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 94.130.197.138 Bendorf, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE), Reverse DNS static.138.197.130.94.clients.your-server.de Software nginx/1.18.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://nuuuppp.sbs/ Response headers cache-control no-transform, no-cache, no-store, must-revalidate pragma no-cache access-control-allow-methods * access-control-allow-origin * date Sun, 25 May 2025 05:02:23 GMT vary Origin server nginx/1.18.0 access-control-allow-headers Content-Type
GET H2	200	tag.min.js Show response paupsoborofoow.net/	100 KB 42 KB	256ms 91ms	Script application/javascript	104.21.50.180 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://paupsoborofoow.net/tag.min.js Requested by Host: nuuuppp.sbs URL: https://nuuuppp.sbs/watch/0.91096980935474 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.50.180 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7f1a56d473f278998911bea621a90b668158b512fb86f7729024201dfc81ab9a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://nuuuppp.sbs/ Response headers access-control-max-age 86400 content-encoding gzip cf-cache-status HIT age 167 report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=hJiIy%2FVmhlbbubMG5WoK0GUdWaAMBxSoYcPnx0lzmYXrNn7CeodZqdp2Ckog9bGoAkzDEt%2BA3nDalLkFT5cT21%2FXaVXmn%2BhGvGRYGBQeBj9HcQ%3D%3D"}]} access-control-allow-methods GET, POST, OPTIONS alt-svc h3=":443"; ma=86400 date Sun, 25 May 2025 05:02:23 GMT content-type application/javascript last-modified Sun, 25 May 2025 04:59:35 GMT vary accept-encoding access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon nel {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} cache-control public, max-age=600, s-maxage=1800 timing-allow-origin * accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version access-control-allow-credentials true x-trace-id c39e17a62a657f9c841dded2f2373555 cf-ray 94527af2b961cb7e-LAX access-control-allow-origin * server cloudflare
GET		jwpsrv.js ssl.p.jwpcdn.com/player/v/8.37.0/	0 0
GET H2	200	jwplayer.core.controls.js Show response ssl.p.jwpcdn.com/player/v/8.37.0/	328 KB 87 KB	739ms 246ms	Script application/javascript	2a04:4e42:200::626 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ssl.p.jwpcdn.com/player/v/8.37.0/jwplayer.core.controls.js Requested by Host: content.jwplatform.com URL: https://content.jwplatform.com/libraries/r2cr6BE6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 550edc27d67dca94840cd3f849f991097924706443786e4d91f9d4558c24929d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://nuuuppp.sbs/ Response headers content-encoding gzip etag "e8df4566ad2fc2e30684ef5686176044" age 470707 x-cache HIT date Sun, 25 May 2025 05:02:23 GMT last-modified Mon, 19 May 2025 18:00:48 GMT vary Accept-Encoding x-cache-hits 155124 content-type application/javascript x-served-by cache-toj-leto2350048-TOJ cache-control max-age=31536000, immutable x-timer S1748149344.566368,VS0,VE0 via 1.1 varnish accept-ranges bytes access-control-allow-origin * content-length 88562 server AmazonS3
GET		provider.hlsjs.js ssl.p.jwpcdn.com/player/v/8.37.0/	0 0
GET H3	404	favicon.ico nuuuppp.sbs/	10 KB 3 KB	252ms 250ms	Other text/html	172.67.145.192 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nuuuppp.sbs/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.145.192 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 222c1836552387595aedcb78ff7fa3b56b68f0034a1b83ef23395a05ef83548f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://nuuuppp.sbs/watch/0.91096980935474 Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cache-control max-age=14400 content-encoding zstd cf-cache-status EXPIRED report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OfPAxmDWsEJ5vCUcstgLhGwAPR7UvzqV1j0Dj4DE3gL0lNcxhKpUL4G%2FWs%2FaNsNxhHXcA6s0srtuEvSfenBVBT7%2F6z9xaV2aWDw%2BT4kT3opAzaKPBw8%2BhsuqXWtaRg%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 94527af1cc7c521a-LAX alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=81652&min_rtt=69196&rtt_var=3165&sent=93&recv=51&lost=31&retrans=29&sent_bytes=88982&recv_bytes=5907&delivery_rate=1017680&cwnd=66997&unsent_bytes=0&cid=0565b86dc25ef029&ts=2813&x=92" apacheserver true date Sun, 25 May 2025 05:02:23 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding server cloudflare
POST H2	200	/ Show response x3os.com/5/9215342/	4 KB 3 KB	1745ms 1285ms	XHR application/json	139.45.196.64 RETN-AS RETN Limited
General Check archive.org Show headers Download Go to Full URL https://x3os.com/5/9215342/?oo=1&js_build=iclick-v1.1138.0&dmn=paupsoborofoow.net&tt=2&ix=0 Requested by Host: paupsoborofoow.net URL: https://paupsoborofoow.net/tag.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.196.64 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB), Reverse DNS Software nginx / Resource Hash 27a838a621c72d3f6f8923ff90c87715ac49621c121a67dcf9b47d0b7f84d91d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://nuuuppp.sbs/ Response headers access-control-max-age 86400 content-encoding gzip access-control-allow-methods GET, POST, OPTIONS expires Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT date Sun, 25 May 2025 05:02:24 GMT content-type application/json access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon link <https://my.rtmark.net>; rel="preconnect dns-prefetch" cache-control no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0 timing-allow-origin * accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version pragma no-cache, no-cache access-control-allow-credentials true x-trace-id 91786fdb95df5e3fbdd6ebd8ea4d2754 access-control-allow-origin https://nuuuppp.sbs server nginx
GET H3	200	count.html Show response storage.multstorage.com/log/ Frame 19BB	882 B 1 KB	517ms 336ms	Document text/html	172.67.174.51 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://storage.multstorage.com/log/count.html Requested by Host: 9f0a9a8621.effe2f62ae.com URL: https://9f0a9a8621.effe2f62ae.com/a3523db3a9627206807e2da2c664cbe4.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.174.51 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2 Request headers Referer https://nuuuppp.sbs/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 94527af8f92d0905-LAX content-encoding zstd content-type text/html date Sun, 25 May 2025 05:02:24 GMT last-modified Mon, 18 Sep 2023 14:39:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UX%2F2F8Jlut%2B5JEczbFAi9Zjv3P0GpXS3o6iODCaG16QUS1sc43HaYZz6ERDIERvtoPB5irf%2B6KgSCCZdtadMUJ6T4JkcoOdioClPSvkhgNDNMsnBev%2FNgVKiTAvV2sZYcTT1eNhPfX6axw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=88393&min_rtt=73617&rtt_var=20841&sent=10&recv=11&lost=0&retrans=0&sent_bytes=3650&recv_bytes=4577&delivery_rate=180315&cwnd=15622&unsent_bytes=0&cid=0855fb96b34f0e69&ts=428&x=92" vary Accept-Encoding x-request-id 62e9f0e3d8750952a235848d6d617117
GET H2	200	track Show response c713c37a1b.a402304fa2.com/in/	0 225 B	784ms 519ms	XHR text/plain	45.133.44.52 ADVANCEDHOSTERS-A...
General Check archive.org Show headers Download Go to Full URL https://c713c37a1b.a402304fa2.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiI5MDc4NjMyNTQzNDMwODI0MDAwIiwidGltZXpvbmUiOi0xMCwidmVyIjoiMy4xMzkuMCIsInRhZ19pZCI6MjQ5NzAsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTYwMHgxMjAwIiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJQYWNpZmljL0hvbm9sdWx1IiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjEuMTksImlzX3YyIjoxLCJpc192Ml9lbXB0eSI6MH0= Requested by Host: 9f0a9a8621.effe2f62ae.com URL: https://9f0a9a8621.effe2f62ae.com/a3523db3a9627206807e2da2c664cbe4.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL), Reverse DNS Software nginx/1.18.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://nuuuppp.sbs/ Response headers cache-control no-transform, no-cache, no-store, must-revalidate pragma no-cache access-control-allow-methods * access-control-allow-origin * content-length 0 date Sun, 25 May 2025 05:02:24 GMT vary Origin server nginx/1.18.0 x-cdn-host-id ds8144 access-control-allow-headers Content-Type
GET H2	200	3ef125e4f64ceb205f36b037e1b8ed12.js Show response 9f0a9a8621.effe2f62ae.com/	201 KB 56 KB	244ms 71ms	Script application/javascript	45.133.44.52 ADVANCEDHOSTERS-A...
General Check archive.org Show headers Download Go to Full URL https://9f0a9a8621.effe2f62ae.com/3ef125e4f64ceb205f36b037e1b8ed12.js Requested by Host: 9f0a9a8621.effe2f62ae.com URL: https://9f0a9a8621.effe2f62ae.com/a3523db3a9627206807e2da2c664cbe4.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL), Reverse DNS Software nginx/1.18.0 / Resource Hash ed857c9bd91294184e66335d7359a2ac418f4bdb97055e00964ae5524c8345b0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://nuuuppp.sbs/ Response headers cache-control max-age=300 content-encoding gzip etag W/"68230761-325b8" expires Sun, 25 May 2025 05:07:24 GMT x-proxy-cache HIT access-control-allow-origin * date Sun, 25 May 2025 05:02:24 GMT content-type application/javascript; charset=utf-8 last-modified Tue, 13 May 2025 08:48:33 GMT server nginx/1.18.0 x-cdn-host-id ds8144
POST H/1.1	200 OK	fp Show response fp.metricswpsh.com/	60 B 429 B	665ms 221ms	XHR application/json	157.90.84.242 HETZNER-AS Hetzne...
General Check archive.org Show headers Download Go to Full URL https://fp.metricswpsh.com/fp?tag_id=24970 Requested by Host: 9f0a9a8621.effe2f62ae.com URL: https://9f0a9a8621.effe2f62ae.com/a3523db3a9627206807e2da2c664cbe4.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 157.90.84.242 Ismaning, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE), Reverse DNS static.242.84.90.157.clients.your-server.de Software nginx/1.20.1 / Resource Hash 3f20f4c133f75fcbeef8409955053fec64a0f7b11915163262882fd1d507d37d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Content-Type application/json;charset=UTF-8 Referer https://nuuuppp.sbs/ Response headers Connection keep-alive Access-Control-Allow-Credentials true Access-Control-Allow-Origin https://nuuuppp.sbs Content-Length 60 Date Sun, 25 May 2025 05:02:25 GMT Content-Type application/json; charset=UTF-8 Vary Origin Server nginx/1.20.1
OPTIONS H/1.1	204 No Content	fp fp.metricswpsh.com/ Frame	0 0	708ms 228ms	Preflight	157.90.84.242 HETZNER-AS Hetzne...
General Check archive.org Show headers Download Go to Full URL https://fp.metricswpsh.com/fp?tag_id=24970 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 157.90.84.242 Ismaning, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE), Reverse DNS static.242.84.90.157.clients.your-server.de Software nginx/1.20.1 / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://nuuuppp.sbs Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Response headers Access-Control-Allow-Credentials true Access-Control-Allow-Headers content-type Access-Control-Allow-Methods GET,HEAD,PUT,PATCH,POST,DELETE Access-Control-Allow-Origin https://nuuuppp.sbs Connection keep-alive Date Sun, 25 May 2025 05:02:24 GMT Server nginx/1.20.1 Vary Origin Access-Control-Request-Method Access-Control-Request-Headers
GET		identifier accounts.google.com/v3/signin/ Redirect Chain https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKV5Mgkf0bd_CBjxxvmq54j6Ez82-Be_BRmjOVA5HYB9ZemjaiykharAlBYx... https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKV5MiLqR5wuq47kG69O5jUYzdT55__mXeDCuHmbYEutWedXr_mCcl0uzBaSbl069W-M3lEt229MA&passive...	0 0
GET H2	200	f0853f77354e0550f34f5ace3afd18d4.js Show response 9f0a9a8621.effe2f62ae.com/	549 KB 131 KB	84ms 84ms	Script application/javascript	45.133.44.52 ADVANCEDHOSTERS-A...
General Check archive.org Show headers Download Go to Full URL https://9f0a9a8621.effe2f62ae.com/f0853f77354e0550f34f5ace3afd18d4.js Requested by Host: 9f0a9a8621.effe2f62ae.com URL: https://9f0a9a8621.effe2f62ae.com/3ef125e4f64ceb205f36b037e1b8ed12.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL), Reverse DNS Software nginx/1.18.0 / Resource Hash d91a99d6e095ec295badd90e1bfb73366bbdb749b90061d8d44246709a138624 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://nuuuppp.sbs/ Response headers cache-control max-age=300 content-encoding gzip etag W/"6823075a-89473" expires Sun, 25 May 2025 05:07:24 GMT x-proxy-cache HIT access-control-allow-origin * date Sun, 25 May 2025 05:02:24 GMT content-type application/javascript; charset=utf-8 last-modified Tue, 13 May 2025 08:48:26 GMT server nginx/1.18.0 x-cdn-host-id ds8144
GET H2	200	dip Show response nereserv.com/in/	0 201 B	762ms 226ms	XHR text/plain	167.235.163.216 HETZNER-AS Hetzne...
General Check archive.org Show headers Download Go to Full URL https://nereserv.com/in/dip?site=native-push&wl=0&event_id=8baae8a5-ccb6-4ce5-99ea-63312fcaafb4&subid=898067684&sid=1277931107&spot_id=372362&created_at=2025-05-24&timezone=-10&ver=8.226.0&is_native=1 Requested by Host: 9f0a9a8621.effe2f62ae.com URL: https://9f0a9a8621.effe2f62ae.com/3ef125e4f64ceb205f36b037e1b8ed12.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 167.235.163.216 Bühl, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE), Reverse DNS static.216.163.235.167.clients.your-server.de Software nginx/1.20.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://nuuuppp.sbs/ Response headers cache-control no-transform, no-cache, no-store, must-revalidate pragma no-cache access-control-allow-methods * access-control-allow-origin * content-length 0 date Sun, 25 May 2025 05:02:25 GMT vary Origin server nginx/1.20.1 access-control-allow-headers Content-Type
POST		multy 8b77d90e45.1b60887cd1.com/in/	0 0
OPTIONS H2	204	multy 8b77d90e45.1b60887cd1.com/in/ Frame	0 0	815ms 228ms	Preflight	2a01:4f8:1060:13eb::2 HETZNER-AS Hetzne...
General Check archive.org Show headers Download Go to Full URL https://8b77d90e45.1b60887cd1.com/in/multy Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a01:4f8:1060:13eb::2 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE), Reverse DNS Software nginx/1.20.1 / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://nuuuppp.sbs Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Response headers access-control-allow-headers Content-Type access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate date Sun, 25 May 2025 05:02:25 GMT pragma no-cache server nginx/1.20.1 vary Origin
GET		gid.js my.rtmark.net/	0 0
POST		multy ntvpforever.com/in/	0 0
OPTIONS H2	204	multy ntvpforever.com/in/ Frame	0 0	246ms 221ms	Preflight	167.235.163.216 HETZNER-AS Hetzne...
General Check archive.org Show headers Download Go to Full URL https://ntvpforever.com/in/multy Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 167.235.163.216 Bühl, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE), Reverse DNS static.216.163.235.167.clients.your-server.de Software nginx/1.20.1 / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://nuuuppp.sbs Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Response headers access-control-allow-headers Content-Type access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate date Sun, 25 May 2025 05:02:25 GMT pragma no-cache server nginx/1.20.1 vary Origin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

ssl.p.jwpcdn.com

URL

https://ssl.p.jwpcdn.com/player/v/8.37.0/jwpsrv.js

Domain

ssl.p.jwpcdn.com

URL

https://ssl.p.jwpcdn.com/player/v/8.37.0/provider.hlsjs.js

Domain

accounts.google.com

URL

https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKV5MiLqR5wuq47kG69O5jUYzdT55__mXeDCuHmbYEutWedXr_mCcl0uzBaSbl069W-M3lEt229MA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-770160516%3A1748149344898081

Domain

8b77d90e45.1b60887cd1.com

URL

https://8b77d90e45.1b60887cd1.com/in/multy

Domain

my.rtmark.net

URL

https://my.rtmark.net/gid.js?userId=0081d42dcfad4361e400265e335605cd

Domain

ntvpforever.com

URL

https://ntvpforever.com/in/multy

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| jwDefaults object| webpackChunkjwplayer object| __core-js_shared__ object| core function| jwplayer function| _0x44e38d function| _0xd709a3 function| _0x139b59 function| _0x34072b function| _0x3a2f9e boolean| isadb function| _0x226a5d object| pjquery object| _0x474bd7 object| _0x15b9c3 object| _0x4bc669 object| _0x553ddb function| _0x283678 object| mjquery object| _0x488847 object| _0x3a482a function| _0x140438 function| _0x3cbc object| _0x3cb38e object| _0x25c0ab object| _0x3c4f2b object| ppjquery1 function| _0x520283 function| _0x4268 object| _0x1f28d0 object| pmjquery1 object| _0x274d60 function| _0x55686a object| ppjquery2 object| _0x64874b object| pmjquery2 function| _0x4c74d4 object| _0x5903 function| checkjsaouj boolean| openajksa object| CEygjmZCm function| _0x42da function| _0x242c4b number| minimalUserResponseInMiliseconds function| check function| _0x5292 function| _0x2730 function| _0x47f9d4 function| _0x36f3 string| keDDpHI string| t string| timeo number| inte function| playerdown function| R function| X function| hdfsgf function| removecl function| nextaddsg object| now object| nowd function| getfg number| interhs number| dateey boolean| jfdhsd number| dateex boolean| jfdh number| dfhf object| __adFormats object| __formatsGetters object| _admSptsInVw object| AdManager object| a3klsam object| player object| tjwnafxl3bm object| zfgformats object| __ds3dcv__ object| i1jaj1t6zz object| zfgstorage function| onClickTrigger boolean| zfgloadedpopup object| activesInpages function| __fp-init object| __inpageSkins boolean| zfgonclickfirst function| _01f0f70uq38x object| syncCallbacks string| isSyncing

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			aqlr.azkwwrejomzjm.top/	1970-01-21 05:37:15	Name: GL_UI4 Value: eJw9jd1Og0AQhZfC0lYLOgkP4COAVkgvjbd9BzLsDnQt7DTLlurbu5ro1fnJl3OEEKviAaIl3UJ8xVd4Kutujw3Vz81eVXVTlVj1NaoGqTxQ3x9ga%2BbWYzeST2AzT%2Bh865cEdgNZcka1ijVl8Biov%2BZs%2BWYTkJ1DqzOQUyDGDNad49tMroghsTgRpO8nx0HlhB%2FsIK5e6uCNDT4qYcVzEed3II%2FGXj%2FzXSryPBVwfxnR9%2Bym1ugQ5eBQE0RvsFHoaWD3BWtN89nzBYBH3f7zv59y%2FFmDVNNiVIjsT%2BS%2BAcjfTp0%3D
			aqlr.azkwwrejomzjm.top/	1970-01-21 05:37:15	Name: GL_GI10 Value: eJwNzEEOgjAQBdDOLGgkGvMjB%2BAERBHZG%2FQEDQcgUEkTMm3a6vll9XZPKcXVEewCzre%2Bbdru0bTXfrcDreDRgGfBaRSX7VKbPGWbQBE8PMFRUA7T5j4%2BiptAM8r3Vhu7fmXxIAft7q9GbAZLwmHwMfi4D6BQEDh7rcFpqRToV1z%2BjmEgeg%3D%3D
			fp.metricswpsh.com/	1970-01-21 14:21:25	Name: id Value: 88990208944007573
			x3os.com/	1970-01-21 14:21:25	Name: OAID Value: 0081d42dcfad4361e400265e335605cd
			x3os.com/	1970-01-21 14:21:25	Name: oaidts Value: 1748149344

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://nuuuppp.sbs/watch/0.91096980935474 Message: [GroupMarkerNotSet(crbug.com/242999)!:A02038044C020000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network	error	URL: https://nuuuppp.sbs/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
rendering	warning	URL: https://nuuuppp.sbs/watch/0.91096980935474 Message: [GroupMarkerNotSet(crbug.com/242999)!:A030F8084C020000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://nuuuppp.sbs/watch/0.91096980935474 Message: [GroupMarkerNotSet(crbug.com/242999)!:A02069044C020000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://nuuuppp.sbs/watch/0.91096980935474 Message: [GroupMarkerNotSet(crbug.com/242999)!:A0403B044C020000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8b77d90e45.1b60887cd1.com
9f0a9a8621.effe2f62ae.com
accounts.google.com
aqlr.azkwwrejomzjm.top
c713c37a1b.a402304fa2.com
content.jwplatform.com
fp.metricswpsh.com
js.capndr.com
my.rtmark.net
nereserv.com
notification.tubecup.net
ntvpforever.com
nuuuppp.sbs
paupsoborofoow.net
ssl.p.jwpcdn.com
storage.multstorage.com
x3os.com
8b77d90e45.1b60887cd1.com
accounts.google.com
my.rtmark.net
ntvpforever.com
ssl.p.jwpcdn.com
104.21.50.180
139.45.196.64
157.90.84.242
167.235.163.216
172.67.145.192
172.67.174.51
173.237.68.76
2600:9000:2209:4200:1:a3fa:7cc0:93a1
2a01:4f8:1060:13eb::2
2a04:4e42:200::626
45.133.44.52
45.133.44.53
94.130.197.138
222c1836552387595aedcb78ff7fa3b56b68f0034a1b83ef23395a05ef83548f
27a838a621c72d3f6f8923ff90c87715ac49621c121a67dcf9b47d0b7f84d91d
3f20f4c133f75fcbeef8409955053fec64a0f7b11915163262882fd1d507d37d
550edc27d67dca94840cd3f849f991097924706443786e4d91f9d4558c24929d
64f10a08b5f1c6003510c48885a8e3ce5aa130d5a71d3187abae01a08b54f64d
7f1a56d473f278998911bea621a90b668158b512fb86f7729024201dfc81ab9a
8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2
c72df3d0c56cbd1710375f7b69985ebeba6af49918fcb95e6ff9c90f6936b5f0
cc5a5851251dd8052292557ba0231c51363ff1474f60b7a4af3be144cb1327c8
d91a99d6e095ec295badd90e1bfb73366bbdb749b90061d8d44246709a138624
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed857c9bd91294184e66335d7359a2ac418f4bdb97055e00964ae5524c8345b0
eec96983857a13b132c3df1dddc08db8ef7d1155dc9cd1c590066a800b558fec
ef1fed68c956a1985cd1df3ff44cb463dcddc2fc061397e754c8149bc0b8472d
fe8780b1342a63dadd2ff3d491fb58b0fa9747778c51d22a88645b491b7a051d