nuuuppp.sbs Open in urlscan Pro
172.67.145.192  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://nuuuppp.sbs/watch/0.738114748083531 Page URL
2. https://nuuuppp.sbs/watch/0.738114748083531?redi=true&ref=none&wa=0 Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	0.738114748083531 Show response nuuuppp.sbs/watch/	46 KB 19 KB	500ms 418ms	Document text/html	172.67.145.192 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nuuuppp.sbs/watch/0.738114748083531 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.145.192 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash adbf61dcaee76d2ea56fbf776b4eb025a519ea3e323fc0786b4dd813d07c37d4 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 apacheserver true cf-cache-status DYNAMIC cf-ray 946aee075babf7bf-LAX content-encoding zstd content-type text/html; charset=UTF-8 date Wed, 28 May 2025 04:15:15 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7%2F0bEnR8ulNBzn1CZoz2f7I3EvLUmMJkMTDSVX0pj8KnYznSGQUrAFcJgDO%2Fw88creavxd%2BcgFlO%2FWOzXCBWYx%2BMxD0RTefF7ehaxfmd70cpJbxUh46wbsKGZ%2BJFcw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=69523&min_rtt=68923&rtt_var=8947&sent=10&recv=11&lost=0&retrans=0&sent_bytes=3642&recv_bytes=3346&delivery_rate=652970&cwnd=15468&unsent_bytes=0&cid=43e7e6e7a1e46c31&ts=408&x=92" vary Accept-Encoding
GET H2	200	r2cr6BE6.js Show response content.jwplatform.com/libraries/	153 KB 55 KB	1906ms 329ms	Script text/javascript	52.85.61.51 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://content.jwplatform.com/libraries/r2cr6BE6.js Requested by Host: nuuuppp.sbs URL: https://nuuuppp.sbs/watch/0.738114748083531 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.61.51 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-61-51.ewr53.r.cloudfront.net Software gunicorn / Resource Hash 7323b3237a8e0264f62073841580d3a425f3f71a698fd35a60108ba7429c115a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://nuuuppp.sbs/ Response headers x-robots-tag none, indexifembedded cache-control max-age=180 content-encoding gzip age 53 via 1.1 960b27f23df49cd65e51133bf80b9878.cloudfront.net (CloudFront) access-control-allow-origin * x-cache Hit from cloudfront x-amz-cf-id 7gVzezzfm5-Qgf3VtV3YukIEUq-vFEw1WORL2CTcwScMtvVXPPTwfg== date Wed, 28 May 2025 04:14:24 GMT content-type text/javascript; charset=utf-8 vary Accept-Encoding server gunicorn x-amz-cf-pop EWR53-P1
GET H3	200	jquery.js Show response nuuuppp.sbs/	80 KB 30 KB	82ms 82ms	Script application/javascript	172.67.145.192 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nuuuppp.sbs/jquery.js Requested by Host: nuuuppp.sbs URL: https://nuuuppp.sbs/watch/0.738114748083531 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.145.192 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 64f10a08b5f1c6003510c48885a8e3ce5aa130d5a71d3187abae01a08b54f64d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://nuuuppp.sbs/watch/0.738114748083531 Response headers content-encoding zstd cf-cache-status HIT etag W/"63ebf67c-13fb9" age 219184 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C3SkHMpjkAYI25%2FQUfs5C3CdTSNxUh8xJB4QawnOIJI3B2xwLWahaTGOAbN1OHx7B%2B1ReCOGCrSRa5W8t5TPA8jwj5UyIwx6OE6YYQPioqa8XCmGr5AnP7NEk3E9Fw%3D%3D"}],"group":"cf-nel","max_age":604800} expires Wed, 28 May 2025 15:22:10 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=80501&min_rtt=68923&rtt_var=11425&sent=25&recv=18&lost=0&retrans=0&sent_bytes=19216&recv_bytes=3907&delivery_rate=1489067&cwnd=30936&unsent_bytes=0&cid=43e7e6e7a1e46c31&ts=534&x=92" date Wed, 28 May 2025 04:15:15 GMT content-type application/javascript last-modified Tue, 14 Feb 2023 21:00:44 GMT vary Accept-Encoding nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cache-control max-age=259200 cf-ray 946aee0a2c15f7bf-LAX server cloudflare
GET H/1.1	200 OK	mevkol Show response ameyv.azqqlobqwomqr.top/kzvkarmyzeywz/	5 B 1 KB	423ms 104ms	Script application/javascript	173.0.146.206 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://ameyv.azqqlobqwomqr.top/kzvkarmyzeywz/mevkol?d=1 Requested by Host: nuuuppp.sbs URL: https://nuuuppp.sbs/watch/0.738114748083531 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 173.0.146.206 , United States, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash cc5a5851251dd8052292557ba0231c51363ff1474f60b7a4af3be144cb1327c8 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://nuuuppp.sbs/ Response headers Access-Control-Max-Age 600 Content-Encoding gzip Access-Control-Allow-Methods GET, POST, OPTIONS X-Content-Type-Options nosniff Keep-Alive timeout=20 Date Wed, 28 May 2025 04:15:17 GMT Content-Type application/javascript; charset=utf-8 Vary Accept-Encoding Access-Control-Allow-Headers content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires Transfer-Encoding chunked Strict-Transport-Security max-age=1 Accept-ch sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list Connection keep-alive Access-Control-Allow-Credentials true Access-Control-Allow-Origin https://nuuuppp.sbs Server nginx
GET H2	200	472d2ce9f7b6eba15d50e55b8704df84.js Show response 6b49bc9aef.1023f6e00d.com/	122 KB 38 KB	486ms 80ms	Script application/javascript	45.133.44.53 ADVANCEDHOSTERS-A...
General Check archive.org Show headers Download Go to Full URL https://6b49bc9aef.1023f6e00d.com/472d2ce9f7b6eba15d50e55b8704df84.js Requested by Host: nuuuppp.sbs URL: https://nuuuppp.sbs/watch/0.738114748083531 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL), Reverse DNS Software nginx/1.18.0 / Resource Hash c72df3d0c56cbd1710375f7b69985ebeba6af49918fcb95e6ff9c90f6936b5f0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Origin https://nuuuppp.sbs Referer https://nuuuppp.sbs/ Response headers cache-control max-age=300 content-encoding gzip etag W/"682733ad-1e97c" expires Wed, 28 May 2025 04:20:18 GMT x-proxy-cache HIT access-control-allow-origin * date Wed, 28 May 2025 04:15:18 GMT content-type application/javascript; charset=utf-8 last-modified Fri, 16 May 2025 12:46:37 GMT server nginx/1.18.0 x-cdn-host-id ds8144
GET H2	200	24970 Show response 6b49bc9aef.1023f6e00d.com/a9add89e6c677d0e14c22248f80ef963/	2 KB 2 KB	74ms 73ms	XHR application/json	45.133.44.53 ADVANCEDHOSTERS-A...
General Check archive.org Show headers Download Go to Full URL https://6b49bc9aef.1023f6e00d.com/a9add89e6c677d0e14c22248f80ef963/24970?version_name=a&domain=nuuuppp.sbs Requested by Host: 6b49bc9aef.1023f6e00d.com URL: https://6b49bc9aef.1023f6e00d.com/472d2ce9f7b6eba15d50e55b8704df84.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL), Reverse DNS Software nginx/1.18.0 / Resource Hash ef1fed68c956a1985cd1df3ff44cb463dcddc2fc061397e754c8149bc0b8472d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://nuuuppp.sbs/ Response headers cache-control max-age=300 expires Wed, 28 May 2025 04:20:18 GMT x-proxy-cache HIT access-control-allow-origin * date Wed, 28 May 2025 04:15:18 GMT content-type application/json server nginx/1.18.0 x-cdn-host-id ds8144
GET H2	200	advertising.js Show response js.capndr.com/	0 256 B	359ms 73ms	Script application/javascript	45.133.44.52 ADVANCEDHOSTERS-A...
General Check archive.org Show headers Download Go to Full URL https://js.capndr.com/advertising.js Requested by Host: 6b49bc9aef.1023f6e00d.com URL: https://6b49bc9aef.1023f6e00d.com/472d2ce9f7b6eba15d50e55b8704df84.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL), Reverse DNS Software nginx/1.18.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://nuuuppp.sbs/ Response headers cache-control max-age=300 etag "64b105fd-0" expires Wed, 28 May 2025 04:20:18 GMT x-proxy-cache HIT access-control-allow-origin * content-length 0 date Wed, 28 May 2025 04:15:18 GMT accept-ranges bytes content-type application/javascript; charset=utf-8 last-modified Fri, 14 Jul 2023 08:23:25 GMT server nginx/1.18.0 x-cdn-host-id ds8144
GET H2	204	tags Show response notification.tubecup.net/	0 198 B	787ms 229ms	XHR text/plain	88.198.186.112 HETZNER-AS Hetzne...
General Check archive.org Show headers Download Go to Full URL https://notification.tubecup.net/tags?tag_id=24970&timezone_olson=Pacific/Honolulu&version_name=a&med_script_id=18&page=https%3A//nuuuppp.sbs/watch/0.738114748083531 Requested by Host: 6b49bc9aef.1023f6e00d.com URL: https://6b49bc9aef.1023f6e00d.com/472d2ce9f7b6eba15d50e55b8704df84.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 88.198.186.112 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE), Reverse DNS static.88-198-186-112.clients.your-server.de Software nginx/1.18.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://nuuuppp.sbs/ Response headers cache-control no-transform, no-cache, no-store, must-revalidate pragma no-cache access-control-allow-methods * access-control-allow-origin * date Wed, 28 May 2025 04:15:19 GMT vary Origin server nginx/1.18.0 access-control-allow-headers Content-Type
GET H3	200	tag.min.js Show response paupsoborofoow.net/	100 KB 44 KB	263ms 172ms	Script application/javascript	104.21.50.180 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://paupsoborofoow.net/tag.min.js Requested by Host: nuuuppp.sbs URL: https://nuuuppp.sbs/watch/0.738114748083531 Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.50.180 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0604e86478e7590ed2538f766dd867012090b049c2313662c576fdb45e33d6b8 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://nuuuppp.sbs/ Response headers access-control-max-age 86400 content-encoding gzip cf-cache-status HIT age 1501 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3776BKSKV4P4tSwzZ6rPyKEmD6diJWahkRyQK%2BeWkI7PCKic4Aqi6kqtblrjfogUHXHIWF82vXm%2Fztf7mdP8AwLTRxQIOA8JxkA3UaYN%2FDfUt3a21EgSmAOxJz0y8HmLYEgz%2BGI%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-methods GET, POST, OPTIONS x-content-type-options nosniff alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=71764&min_rtt=69731&rtt_var=12610&sent=9&recv=10&lost=0&retrans=0&sent_bytes=3633&recv_bytes=4342&delivery_rate=253371&cwnd=15584&unsent_bytes=0&cid=4f1d2ce06051a084&ts=174&x=92" date Wed, 28 May 2025 04:15:18 GMT content-type application/javascript last-modified Wed, 28 May 2025 03:50:17 GMT vary accept-encoding access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon strict-transport-security max-age=1 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cache-control public, max-age=600, s-maxage=1800 timing-allow-origin *, * accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version access-control-allow-credentials true x-trace-id 99d287eba7827562af2c0a59cb3f85f7 cf-ray 946aee1e9acdcb9c-LAX access-control-allow-origin * server cloudflare
GET		jwpsrv.js ssl.p.jwpcdn.com/player/v/8.37.0/	0 0
GET		jwplayer.core.controls.js ssl.p.jwpcdn.com/player/v/8.37.0/	0 0
GET		provider.hlsjs.js ssl.p.jwpcdn.com/player/v/8.37.0/	0 0
GET H3	404	favicon.ico nuuuppp.sbs/	10 KB 3 KB	89ms 88ms	Other text/html	172.67.145.192 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nuuuppp.sbs/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.145.192 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 222c1836552387595aedcb78ff7fa3b56b68f0034a1b83ef23395a05ef83548f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://nuuuppp.sbs/watch/0.738114748083531 Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cache-control max-age=14400 content-encoding zstd cf-cache-status HIT age 2 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s3jVmth7fPUXvjSDZAICf%2FdDwM9L6RNpfTp7ZWgkvM69GZRUmd1iSCSLq7xk%2FXK7FKPWbQ6BGUtRbjDa%2FlG8cyNlkujrf9RlK%2FJl3rZZQ6%2BAO1bk2Ty1Z7ldHIWstg%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 946aee1dd8b3f7bf-LAX alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=82404&min_rtt=68923&rtt_var=2183&sent=74&recv=44&lost=12&retrans=14&sent_bytes=66241&recv_bytes=5391&delivery_rate=1489067&cwnd=67075&unsent_bytes=0&cid=43e7e6e7a1e46c31&ts=3691&x=92" apacheserver true date Wed, 28 May 2025 04:15:18 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding server cloudflare
POST H2	200	/ Show response p2yn.com/5/9215342/	4 KB 3 KB	1434ms 681ms	XHR application/json	139.45.195.12 RETN-AS RETN Limited
General Check archive.org Show headers Download Go to Full URL https://p2yn.com/5/9215342/?oo=1&js_build=iclick-v1.1140.0&dmn=paupsoborofoow.net&tt=2&ix=0 Requested by Host: paupsoborofoow.net URL: https://paupsoborofoow.net/tag.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.12 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB), Reverse DNS Software nginx / Resource Hash 73810bae60c78837647337b1f1f28432a2bc232a74a272398d991836c974a929 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://nuuuppp.sbs/ Response headers access-control-max-age 86400 content-encoding gzip access-control-allow-methods GET, POST, OPTIONS expires Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT date Wed, 28 May 2025 04:15:20 GMT content-type application/json access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon link <https://my.rtmark.net>; rel="preconnect dns-prefetch" cache-control no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0 timing-allow-origin * accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version pragma no-cache, no-cache access-control-allow-credentials true x-trace-id 7bd56cc031af16e8d877560bce5d6187 access-control-allow-origin https://nuuuppp.sbs server nginx
GET H3	200	count.html Show response storage.multstorage.com/log/ Frame 5D2E	882 B 1 KB	689ms 269ms	Document text/html	172.67.174.51 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://storage.multstorage.com/log/count.html Requested by Host: 6b49bc9aef.1023f6e00d.com URL: https://6b49bc9aef.1023f6e00d.com/472d2ce9f7b6eba15d50e55b8704df84.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.174.51 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2 Request headers Referer https://nuuuppp.sbs/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 946aee26bc8b2abc-LAX content-encoding zstd content-type text/html date Wed, 28 May 2025 04:15:20 GMT last-modified Mon, 18 Sep 2023 14:39:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y%2FrUQaxq4arhBdFEyNpPzmCjXITNcbh51gSuRVyugyYRCbhiEbkHhBoseHQEgLY0Mt0Nj%2FkxcmRju%2FlqZF945yo4pdSps1CLuGg4dxaRjbp2KlXB5nVA99RU57U0wv%2B1hiprX6n2gcGTmA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=84469&min_rtt=83014&rtt_var=11554&sent=11&recv=12&lost=0&retrans=0&sent_bytes=3706&recv_bytes=4581&delivery_rate=207933&cwnd=15625&unsent_bytes=0&cid=fe876c8078c391fe&ts=595&x=92" vary Accept-Encoding x-request-id 763bfde92125cb8897d676d5a33af824
GET H2	200	track Show response 2ce064f854.766935bca8.com/in/	0 225 B	1060ms 543ms	XHR text/plain	45.133.44.53 ADVANCEDHOSTERS-A...
General Check archive.org Show headers Download Go to Full URL https://2ce064f854.766935bca8.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIyMTEwMDYwNTg4MTQ3MDU2NjAiLCJ0aW1lem9uZSI6LTEwLCJ2ZXIiOiIzLjEzOS4wIiwidGFnX2lkIjoyNDk3MCwic2NyZWVuX3Jlc29sdXRpb24iOiIxNjAweDEyMDAiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlBhY2lmaWMvSG9ub2x1bHUiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MS40LCJpc192MiI6MSwiaXNfdjJfZW1wdHkiOjB9 Requested by Host: 6b49bc9aef.1023f6e00d.com URL: https://6b49bc9aef.1023f6e00d.com/472d2ce9f7b6eba15d50e55b8704df84.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL), Reverse DNS Software nginx/1.18.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://nuuuppp.sbs/ Response headers cache-control no-transform, no-cache, no-store, must-revalidate pragma no-cache access-control-allow-methods * access-control-allow-origin * content-length 0 date Wed, 28 May 2025 04:15:20 GMT vary Origin server nginx/1.18.0 x-cdn-host-id ds8144 access-control-allow-headers Content-Type
GET H2	200	58bbbb80a13b8b9f1452515da79a2af5.js Show response 6b49bc9aef.1023f6e00d.com/	202 KB 56 KB	218ms 69ms	Script application/javascript	45.133.44.53 ADVANCEDHOSTERS-A...
General Check archive.org Show headers Download Go to Full URL https://6b49bc9aef.1023f6e00d.com/58bbbb80a13b8b9f1452515da79a2af5.js Requested by Host: 6b49bc9aef.1023f6e00d.com URL: https://6b49bc9aef.1023f6e00d.com/472d2ce9f7b6eba15d50e55b8704df84.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL), Reverse DNS Software nginx/1.18.0 / Resource Hash 76c73c63808284d82d44ec3bda4cec2992958abd3ca48659a44124a2e372b0a7 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://nuuuppp.sbs/ Response headers cache-control max-age=300 content-encoding gzip etag W/"68358e49-32614" expires Wed, 28 May 2025 04:20:19 GMT x-proxy-cache HIT access-control-allow-origin * date Wed, 28 May 2025 04:15:19 GMT content-type application/javascript; charset=utf-8 last-modified Tue, 27 May 2025 10:04:57 GMT server nginx/1.18.0 x-cdn-host-id ds8144
POST		fp fp.metricswpsh.com/	0 0
OPTIONS H/1.1	204 No Content	fp fp.metricswpsh.com/ Frame	0 0	690ms 230ms	Preflight	157.90.84.242 HETZNER-AS Hetzne...
General Check archive.org Show headers Download Go to Full URL https://fp.metricswpsh.com/fp?tag_id=24970 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 157.90.84.242 Ismaning, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE), Reverse DNS static.242.84.90.157.clients.your-server.de Software nginx/1.20.1 / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://nuuuppp.sbs Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Response headers Access-Control-Allow-Credentials true Access-Control-Allow-Headers content-type Access-Control-Allow-Methods GET,HEAD,PUT,PATCH,POST,DELETE Access-Control-Allow-Origin https://nuuuppp.sbs Connection keep-alive Date Wed, 28 May 2025 04:15:20 GMT Server nginx/1.20.1 Vary Origin Access-Control-Request-Method Access-Control-Request-Headers
GET		ServiceLogin accounts.google.com/	0 0
GET		e56e2d71f8ac89a06aba295983886919.js 6b49bc9aef.1023f6e00d.com/	0 0
GET		dip nereserv.com/in/	0 0
OPTIONS		multy aa884225ad.84747737e0.com/in/ Frame	0 0
POST		multy aa884225ad.84747737e0.com/in/	0 0
GET		gid.js my.rtmark.net/	0 0
GET H3	200	Primary Request 0.738114748083531 Show response nuuuppp.sbs/watch/	7 KB 4 KB	255ms 254ms	Document text/html	172.67.145.192 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nuuuppp.sbs/watch/0.738114748083531?redi=true&ref=none&wa=0 Requested by Host: nuuuppp.sbs URL: https://nuuuppp.sbs/watch/0.738114748083531 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.145.192 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e4826cf6cad3bb8b1e59b0f40293f3828325834c02224d3de5b12cff3afdcdaa Request headers Referer https://nuuuppp.sbs/watch/0.738114748083531 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 apacheserver true cf-cache-status DYNAMIC cf-ray 946aee2dac0ef7bf-LAX content-encoding zstd content-type text/html; charset=UTF-8 date Wed, 28 May 2025 04:15:21 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2%2FAOddkZBTcyg2X4YPJn41FuK5xOITYD%2Bgi05u3Zo7N55kISHpakcJ8RFYpLVwEEsxMxl9Stx7NPFfH%2FMtzGdy6Q4v5JA56zFqQx6rAep26d38DDDgrvex1vaoyfPQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=80375&min_rtt=68923&rtt_var=4681&sent=78&recv=47&lost=12&retrans=14&sent_bytes=69759&recv_bytes=5919&delivery_rate=1489067&cwnd=70570&unsent_bytes=0&cid=43e7e6e7a1e46c31&ts=6372&x=92" vary Accept-Encoding
GET H3	200	count.html storage.multstorage.com/log/ Frame F965	882 B 0	0ms 0ms	Document text/html	172.67.174.51 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://storage.multstorage.com/log/count.html Requested by Host: nuuuppp.sbs URL: https://nuuuppp.sbs/watch/0.738114748083531 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.174.51 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://nuuuppp.sbs/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 946aee26bc8b2abc-LAX content-encoding zstd content-type text/html date Wed, 28 May 2025 04:15:20 GMT last-modified Mon, 18 Sep 2023 14:39:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y%2FrUQaxq4arhBdFEyNpPzmCjXITNcbh51gSuRVyugyYRCbhiEbkHhBoseHQEgLY0Mt0Nj%2FkxcmRju%2FlqZF945yo4pdSps1CLuGg4dxaRjbp2KlXB5nVA99RU57U0wv%2B1hiprX6n2gcGTmA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=84469&min_rtt=83014&rtt_var=11554&sent=11&recv=12&lost=0&retrans=0&sent_bytes=3706&recv_bytes=4581&delivery_rate=207933&cwnd=15625&unsent_bytes=0&cid=fe876c8078c391fe&ts=595&x=92" vary Accept-Encoding x-request-id 763bfde92125cb8897d676d5a33af824
OPTIONS		multy ntvpforever.com/in/ Frame	0 0
POST		multy ntvpforever.com/in/	0 0
GET H2	200	r2cr6BE6.js Show response content.jwplatform.com/libraries/	153 KB 0	0ms 0ms	Script text/javascript	52.85.61.51 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://content.jwplatform.com/libraries/r2cr6BE6.js Requested by Host: nuuuppp.sbs URL: https://nuuuppp.sbs/watch/0.738114748083531?redi=true&ref=none&wa=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.61.51 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-61-51.ewr53.r.cloudfront.net Software gunicorn / Resource Hash 7323b3237a8e0264f62073841580d3a425f3f71a698fd35a60108ba7429c115a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://nuuuppp.sbs/ Response headers x-robots-tag none, indexifembedded cache-control max-age=180 content-encoding gzip age 53 via 1.1 960b27f23df49cd65e51133bf80b9878.cloudfront.net (CloudFront) access-control-allow-origin * x-cache Hit from cloudfront x-amz-cf-id 7gVzezzfm5-Qgf3VtV3YukIEUq-vFEw1WORL2CTcwScMtvVXPPTwfg== date Wed, 28 May 2025 04:14:24 GMT content-type text/javascript; charset=utf-8 vary Accept-Encoding server gunicorn x-amz-cf-pop EWR53-P1
GET H3	200	jquery.js Show response nuuuppp.sbs/	80 KB 0	1ms 1ms	Script application/javascript	172.67.145.192 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nuuuppp.sbs/jquery.js Requested by Host: nuuuppp.sbs URL: https://nuuuppp.sbs/watch/0.738114748083531?redi=true&ref=none&wa=0 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.145.192 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 64f10a08b5f1c6003510c48885a8e3ce5aa130d5a71d3187abae01a08b54f64d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://nuuuppp.sbs/watch/0.738114748083531?redi=true&ref=none&wa=0 Response headers content-encoding zstd cf-cache-status HIT etag W/"63ebf67c-13fb9" age 219184 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C3SkHMpjkAYI25%2FQUfs5C3CdTSNxUh8xJB4QawnOIJI3B2xwLWahaTGOAbN1OHx7B%2B1ReCOGCrSRa5W8t5TPA8jwj5UyIwx6OE6YYQPioqa8XCmGr5AnP7NEk3E9Fw%3D%3D"}],"group":"cf-nel","max_age":604800} expires Wed, 28 May 2025 15:22:10 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=80501&min_rtt=68923&rtt_var=11425&sent=25&recv=18&lost=0&retrans=0&sent_bytes=19216&recv_bytes=3907&delivery_rate=1489067&cwnd=30936&unsent_bytes=0&cid=43e7e6e7a1e46c31&ts=534&x=92" date Wed, 28 May 2025 04:15:15 GMT content-type application/javascript last-modified Tue, 14 Feb 2023 21:00:44 GMT vary Accept-Encoding nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cache-control max-age=259200 cf-ray 946aee0a2c15f7bf-LAX server cloudflare
GET		jwpsrv.js ssl.p.jwpcdn.com/player/v/8.37.0/	0 0
GET		jwplayer.core.controls.js ssl.p.jwpcdn.com/player/v/8.37.0/	0 0
GET		provider.hlsjs.js ssl.p.jwpcdn.com/player/v/8.37.0/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

ssl.p.jwpcdn.com

URL

https://ssl.p.jwpcdn.com/player/v/8.37.0/jwpsrv.js

Domain

ssl.p.jwpcdn.com

URL

https://ssl.p.jwpcdn.com/player/v/8.37.0/jwplayer.core.controls.js

Domain

ssl.p.jwpcdn.com

URL

https://ssl.p.jwpcdn.com/player/v/8.37.0/provider.hlsjs.js

Domain

fp.metricswpsh.com

URL

https://fp.metricswpsh.com/fp?tag_id=24970

Domain

accounts.google.com

URL

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube

Domain

6b49bc9aef.1023f6e00d.com

URL

https://6b49bc9aef.1023f6e00d.com/e56e2d71f8ac89a06aba295983886919.js

Domain

nereserv.com

URL

https://nereserv.com/in/dip?site=native-push&wl=0&event_id=7c040caf-e021-47ea-9573-2f475a76684f&subid=898067684&sid=2773493807&spot_id=372362&created_at=2025-05-27&timezone=-10&ver=8.227.0&is_native=1

Domain

aa884225ad.84747737e0.com

URL

https://aa884225ad.84747737e0.com/in/multy

Domain

aa884225ad.84747737e0.com

URL

https://aa884225ad.84747737e0.com/in/multy

Domain

my.rtmark.net

URL

https://my.rtmark.net/gid.js?userId=0081d717cf694a0be02eacfe27088221

Domain

ntvpforever.com

URL

https://ntvpforever.com/in/multy

Domain

ntvpforever.com

URL

https://ntvpforever.com/in/multy

Domain

ssl.p.jwpcdn.com

URL

https://ssl.p.jwpcdn.com/player/v/8.37.0/jwpsrv.js

Domain

ssl.p.jwpcdn.com

URL

https://ssl.p.jwpcdn.com/player/v/8.37.0/jwplayer.core.controls.js

Domain

ssl.p.jwpcdn.com

URL

https://ssl.p.jwpcdn.com/player/v/8.37.0/provider.hlsjs.js

0 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ameyv.azqqlobqwomqr.top/	1970-01-21 05:41:32	Name: GL_UI4 Value: eJw9jd1Og0AQhZfC0lYLOgkP4COAVkgvjbd9BzLsDnQt7DTLlurbu5ro1fnJl3OEEKviAaIl3UJ8xVd4Kutujw3Vz81eVXVTlVj1NaoGqTxQ3x9ga%2BbWYzeST2AzT%2Bh865cEdgNZcka1ijVl8Biov%2BZs%2BWYTkJ1DqzOQUyDGDNad49tMroghsTgRpO8nx0HlhB%2FsIK5e6uCNDT4qYcVzEed3II%2FGXj%2FzXSryPBVwfxnR9%2Bym1ugQ5eBQE0RvsFHoaWD3BWtN89nzBYBH3f7zv59y%2FFmDVNNiVIjsT%2BS%2BAcjfTp0%3D
			ameyv.azqqlobqwomqr.top/	1970-01-21 05:41:32	Name: GL_GI10 Value: eJwNzEEOgjAQBdDOLCASjfmRA3AColWJW1M9AeEABCppQqZNWz2%2FrN7uKaW43oNdwPHS6Vbf7q0%2Bd5sP0AIeevAkOAzisp2bPo%2FZJlAEmyc4Ciozru7jo7gRNKF6r01vl6%2FMHuRQuuurFZvBkrAzPgYftwEUCgJnX5bgNNcK9CtOf5ApIH4%3D
			p2yn.com/	1970-01-21 14:25:41	Name: OAID Value: 0081d717cf694a0be02eacfe27088221
			p2yn.com/	1970-01-21 14:25:41	Name: oaidts Value: 1748405720

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://nuuuppp.sbs/watch/0.738114748083531 Message: [GroupMarkerNotSet(crbug.com/242999)!:A0E01C00CC330000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network	error	URL: https://nuuuppp.sbs/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
rendering	warning	URL: https://nuuuppp.sbs/watch/0.738114748083531 Message: [GroupMarkerNotSet(crbug.com/242999)!:A0301E02CC330000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://nuuuppp.sbs/watch/0.738114748083531 Message: [GroupMarkerNotSet(crbug.com/242999)!:A0B01C00CC330000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://nuuuppp.sbs/watch/0.738114748083531 Message: [GroupMarkerNotSet(crbug.com/242999)!:A0601E02CC330000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2ce064f854.766935bca8.com
6b49bc9aef.1023f6e00d.com
aa884225ad.84747737e0.com
accounts.google.com
ameyv.azqqlobqwomqr.top
content.jwplatform.com
fp.metricswpsh.com
js.capndr.com
my.rtmark.net
nereserv.com
notification.tubecup.net
ntvpforever.com
nuuuppp.sbs
p2yn.com
paupsoborofoow.net
ssl.p.jwpcdn.com
storage.multstorage.com
6b49bc9aef.1023f6e00d.com
aa884225ad.84747737e0.com
accounts.google.com
fp.metricswpsh.com
my.rtmark.net
nereserv.com
ntvpforever.com
ssl.p.jwpcdn.com
104.21.50.180
139.45.195.12
157.90.84.242
172.67.145.192
172.67.174.51
173.0.146.206
45.133.44.52
45.133.44.53
52.85.61.51
88.198.186.112
0604e86478e7590ed2538f766dd867012090b049c2313662c576fdb45e33d6b8
222c1836552387595aedcb78ff7fa3b56b68f0034a1b83ef23395a05ef83548f
64f10a08b5f1c6003510c48885a8e3ce5aa130d5a71d3187abae01a08b54f64d
7323b3237a8e0264f62073841580d3a425f3f71a698fd35a60108ba7429c115a
73810bae60c78837647337b1f1f28432a2bc232a74a272398d991836c974a929
76c73c63808284d82d44ec3bda4cec2992958abd3ca48659a44124a2e372b0a7
8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2
adbf61dcaee76d2ea56fbf776b4eb025a519ea3e323fc0786b4dd813d07c37d4
c72df3d0c56cbd1710375f7b69985ebeba6af49918fcb95e6ff9c90f6936b5f0
cc5a5851251dd8052292557ba0231c51363ff1474f60b7a4af3be144cb1327c8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4826cf6cad3bb8b1e59b0f40293f3828325834c02224d3de5b12cff3afdcdaa
ef1fed68c956a1985cd1df3ff44cb463dcddc2fc061397e754c8149bc0b8472d