urlscan.io logo urlscan.io
SecurityTrails logo

upgame.vip Open in urlscan Pro
108.138.7.93  Public Scan

Go To Rescan Add Verdict Report
URL: https://upgame.vip/
Submission: On March 18 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 24 HTTP transactions. The main IP is 108.138.7.93, located in United States and belongs to AMAZON-02, US. The main domain is upgame.vip.
TLS certificate: Issued by Amazon RSA 2048 M03 on March 15th 2024. Valid for: a year.
This is the only time upgame.vip was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 108.138.7.93 16509 (AMAZON-02)
2 34.149.28.75 396982 (GOOGLE-CL...)
8 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
24 4
Apex Domain
Subdomains		 Transfer
11 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 115
tpc.googlesyndication.com — Cisco Umbrella Rank: 167
227 KB
11 upgame.vip
upgame.vip
898 KB
2 headballfootballstar.com
bqj.headballfootballstar.com
328 B
24 3
Domain Requested by
11 upgame.vip upgame.vip
8 pagead2.googlesyndication.com upgame.vip
pagead2.googlesyndication.com
tpc.googlesyndication.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 bqj.headballfootballstar.com upgame.vip
24 4

This site contains no links.

Subject Issuer Validity Valid
upgame.vip
Amazon RSA 2048 M03		 2024-03-15 -
2025-04-13		 a year crt.sh
*.headballfootballstar.com
GTS CA 1D4		 2024-02-09 -
2024-05-09		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://upgame.vip/
Frame ID: F777F907B2E6AC7A4403E75D6B85EDE6
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-8524688386487478&output=html&adk=1812271804&adf=3025194257&lmt=1708682569&plat=8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Fupgame.vip%2F&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710729245617&bpp=1&bdt=826&idt=133&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7468485006009&frm=20&pv=2&ga_vid=1253360313.1710729246&ga_sid=1710729246&ga_hid=1784162440&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795921%2C95327951%2C95327954%2C95322329%2C95325785%2C95326917&oid=2&pvsid=110042762195972&tmod=1328802661&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=142
Frame ID: 0F4FE426B6DD48529918149127A2AF37
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F928ACCA23E17A59B2F070E138462BFE
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-8524688386487478&output=html&h=280&slotname=3170297041&adk=1283702675&adf=3023360660&pi=t.ma~as.3170297041&w=375&fwrn=4&fwrnh=100&lmt=1708682569&rafmt=1&format=375x280&url=https%3A%2F%2Fupgame.vip%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710729246481&bpp=2&bdt=1689&idt=2&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7468485006009&frm=20&pv=1&ga_vid=1253360313.1710729246&ga_sid=1710729246&ga_hid=1784162440&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=613&ady=85&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795921%2C95327951%2C95327954%2C95322329%2C95325785%2C95326917&oid=2&pvsid=110042762195972&tmod=1328802661&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=5
Frame ID: 5CF8E9C8D05D92E5A22288A5E1F32464
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-8524688386487478&output=html&h=280&slotname=3170297041&adk=1283702675&adf=2460039539&pi=t.ma~as.3170297041&w=375&fwrn=4&fwrnh=100&lmt=1708682569&rafmt=1&format=375x280&url=https%3A%2F%2Fupgame.vip%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710729246493&bpp=1&bdt=1702&idt=0&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C375x280&nras=1&correlator=7468485006009&frm=20&pv=1&ga_vid=1253360313.1710729246&ga_sid=1710729246&ga_hid=1784162440&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=613&ady=1116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795921%2C95327951%2C95327954%2C95322329%2C95325785%2C95326917&oid=2&pvsid=110042762195972&tmod=1328802661&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=3&uci=a!3&fsb=1&dtd=2
Frame ID: D68716E5AFE654559EB5499EDDB1025B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

index

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

24
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

1126 kB
Transfer

1654 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
upgame.vip/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://upgame.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-93.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4fa760ec7f37e9d494f21f2868969886486ecca1b6319c436b13464a16648c89

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
77778
content-encoding
gzip
content-type
text/html
date
Sun, 17 Mar 2024 04:57:47 GMT
etag
W/"a61a874b01f33ef0974c569b8131c875"
last-modified
Fri, 23 Feb 2024 10:02:49 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront)
x-amz-cf-id
UjQvkqmVQGt5fEfPxf0TJvp7zKGCa0sdhFXivKyqd-YqNyTEe446PQ==
x-amz-cf-pop
FRA56-P6
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
index.42a498edab809971c051.css
upgame.vip/css/ 		3 KB
1015 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://upgame.vip/css/index.42a498edab809971c051.css
Requested by
Host: upgame.vip
URL: https://upgame.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-93.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e4994eb3f3604f8cf99b68563388b14e264ff5f6080159ea4fd6ea70d84e905e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upgame.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 02:34:06 GMT
content-encoding
br
via
1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront)
last-modified
Fri, 23 Feb 2024 10:02:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
x-amz-server-side-encryption
AES256
etag
W/"a3b6809da2ef1532eb16e090626a5a33"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/css
x-amz-cf-id
SxkyCfxlePck461BaS_g4sLfn90ubh1c4k0BqcZqaWH-6DYIDy9D1A==
02ef8218c2100d42c0f6.png
upgame.vip/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upgame.vip/02ef8218c2100d42c0f6.png
Requested by
Host: upgame.vip
URL: https://upgame.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-93.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
17f6745c42266aea3a29b737acae742c1bde5106cf4997ee695816419212206c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upgame.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 01:23:12 GMT
via
1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront)
last-modified
Fri, 23 Feb 2024 10:02:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
4252
etag
"b9715c008f670dae46228818081dbb42"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
30172
x-amz-cf-id
Gu3yGJixTT_XwAo1o6XZFe97PBeV9ouV5UUhDfVdAU0AGXTpnl0_Aw==
896e90a53684bf507720.jpg
upgame.vip/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upgame.vip/896e90a53684bf507720.jpg
Requested by
Host: upgame.vip
URL: https://upgame.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-93.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
407a6fc24c11e1b36ffeb14e10b19b09c48ecbc011fba65d645d32a342ddf372

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upgame.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 01:23:13 GMT
via
1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront)
last-modified
Fri, 23 Feb 2024 10:02:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
4252
x-amz-server-side-encryption
AES256
etag
"07dd251e32c42ddbe520d0515f9d3f08"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
14351
x-amz-cf-id
IOEq5oqp4gphGJedXJBFE-tSuZVpH5U2uHaxjhwVweHMrqsvq0kcyg==
runtime.cb5e77f347c3c3d6a58f.js
upgame.vip/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://upgame.vip/runtime.cb5e77f347c3c3d6a58f.js
Requested by
Host: upgame.vip
URL: https://upgame.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-93.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aed0461503d8feb9b07b0b38de36eb6fecc4403c491493f1f639398c4c725bf2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upgame.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 01:23:14 GMT
content-encoding
gzip
via
1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront)
last-modified
Fri, 23 Feb 2024 10:03:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
4250
x-amz-server-side-encryption
AES256
etag
W/"36b5ed289d49685851e97bba76abf3ae"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
DBv9ZXfGAT_xAnHAD0nKXgSrMnd5ZfaysPfWBapLTiK-vsHbSr7LTg==
603.443a0ce134319b72a09e.js
upgame.vip/ 		181 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://upgame.vip/603.443a0ce134319b72a09e.js
Requested by
Host: upgame.vip
URL: https://upgame.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-93.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a8ae51b0a556e84a2f152743258a816dff8f186a2b491ae7a89cb26eaadaeb5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upgame.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 01:23:15 GMT
content-encoding
gzip
via
1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront)
last-modified
Fri, 23 Feb 2024 10:02:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
4250
x-amz-server-side-encryption
AES256
etag
W/"3da09cea3b113c6936cbcc2a0d06c5e6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
BqIdXYmsjXfUhGtQXgwmFxaZP-_D8r1KAWxYP2jyxVQcDoAi3-MPXQ==
index.d2f0693326b6b10be49c.js
upgame.vip/ 		1 KB
977 B 		Script
General
Check archive.org
Download Go to
Full URL
https://upgame.vip/index.d2f0693326b6b10be49c.js
Requested by
Host: upgame.vip
URL: https://upgame.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-93.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2fbd2a2c8d656592c18e332253935884e1ee19413790f6b3bc61cba7a1c60c41

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upgame.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 01:23:16 GMT
content-encoding
gzip
via
1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront)
last-modified
Fri, 23 Feb 2024 10:02:49 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
4249
x-amz-server-side-encryption
AES256
etag
W/"f741d042d8d7141afb54c00529d84501"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
-xB2yBLlPbE4f40rBtmumFlV_xiE7DjxHHBgWWwq3Lvgb93QC2kiiw==
simpleStat
bqj.headballfootballstar.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://bqj.headballfootballstar.com/simpleStat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.28.75 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
75.28.149.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://upgame.vip
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization, content-type
access-control-allow-methods
POST
access-control-allow-origin
https://upgame.vip
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 18 Mar 2024 02:34:05 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
simpleStat
bqj.headballfootballstar.com/ 		260 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bqj.headballfootballstar.com/simpleStat
Requested by
Host: upgame.vip
URL: https://upgame.vip/603.443a0ce134319b72a09e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.28.75 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
75.28.149.34.bc.googleusercontent.com
Software
/
Resource Hash
3eedeb29056bc9f2401d039a0e790d128018603508056cefce9d3e5c7154a6d2

Request headers

Referer
https://upgame.vip/
accept-language
de-DE,de;q=0.9
Authorization
Basic MzJEOTdDNDFBODZFRTUzNDU5RjVEMEE4Ojg3MTJERTZGQjAyMzQyOEQ4NEEyNUU4NEZBMjZFOTND
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Mon, 18 Mar 2024 02:34:05 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json
access-control-allow-origin
https://upgame.vip
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8524688386487478
Requested by
Host: upgame.vip
URL: https://upgame.vip/603.443a0ce134319b72a09e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
97c4619fd82ae41730afbed554e1372ba766ffdd0243df75d0f3a8ee34c1a09c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upgame.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 02:34:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50750
x-xss-protection
0
server
cafe
etag
12384920760845161549
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Mon, 18 Mar 2024 02:34:05 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/ 		406 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8524688386487478&plah=upgame.vip&aplac=true
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8524688386487478
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
818f169987df6d5326a987731707569cf28463027cb5b6fab6115c8f60a7f583
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upgame.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 02:34:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140997
x-xss-protection
0
server
cafe
etag
16321543951575252527
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 18 Mar 2024 02:34:05 GMT
ads
pagead2.googlesyndication.com/pagead/ Frame 0F4F 		603 B
66 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-8524688386487478&output=html&adk=1812271804&adf=3025194257&lmt=1708682569&plat=8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Fupgame.vip%2F&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710729245617&bpp=1&bdt=826&idt=133&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7468485006009&frm=20&pv=2&ga_vid=1253360313.1710729246&ga_sid=1710729246&ga_hid=1784162440&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795921%2C95327951%2C95327954%2C95322329%2C95325785%2C95326917&oid=2&pvsid=110042762195972&tmod=1328802661&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=142
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8524688386487478&plah=upgame.vip&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://upgame.vip/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 18 Mar 2024 02:34:05 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
game1.png
upgame.vip/public/images/ 		302 KB
303 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upgame.vip/public/images/game1.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-93.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ff6116e111763a5d45b077904feaa2bfbed4f811ed628d80d9afc8fd112135f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upgame.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 02:34:07 GMT
via
1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront)
last-modified
Fri, 23 Feb 2024 10:03:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
etag
"c90cbd3c61b10bffb0333d2ec81094a4"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
309143
x-amz-cf-id
szC_KM9j2hxmEFWQwGZvKDy1DARsDJ6UKactYKLZ6oS71cZr738xRQ==
game2.png
upgame.vip/public/images/ 		90 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upgame.vip/public/images/game2.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-93.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
039032d9db23056396182eef6ecb79d4d559dc89bd347aeb6974e8164399126f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upgame.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 02:34:07 GMT
via
1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront)
last-modified
Fri, 23 Feb 2024 10:03:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
etag
"162e733c288827d5b182552f343b3bb1"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
91931
x-amz-cf-id
dZEgm3H3Z1b32HK38ATUYovSprjETK3aaPwzP3WMGKApdXA_Or33QA==
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240313&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8524688386487478&plah=upgame.vip&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5496a8f030f2badcb09bd604705e024708aaf4f268cfaa2b5979d2f12b76d935
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upgame.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 02:34:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12241
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8524688386487478&plah=upgame.vip&aplac=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upgame.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 02:34:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 18 Mar 2024 02:34:05 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F928 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://upgame.vip/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
49315
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 17 Mar 2024 12:52:11 GMT
expires
Mon, 17 Mar 2025 12:52:11 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
J7jMHEcdr0lVSatsUU1en4le0CiJfA3--2xrJ7e0v4U.js
pagead2.googlesyndication.com/bg/ Frame F928 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/J7jMHEcdr0lVSatsUU1en4le0CiJfA3--2xrJ7e0v4U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27b8cc1c471daf495549ab6c514d5e9f895ed028897c0dfefb6c6b27b7b4bf85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 17:59:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
30900
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15583
x-xss-protection
0
last-modified
Mon, 11 Mar 2024 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 17 Mar 2025 17:59:06 GMT
generate_204
tpc.googlesyndication.com/ Frame F928 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?h-gmLA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 02:34:06 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ads
pagead2.googlesyndication.com/pagead/ Frame 5CF8 		603 B
66 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-8524688386487478&output=html&h=280&slotname=3170297041&adk=1283702675&adf=3023360660&pi=t.ma~as.3170297041&w=375&fwrn=4&fwrnh=100&lmt=1708682569&rafmt=1&format=375x280&url=https%3A%2F%2Fupgame.vip%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710729246481&bpp=2&bdt=1689&idt=2&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7468485006009&frm=20&pv=1&ga_vid=1253360313.1710729246&ga_sid=1710729246&ga_hid=1784162440&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=613&ady=85&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795921%2C95327951%2C95327954%2C95322329%2C95325785%2C95326917&oid=2&pvsid=110042762195972&tmod=1328802661&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=5
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8524688386487478&plah=upgame.vip&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://upgame.vip/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 18 Mar 2024 02:34:06 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame D687 		603 B
66 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-8524688386487478&output=html&h=280&slotname=3170297041&adk=1283702675&adf=2460039539&pi=t.ma~as.3170297041&w=375&fwrn=4&fwrnh=100&lmt=1708682569&rafmt=1&format=375x280&url=https%3A%2F%2Fupgame.vip%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710729246493&bpp=1&bdt=1702&idt=0&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C375x280&nras=1&correlator=7468485006009&frm=20&pv=1&ga_vid=1253360313.1710729246&ga_sid=1710729246&ga_hid=1784162440&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=613&ady=1116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795921%2C95327951%2C95327954%2C95322329%2C95325785%2C95326917&oid=2&pvsid=110042762195972&tmod=1328802661&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=3&uci=a!3&fsb=1&dtd=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8524688386487478&plah=upgame.vip&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://upgame.vip/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 18 Mar 2024 02:34:06 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240313&jk=110042762195972&bg=!FRalFlnNAAY_ejuoH3o7ADQBe5WfONAn2Xa-TzFmyMhwnmU76EAGCS_5IxTw1mctQnJP3-thuv7QVos1mnCn0WjkG9b3AgAAADVSAAAAAmgBB5kCxL4bycEa5ZCt2bucJxRjGXPTo23YenRTuvj15SjmQTyMoLsgALDUoZ9vIo1Afrk8t28bWiz4MmdcbigeBymAUUTR8slniyTZvoVUkZ0mVTHTCLNfxJBzXZLPXYfKge6KxCP51R0SRPBuALrRoqXK9OgUGB2gKWWlz0reS4tkngNpxakBO8hws0j6Znd0JB3s6uC5Svx5ZYqHohDjlSIu-kYFqgKTNK4ndksIjSJS7o07FSpE1BGRoXz3YvZ5lF8tnwKJr6ZM45XaMAyXynFZ_NxeWZNxGLnNrvze1q3pBsY7Wecs3ujNqhvEG_rIanRY8F72vz3tKIRUxBXU2J3DQgOpRs_Hj6c5XKkrYbexF5blcKVOB1NuxSO34MVoXXmWSQ8qxPxGwWtKvZBGyStudQBQ85KLRF5ONKKEDiZh5wVhzev8rQTVH1UI8EUJIk15I-13htp2WD8uDwLbgeGnx6ThdeM3Pi2dKBVwJiR5xQCTK7FEmxxDBgn490gCHH9aq4M5QoxryqRBUq36YCrWuFNHd67bzFu6A1yswFVNjnwGPyMAS4RMmTLtxdtc-_4qgJkBKFF1j2-1o36IB-ex_30wSGbprrNAAEcs6PnyP3fp6wR-Lwp3SCEx25N2ns5MN69aesVUeVcBD_xSHWA4G1L9rU1u02Nde6emJVFhlaFxbYthf5HXlMdhKlQn58kja3bzvjNMVz6EqgJyHdfPuLKSKE3LrIyvRJU89tjyBSpUlbZHi-pnJaLCzHF0Vrw3pw7bvKeNcd-H79YF49X9CI6OcoQv2uwULaTAxZW6miFghLWFcRAX-dXqdw4eLPkhr9_UlzAYPlHStJjH4Jx7XVzrpxiD9CMbU0zOv2jA8QGbaicLH14hx73dftaAtFP0BzVhkEZ70T-55qe_e-_C9-VQrauiN5VgsfrnuflQ4HkSdtDiDw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upgame.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers
game2.png
upgame.vip/public/images/ 		90 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upgame.vip/public/images/game2.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-93.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
039032d9db23056396182eef6ecb79d4d559dc89bd347aeb6974e8164399126f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upgame.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 02:34:07 GMT
via
1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront)
last-modified
Fri, 23 Feb 2024 10:03:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
etag
"162e733c288827d5b182552f343b3bb1"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
91931
x-amz-cf-id
kjSWgXiiE7U8HIB-NVLkC4N-JoG2a9qjiBa5rF-BJbzM6MyBpDB9ZQ==
game1.png
upgame.vip/public/images/ 		302 KB
303 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upgame.vip/public/images/game1.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-93.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ff6116e111763a5d45b077904feaa2bfbed4f811ed628d80d9afc8fd112135f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upgame.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 02:34:07 GMT
via
1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront)
last-modified
Fri, 23 Feb 2024 10:03:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
1
etag
"c90cbd3c61b10bffb0333d2ec81094a4"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
309143
x-amz-cf-id
Tac3wVaPLxr1z71OYMWeJcG-WyiRBDHd5xDG0DMd0xHmC3rZYM1_4g==

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| webpackChunksimple_page function| $ function| jQuery object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

0 Cookies

4 Console Messages

Source Level URL
Text
network error URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-8524688386487478&output=html&adk=1812271804&adf=3025194257&lmt=1708682569&plat=8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Fupgame.vip%2F&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710729245617&bpp=1&bdt=826&idt=133&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7468485006009&frm=20&pv=2&ga_vid=1253360313.1710729246&ga_sid=1710729246&ga_hid=1784162440&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795921%2C95327951%2C95327954%2C95322329%2C95325785%2C95326917&oid=2&pvsid=110042762195972&tmod=1328802661&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=142
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://bqj.headballfootballstar.com/simpleStat
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-8524688386487478&output=html&h=280&slotname=3170297041&adk=1283702675&adf=3023360660&pi=t.ma~as.3170297041&w=375&fwrn=4&fwrnh=100&lmt=1708682569&rafmt=1&format=375x280&url=https%3A%2F%2Fupgame.vip%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710729246481&bpp=2&bdt=1689&idt=2&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7468485006009&frm=20&pv=1&ga_vid=1253360313.1710729246&ga_sid=1710729246&ga_hid=1784162440&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=613&ady=85&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795921%2C95327951%2C95327954%2C95322329%2C95325785%2C95326917&oid=2&pvsid=110042762195972&tmod=1328802661&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=5
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-8524688386487478&output=html&h=280&slotname=3170297041&adk=1283702675&adf=2460039539&pi=t.ma~as.3170297041&w=375&fwrn=4&fwrnh=100&lmt=1708682569&rafmt=1&format=375x280&url=https%3A%2F%2Fupgame.vip%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710729246493&bpp=1&bdt=1702&idt=0&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C375x280&nras=1&correlator=7468485006009&frm=20&pv=1&ga_vid=1253360313.1710729246&ga_sid=1710729246&ga_hid=1784162440&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=613&ady=1116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795921%2C95327951%2C95327954%2C95322329%2C95325785%2C95326917&oid=2&pvsid=110042762195972&tmod=1328802661&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=3&uci=a!3&fsb=1&dtd=2
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bqj.headballfootballstar.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
upgame.vip
108.138.7.93
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
34.149.28.75
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
039032d9db23056396182eef6ecb79d4d559dc89bd347aeb6974e8164399126f
17f6745c42266aea3a29b737acae742c1bde5106cf4997ee695816419212206c
27b8cc1c471daf495549ab6c514d5e9f895ed028897c0dfefb6c6b27b7b4bf85
2fbd2a2c8d656592c18e332253935884e1ee19413790f6b3bc61cba7a1c60c41
3eedeb29056bc9f2401d039a0e790d128018603508056cefce9d3e5c7154a6d2
407a6fc24c11e1b36ffeb14e10b19b09c48ecbc011fba65d645d32a342ddf372
4fa760ec7f37e9d494f21f2868969886486ecca1b6319c436b13464a16648c89
5496a8f030f2badcb09bd604705e024708aaf4f268cfaa2b5979d2f12b76d935
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
818f169987df6d5326a987731707569cf28463027cb5b6fab6115c8f60a7f583
97c4619fd82ae41730afbed554e1372ba766ffdd0243df75d0f3a8ee34c1a09c
9ff6116e111763a5d45b077904feaa2bfbed4f811ed628d80d9afc8fd112135f
a8ae51b0a556e84a2f152743258a816dff8f186a2b491ae7a89cb26eaadaeb5e
aed0461503d8feb9b07b0b38de36eb6fecc4403c491493f1f639398c4c725bf2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4994eb3f3604f8cf99b68563388b14e264ff5f6080159ea4fd6ea70d84e905e